A short introduction to data sharing ethics

Sharing your research data can be hugely beneficial to your career, as well as to the scholarly community and wider society. But before you do so, there are some important ethical considerations to remember.

Research involving human subjects

Sometimes research data involving people cannot be shared publicly due to the risk of violating privacy (see below). However, even highly sensitive information might be shared ethically and legally if you follow these steps.

More information about protection of human subjects may be provided via ethics committees in your location or subject area.

Ask for informed consent to share the data

Taylor & Francis endorses the recommendations of the International Committee of Medical Journal Editors (ICMJE), which emphasizes that patients and study participants have a right to privacy that should not be infringed without informed consent.

You should communicate openly with your participants to let them know exactly how their data will be used and shared both in the short and long term. If your correspondence is ignored, you mustn’t take this as inferred consent. Data sharing should always be consistent with the terms of consent signed by participants.

Publishing tips, direct to your inbox

Expert tips and guidance on getting published and maximizing the impact of your research. Register now for weekly insights direct to your inbox.

Please read our Editorial Policies, which include further details about obtaining informed consent to publish.

Protect identities by fully anonymizing the data

How to anonymize data

Take care to anonymize any data that may otherwise identify study participants. The UK Data Service best practice guide to managing and sharing data has lots of good advice about how to anonymize your data, including:

Remove anything that identifies the subject – this might include names, addresses, workplaces, occupations, or salaries.
Take out unnecessarily precise information – for example, you can replace peoples’ date of birth with their age.
Generalize where you can – for example, you can replace peoples’ specific area of expertise with more general definitions.
Use pseudonyms – you can use fictitious names that take the place of peoples’ real names.
Avoid listing the upper or lower ranges of variables – this will disguise outliers, such as salary range for example.

Pay special attention to relational data where relationships between variables in datasets could reveal identities and where geo-referenced data and spatial references may reveal location.

How to manage data anonymization

These 3 tips can help you manage the process of anonymizing your data.

Plan ahead
It helps if you consider your data anonymizing plans early on in the research process while you are in the process of collecting them – if you don’t, it might prove time consuming and costly.
Keep the original data separate and secure
It is essential to keep a copy of the original data for your own use and make a record of all the information that has been removed in the process of anonymization. Always store this information separately from the final anonymized data files and ensure that it is secure.
Be transparent about where you’ve anonymized data
When you remove content and replace it with generalized information, mark this in an obvious way. For example, show that you have edited interview text with brackets or use markup tags.

Control access to your data

We support the principle that research data should be as open as possible but as closed as necessary.

For sensitive data you may only want to make it available to third parties who have a legitimate reason and who you are certain will treat the data carefully.

In these instances, it is still possible to deposit your data in a repository but restrict access to it. This might mean that the files are private, but you can share access with others if certain requirements are met. You may also want to set different privacy settings for different components of your data. Some of the generalist repositories offering this type of functionality include Figshare, Zenodo, and OSF.

If you want more details about this, read our guide to data repositories.

Important: there are some cases that you should not share your data with third parties – read on to find out more about this.

Knowing when not to share data

There are some situations where it would not be legal or ethical to share information. These exceptions include:

When sharing data conflicts with a need to protect personal identities

If consent hasn’t been sought or if study participants have withheld their consent, data should not be shared unless they can be anonymized (see above). Strict data protection laws, such as the EU’s General Data Protection Regulation, also set out how personal information should (and shouldn’t) be collected, stored, and shared. You should always make sure that you abide by all relevant data legislation.

When you don’t have ownership of the data

If you don’t own the data you’ve used in your research, you shouldn’t publish them without the owner’s written permission. Preferably, the owner of the data should make it available themselves, which you can then cite: please see our guide to citing data.

Where data is commercially sensitive or protected by competition laws or market regulation

If your data has been generated while employed by or partnering with a commercial organization, you should seek permission before sharing it. In some instances, there may be commercial or legal reasons why data can’t be made widely available.

Where release of the data poses a security risk

Depending on your field of research, making some research available could pose risks either to individuals or to national security.

Sub judice (prohibited from public discussion)

You may not be able to share data which is under consideration in any legal actions.

Protection of threatened species

To support conservation activities, you may need to restrict geographical information about at-risk flora or fauna.

If you ever have any doubts about whether it would be right to share a particular dataset, your institution’s research ethics committee should be able to help.

Also, please note, that even if you decide it isn’t right to share your data publicly, you may be required to make them available to peer reviewers, to support validation of results in your journal article submission.

Taking down data

Sometimes you may need to remove data that you’ve published in a repository.

You might have data that can be held legally for a specific period before you must destroy it, or errors might be detected, to name just a couple of cases.

Data repositories have established practices for updating versions of data if you need to correct them, and for tagging metadata and landing pages for datasets that have been removed. Please check the website of your chosen repository for further information.