When to switch off the recorder
Data protection is a cornerstone of ethical research, especially in ethnographic studies that involve collecting personal information. A key responsibility of researchers is ensuring participants’ privacy. This blog outlines the steps to process data safely.
Prioritizing participant safety, we sought approval from the Ethics and Data Committee at Leiden Law School before conducting fieldwork. Collaborating with the Law School’s data steward, we developed a comprehensive Data Management Plan (DMP), detailing protocols for data collection, processing, storage, and archival. We also created an information sheet and consent form to clearly communicate research objectives, participants’ rights, and privacy safeguards. Additionally, with guidance from the faculty’s data protection officer, we conducted a Data Protection Impact Assessment (DPIA) to identify and mitigate potential risks. The Ethics Committee approved our plan at the beginning of our project in 2021.
Data processing involves transcribing recorded interviews or digitizing notes in a way that preserves anonymity. A crucial first step is determining what information is necessary rather than recording everything. Our research focused on major life events such as birth and death, which required gathering details about legal status and religion. Legal status was relevant because migrants without formal residency might choose not to register life events. Religion mattered because Moroccan family law is religion-based (Islamic and Jewish law). However, if a participant shared politically sensitive information, I would stop recording or avoid noting it down.
To further ensure privacy, I never recorded real names in notebooks, transcripts, or summaries. I also destroyed handwritten notes as soon as possible, allocating at least five hours after an interview to digitize and encrypt the data using VeraCrypt. When processing data, I aggregated certain details—such as using age ranges (e.g., 25–30) or referring to a region rather than a specific city—to protect privacy.
Interestingly, some participants found my privacy precautions excessive. Over two years of fieldwork, I built trust with many respondents, some of whom offered to share photocopies of civil documents like passports or birth certificates. While a child's birth certificate was crucial to the research, I chose to take a single photo rather than duplicate multiple family documents, explaining my ethical concerns. One participant, after initially insisting, eventually accepted my decision with a shrug: "Ah well." Once I got home I removed the personal information from the photo and saved it in a VeraCrypt container.
Ultimately, researchers must make informed ethical choices. Even when participants willingly offer more information, we must balance trust with responsibility, ensuring their data remains protected.