Research Ethics Glossary

Anonymisation involves techniques that can be used to convert personal data into anonymised data. Anonymisation is increasingly challenging because of the potential for re-identification.

Personal data is any information that relates to an identified or identifiable living individual. Different pieces of information, which collected together can lead to the identification of a particular person, also constitute personal data.

Personal data that has been de-identified, encrypted or pseudonymised but can be used to re-identify a person remains personal data and falls within the scope of the GDPR.

Personal data that has been rendered anonymous in such a way that the individual is not or no longer identifiable is no longer considered personal data.

For data to be truly anonymised, the anonymisation must be irreversible.

For further reading, please visit the Website of the European Commission  What is personal data?

See also:  Art. 4 on the GDPR Website gdpr-info.eu

In using social media data in your research, consider attentively and responsibly the following ethics and data protection issues:

•  Are all available data also public? Is it fair to use them in research?
•  Are the conditions of free and voluntary informed consent met?
•  How do I  guarantee anonymity?
• How can I assess the risk of harm through tracing or exposing the social media user’s identity and profile?
• How can I mitigate the uncertainty that some users being studied are children or belong to other vulnerable groups? What are the safeguarding measures?

Source: EU Guidance  Ethics in Social Science and Humanities - 2021, p.10-11

Processing of personal datameans any operation (or set of operations) performed on personal data, either manually or by automatic means. This includes:  collection (digital audio recording, digital video caption, etc.), recording, organisation, structuring & storage (cloud, LAN or WAN servers), adaptation or alteration (merging sets, appification, etc.), retrieval & consultation, use, disclosure by transmission, dissemination or otherwise making available (share, exchange, transfer), alignment or combination, restriction, erasure or destruction.

See also: the following PDF Document: Horizon 2020 Programme - Guidance How to complete your ethics self-assessment

entails substituting personally identifiable information (such as an individual’s name) with a unique identifier that is not connected to their real-world identity, using techniques such as coding or hashing. However, if it is possible to re-identify the individual data subjects by reversing the pseudonymisation process, data protection obligations still apply. They cease to apply only when the data arefully and irreversibly anonymised.

For further reading please consult the PDF Document entitled:
Ethics and data protection (PDF)

Groups considered vulnerable because of their circumstances may include: children, refugees, irregular migrants, sex workers, people with cognitive impairments, dissidents, traumatised people at risk of re-traumatisation (e.g. people from conflict areas, victims of crime and/or violence); and people independent relationships with the researcher or the research team (e.g. students doing course work with researchers).

Source: EU Guidance Ethics in Social Science and Humanities (PDF)