Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision		 Previous revision
dcc:pdpsol:dataminimization [2026/02/09 12:14] – added menu order giuliodcc:pdpsol:dataminimization [2026/03/03 14:18] (current) – text editing marlon
Line 1: Line 1:
 {{indexmenu_n>1}} {{indexmenu_n>1}}
 ====== Data Minimization ====== ====== Data Minimization ======
 +
 ===== Introduction ===== ===== Introduction =====
-Data minimization is one of the data protection principles that form the basis of the GDPR. It states that the processing of personal data should be “adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed” ([[https://gdpr.eu/article-5-how-to-process-personal-data/|GDPR art. 5 (1c)]]). Data minimization does not mean that you cannot collect personal data at all. If you can explain why you need these data for the current or specific future purposes you are allowed to collect these data.+Data minimization is one of the data protection principles that form the basis of the GDPR. It states that the processing of personal data should be //“adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed”// ([[https://gdpr.eu/article-5-how-to-process-personal-data/|GDPR art. 5 (1c)]]). Data minimization does not mean that you cannot collect personal data at all. If you can explain why you need these data for the current or specific future purposes you are allowed to collect these data.
  
 When designing your research, it is important to consider the personal data required to answer your research questions, as well as the level of detail needed and any data that may be collected automatically due to your chosen method. The data minimization practices introduced below will help you to implement data minimization in your own research. When designing your research, it is important to consider the personal data required to answer your research questions, as well as the level of detail needed and any data that may be collected automatically due to your chosen method. The data minimization practices introduced below will help you to implement data minimization in your own research.
Line 17: Line 18:
 ==== Take into account the effort of research participation ==== ==== Take into account the effort of research participation ====
 Although it is important to consider what personal data you need for your research, it is also important to be mindful of the effort and strain participation may place on data subjects. This means you should limit the collection of personal data to what you need for your research. However, you should also respect participants’ time and effort, and avoid designing studies that require participants to take part multiple times due to narrowly defined research questions. This is particularly important when working with vulnerable or hard-to-reach groups. In such cases, it is advisable to design studies that can address several relevant questions at once, thereby maximizing the value of participants’ contributions while minimizing their strain.  Although it is important to consider what personal data you need for your research, it is also important to be mindful of the effort and strain participation may place on data subjects. This means you should limit the collection of personal data to what you need for your research. However, you should also respect participants’ time and effort, and avoid designing studies that require participants to take part multiple times due to narrowly defined research questions. This is particularly important when working with vulnerable or hard-to-reach groups. In such cases, it is advisable to design studies that can address several relevant questions at once, thereby maximizing the value of participants’ contributions while minimizing their strain. 
 +
 +==== Use consistent file naming and version control ==== 
 +Organize your data consistently by using a file naming strategy and good folder structure. The [[https://dmeg.cessda.eu/Data-Management-Expert-Guide/2.-Organise-Document/File-naming-and-folder-structure|practical guidelines of CESSDA]] can guide you in designing your file naming and folder structure strategy, but at least keep in mind the following points:
 +  * Do not include contact information or other personal data in the naming of your files. 
 +  * Incorporate version numbers in file names. By adding version numbers to your file names, it allows you to easily access and delete different versions of files, over time. 
 +  * It is good practice to create a version control table to keep track of different versions. The version control table can include information on different version numbers, authors, notes, and when the file was last updated. The table can also include a summary of the differences between the current version and previous versions. The version control table can be an independent text file, or it can be included at the top of your document, scripts, or other files. See Table 2 for an example of a version control table. ([[https://zenodo.org/records/15576176|Research Data Management Guidebook for Students, p23, 2025]]) 
 +  * Refer to the DCC website for more information on [[https://www.rug.nl/digital-competence-centre/it-solutions/it-security/backup-versioning|version control]].
 +
 +**Table 2: Example of a version control table **
 +
 +----
 +{{:dcc:pdpsol:dataminimization:version_control.png?direct&600|}}
 +
 +
  
  
Line 28: Line 43:
  
 ===Contact information=== ===Contact information===
-Be aware that through online calendar invitations or online interviews personal data about data subjects might be visible to others. [[..:itsol:kaltura:gmeet|Enhance the security of your (online) interviews]] by setting appointments in ‘private’ mode, and share video call-links by email.+If you are inviting your participants via online calendar invitations or if you are conducting your interviews onlinepersonal data about your participants might be visible to others. [[..:itsol:kaltura:gmeet|Enhance the security of your (online) interviews]] by setting appointments in ‘private’ mode, and share video call-links by email.
  
