WeChat/Skype ethical issues
Dear colleagues, My name is Loretta and I am a Senior Tutor at the University of Manchester. I am currently supervising a number of Chinese Master’s students for their dissertation projects. Most of them want to either go to China and conduct face-to-face interviews with Chinese research participants in China, or remain in the UK and conduct online interviews with the same sample using WeChat, Skype. The former is usually deemed medium-risk (i.e. related to research outside the EU/EEA, in countries with travel advisory, etc.) but with new data protection guidelines in the UK (GDPR and all), university ethics committee is now classifying audio/video data collected through these online mediums as medium-risk as well, even when the data is collected here in the UK. I am hoping that you can advise on how students might enhance data protection as they outline the main ethical issues with this aspect of their research design? Is it wishful thinking that there might be a way data collection through Skype/WeChat can be assessed to be low-risk? Many thanks. Best wishes, Loretta Anthony-Okeke
Loretta, This is one of the most interesting questions ever posed to the list. I had to get 8 years of human subjects approvals at three different universities at a time when the protocols for interviews, recordings, and transcripts were were well established, though transitioning to digital, which created issues not fully captured by the older protocols and sharing/storage capabilities that, like microcomputers in general, upended everything. When we began collecting social media data, it became clear over time that the standards for the protection of social media subjects had not permeated the offices responsible for review at the universities where our teams and the groups we supported were working. To be blunt: when social data emerged the personnel in the universities with the greatest role regulating its study often (seemingly for generational reasons) knew the least about the underlying technological, methodological, and legal affordances. As a result, we are still seeing, years later, massive ongoing daily violations of yet-to-be-established norms for the protection of social media subjects. It is emerging piecemeal, as with the handling of deleted Tweets, but not as a unified protocol that everyone recognizes and obeys. Office of Sponsored Research officers should propose a conference and the NSF/EU funding agencies should convene it on this precise topic. So back to your question. My view is that many technological approaches could be further developed and implemented to somewhat lower the risk to subjects in digital interviews, but the current nature of the surveillance technologies (commercial and governmental) may undermine all of them. For example, you can alter voices, avoid the use of video, mask identities, stay off of common platforms like Skype/WeChat, use more covert text-only channels, but some of these steps that enable greater protection for the subjects may also be red flags for the Office of Human Subjects or for the surveillance states/technologies that are a genuine threat to the subjects. My general sense is that while these are huge problems, we can do a better job as a community understanding competing factors. As Lawrence Lessig preciently wrote in 1999, the balance between law, norms, markets, and architecture was tilting then (and now) toward architecture. This paradigmatic view of the state of regulatory play remains the most important framework I know of for thinking about future regulation (balancing mechanisms) in this space. It may take five years to answer your question fully, but the journey is worth it. Like most hard things, this will take time and teamwork to move forward. ~Stu On Sat, May 4, 2019 at 5:45 AM Loretta Anthony-Okeke < loretta.okeke@manchester.ac.uk> wrote:
Dear colleagues,
My name is Loretta and I am a Senior Tutor at the University of Manchester. I am currently supervising a number of Chinese Master’s students for their dissertation projects. Most of them want to either go to China and conduct face-to-face interviews with Chinese research participants in China, or remain in the UK and conduct online interviews with the same sample using WeChat, Skype.
The former is usually deemed medium-risk (i.e. related to research outside the EU/EEA, in countries with travel advisory, etc.) but with new data protection guidelines in the UK (GDPR and all), university ethics committee is now classifying audio/video data collected through these online mediums as medium-risk as well, even when the data is collected here in the UK.
I am hoping that you can advise on how students might enhance data protection as they outline the main ethical issues with this aspect of their research design? Is it wishful thinking that there might be a way data collection through Skype/WeChat can be assessed to be low-risk?
Many thanks.