 +=== Informed consent ===
 +Informed consent can reveal personal information about your participants. Minimize the amount of personal data on your consent form and plan to handle consent registration with care. Follow the practical guidelines on the DCC website about [[https://www.rug.nl/digital-competence-centre/privacy-and-data-protection/gdpr-research/informed-consent|informed consent]] to guide you in the process and keep in mind the data minimization tips below:
 + 
 +++++ Informed consent on paper |
 +If you are conducting interviews or experiments, it is common practice to ask for consent on paper. Make sure to follow the faculty and university guidelines with regard to the design of your consent form.
 +
 +When asking for consent, ensure you collect only the personal data that is necessary:
 +  * If your objective is to collect anonymous data, do not ask for names, and signatures and do not use pseudonymization IDs in consent forms.
 +  * If your objective is to collect (pseudonymized) personal data, do not ask for names, signatures on the consent form. Instead, use a pseudonymization ID in consent forms to prevent direct identification. Ensure this pseudonymization ID corresponds with name and/or contact details in a keyfile. At the relevant time in the project, remove the link between the consent form and the research data and the participant’s identity reported on the keyfile. For example, when you've started to analyze the data and the participants can no longer request their data to be removed (right to withdraw consent), as stated in the consent form. After the link between the pseudonymization ID and the identity of the participant have been removed, the consent forms can be considered anonymous.
 +
 +After you finish your research:
 +  * Scan paper consent forms;
 +  * Archive anonymous digitized consent forms with your research data;
 +  * Destroy the original paper forms (use UG paper containers for confidential materials or a shredder).
 +++++
 +
 +++++ Informed consent on audio |
 +If you are conducting interviews, it is sometimes necessary to ask consent during the interview itself. Make sure to follow the faculty and university guidelines with regard to the design of your consent procedure.
 +
 +  * Be aware that audio or video recordings of informed consent cannot be fully anonymized without altering their content;
 +  * Make sure the verbal consent recorded via audio or video is saved separately from your research data (e.g., experiment, interview, observation etc.);
 +  * Archive the consent files in a separate location (separate folder with different access rights) from your research data;
 +  * use an extra layer of protection, such as [[https://www.rug.nl/digital-competence-centre/it-solutions/it-security/data-encryption|encryption]].
 +
 +++++
 ===Metadata=== ===Metadata===
 Photo, video or audio files might contain a timestamp, date and depending on the equipment and settings also location. Check whether you can prevent the collection of these data or remove these metadata as soon as possible after collection. [[https://www.comparitech.com/blog/vpn-privacy/exif-metadata-privacy/|Comparitech]] shows an example of EXIF metadata stored with a photo, including the GPS coordinates where the photo was taken and a timestamp of when the photo was taken. These metadata, included in smartphones or digital cameras, can help catalogue photos (e.g. Google Timeline) but can also result in privacy risks in the context of research.  Photo, video or audio files might contain a timestamp, date and depending on the equipment and settings also location. Check whether you can prevent the collection of these data or remove these metadata as soon as possible after collection. [[https://www.comparitech.com/blog/vpn-privacy/exif-metadata-privacy/|Comparitech]] shows an example of EXIF metadata stored with a photo, including the GPS coordinates where the photo was taken and a timestamp of when the photo was taken. These metadata, included in smartphones or digital cameras, can help catalogue photos (e.g. Google Timeline) but can also result in privacy risks in the context of research. 
 +
 +----
  
 ==== Online survey or questionnaire research ==== ==== Online survey or questionnaire research ====
Line 39: Line 81:
 ===Contact information=== ===Contact information===
 Do not collect contact information if you do not plan to contact your participants after you collected the data (e.g. in case of recruitment via social media, posters or third parties). The [[https://www.rug.nl/digital-competence-centre/it-solutions/collect-and-annotate/qualtrics-surveys?lang=en|UG approved survey tool Qualtrics]] provides the option to use an [[https://www.qualtrics.com/support/survey-platform/distributions-module/web-distribution/anonymous-link/|anonymous link]] to prevent the collection of name and e-mail address of your participants.  Do not collect contact information if you do not plan to contact your participants after you collected the data (e.g. in case of recruitment via social media, posters or third parties). The [[https://www.rug.nl/digital-competence-centre/it-solutions/collect-and-annotate/qualtrics-surveys?lang=en|UG approved survey tool Qualtrics]] provides the option to use an [[https://www.qualtrics.com/support/survey-platform/distributions-module/web-distribution/anonymous-link/|anonymous link]] to prevent the collection of name and e-mail address of your participants. 
 +
 +=== Informed Consent ===
 +Informed consent can reveal personal information about your participants. Minimize the amount of personal data on your consent form and plan to handle consent registration with care. Follow the practical guidelines on the DCC website about [[https://www.rug.nl/digital-competence-centre/privacy-and-data-protection/gdpr-research/informed-consent|informed consent]] to guide you in the process, and keep in mind the data minimization tips below:
 +
 +++++ Informed consent via an online platform |
 +If you are conducting questionnaire research via an online platform (e.g., Qualtrics), you can ask consent via a question in the platform itself. Make sure to follow the faculty and university guidelines with regard to the design of your consent form. Participants’ progression to the next page can be considered as consent.
 +
 +When asking for consent, ensure you collect only the personal data that is necessary:
 +
 +  * If your objective is to collect anonymous or de-identified data, do not ask for names or other contact details for consent registration purposes.
 +  * If your objective is to collect identifiable or sensitive personal data, use a pseudonymization ID to prevent direct identification. At the relevant time in the project, remove the link between the consent and the participant’s identity reported in your keyfile. For example, when you've started to analyze the data and the participants can no longer request their data to be removed (right to withdraw consent), as stated in the consent form, or after you connected these data to other data (e.g. interview data).
 +++++
  
 ===Metadata=== ===Metadata===
 Online (survey) tools sometimes automatically register personal data, such as IP addresses. Check whether it is necessary and possible to turn off automatic data collection in your online data collection tool. Counterintuitively, when using an anonymous link, Qualtrics still automatically registers IP addresses, which can reveal someone’s location and identity. If you are not using these IP addresses for your research, make sure to enable [[https://www.qualtrics.com/support/survey-platform/survey-module/survey-options/survey-protection/#AnonymizingResponses|Anonymize Responses]] in the survey options as well.    Online (survey) tools sometimes automatically register personal data, such as IP addresses. Check whether it is necessary and possible to turn off automatic data collection in your online data collection tool. Counterintuitively, when using an anonymous link, Qualtrics still automatically registers IP addresses, which can reveal someone’s location and identity. If you are not using these IP addresses for your research, make sure to enable [[https://www.qualtrics.com/support/survey-platform/survey-module/survey-options/survey-protection/#AnonymizingResponses|Anonymize Responses]] in the survey options as well.   
 +
 +----
  
 ==== Social media data ==== ==== Social media data ====
Line 48: Line 104:
  
 ===Contact information=== ===Contact information===
-If you are [[https://www.rug.nl/digital-competence-centre/guides-faq/checklist-social-media-data.pdf|scraping or manually collecting data from social media platforms]], you might not directly collect contact information. However, posts are often accompanied by social media ID and post ID. This information is very easy to trace back to an individual. If you do not need this information for current or future research (e.g. connect to other datasets), delete these IDs from your dataset or consider pseudonymization.+If you are [[https://www.rug.nl/digital-competence-centre/guides-faq/checklist-social-media-data.pdf|scraping or manually collecting data from social media platforms]], you might not directly collect contact information. However, posts are often accompanied by social media ID and post ID. This information is easy to trace back to an individual. If you do not need this information for current or future research (e.g. connect to other datasets), delete these IDs from your dataset or consider pseudonymization.
  
 ===Metadata=== ===Metadata===