Best wishes,
Loretta Anthony-Okeke _______________________________________________ The Air-L@listserv.aoir.org mailing list is provided by the Association of Internet Researchers http://aoir.org Subscribe, change options or unsubscribe at: http://listserv.aoir.org/listinfo.cgi/air-l-aoir.org
Join the Association of Internet Researchers: http://www.aoir.org/
-- Dr. Stuart W. Shulman Founder and CEO, Texifter Cell: 413-992-8513 LinkedIn: http://www.linkedin.com/in/stuartwshulman
Many thanks Stu, for your interest in this. I think you are spot on about how problematic the ethics review process is now especially in this age of new forms of data On 4 May 2019, at 12:03 pm, Shulman, Stu <stu@texifter.com<mailto:stu@texifter.com>> wrote: Loretta, This is one of the most interesting questions ever posed to the list. I had to get 8 years of human subjects approvals at three different universities at a time when the protocols for interviews, recordings, and transcripts were were well established, though transitioning to digital, which created issues not fully captured by the older protocols and sharing/storage capabilities that, like microcomputers in general, upended everything. When we began collecting social media data, it became clear over time that the standards for the protection of social media subjects had not permeated the offices responsible for review at the universities where our teams and the groups we supported were working. To be blunt: when social data emerged the personnel in the universities with the greatest role regulating its study often (seemingly for generational reasons) knew the least about the underlying technological, methodological, and legal affordances. As a result, we are still seeing, years later, massive ongoing daily violations of yet-to-be-established norms for the protection of social media subjects. It is emerging piecemeal, as with the handling of deleted Tweets, but not as a unified protocol that everyone recognizes and obeys. Office of Sponsored Research officers should propose a conference and the NSF/EU funding agencies should convene it on this precise topic. So back to your question. My view is that many technological approaches could be further developed and implemented to somewhat lower the risk to subjects in digital interviews, but the current nature of the surveillance technologies (commercial and governmental) may undermine all of them. For example, you can alter voices, avoid the use of video, mask identities, stay off of common platforms like Skype/WeChat, use more covert text-only channels, but some of these steps that enable greater protection for the subjects may also be red flags for the Office of Human Subjects or for the surveillance states/technologies that are a genuine threat to the subjects. My general sense is that while these are huge problems, we can do a better job as a community understanding competing factors. As Lawrence Lessig preciently wrote in 1999, the balance between law, norms, markets, and architecture was tilting then (and now) toward architecture. This paradigmatic view of the state of regulatory play remains the most important framework I know of for thinking about future regulation (balancing mechanisms) in this space. It may take five years to answer your question fully, but the journey is worth it. Like most hard things, this will take time and teamwork to move forward. ~Stu On Sat, May 4, 2019 at 5:45 AM Loretta Anthony-Okeke <loretta.okeke@manchester.ac.uk<mailto:loretta.okeke@manchester.ac.uk>> wrote: Dear colleagues, My name is Loretta and I am a Senior Tutor at the University of Manchester. I am currently supervising a number of Chinese Master’s students for their dissertation projects. Most of them want to either go to China and conduct face-to-face interviews with Chinese research participants in China, or remain in the UK and conduct online interviews with the same sample using WeChat, Skype. The former is usually deemed medium-risk (i.e. related to research outside the EU/EEA, in countries with travel advisory, etc.) but with new data protection guidelines in the UK (GDPR and all), university ethics committee is now classifying audio/video data collected through these online mediums as medium-risk as well, even when the data is collected here in the UK. I am hoping that you can advise on how students might enhance data protection as they outline the main ethical issues with this aspect of their research design? Is it wishful thinking that there might be a way data collection through Skype/WeChat can be assessed to be low-risk? Many thanks. Best wishes, Loretta Anthony-Okeke _______________________________________________ The Air-L@listserv.aoir.org<mailto:Air-L@listserv.aoir.org> mailing list is provided by the Association of Internet Researchers http://aoir.org Subscribe, change options or unsubscribe at: http://listserv.aoir.org/listinfo.cgi/air-l-aoir.org Join the Association of Internet Researchers: http://www.aoir.org/ -- Dr. Stuart W. Shulman Founder and CEO, Texifter Cell: 413-992-8513 LinkedIn: http://www.linkedin.com/in/stuartwshulman
Hi Loretta, copy to Keith Douglas, Not an easy set of questions - but, like a good philosopher (and ethicist), let me respond to the question with some additional questions... (This is why the Athenians gave Socrates hemlock, but I'm willing to take a chance here ...) First of all, what are the primary research methods and aims? It has become a happy and useful commonplace to quote Annette Markham's mantra, ethics is method and method is ethics. Much to be said in its favor and endorsement - but minimally, in this case, these questions help sharpen the definition of what sorts of data are being collected, and thereby what the more precise ethical (and legal) risks may be. In particular, will it be required by the methods involved, especially in the write-up and dissemination stages of the projects, to use direct quotes or images from the interviews? If the answers head in the direction of yes, then that increases the need for informed consent from the interviewees. More broadly: you didn't mention the possibility of informed consent. But offhand, why can there not be an informed consent protocol for the interviewees in which they acknowledge the possible risks to their identity / privacy and personal data? And/or: is your university ethics committee more concerned about the security of the data itself, both during its collection (over WeChat/Skype) and/or once it's collected - e.g., a student recording interviews in China, such that the interview data itself has a medium risk of interception / leakage / ... ? In these directions: AoIRist Keith Douglas has contributed a fine overview on "IT Operational Security" that outlines steps that can be taken to improve the security of data and related research work. This will be included in the forthcoming Internet Research Ethics 3.0 documents that will be made available to AoIR members for comments and suggestions later on this summer. Briefly, a first move would be to be in touch with your university IT / security department to see if they can offer the expertise needed to enhance the security of the data collection procedures and storage (and destruction). A second move would be to avoid WeChat and Skype and use more secure channels instead. (While not wanting to put Keith on the spot - if you would like to review his list of suggestions in greater detail, with his permission, I'd be happy to send it along. I should point out that it has yet to be reviewed or commented on by the AoIR Ethics Working Group: this will start up in another couple of weeks or so and, I'm sure, will inspire additional suggestions and good ideas. But in the meantime, from my perspective, his list is an excellent starting point.) Stuart Schulman has properly commented that university ethics committees are often far behind in terms of understanding emerging technological possibilities and affordances, and thereby especially the finer-grained details of the ethics involved. But many of us - now after nearly 20 years of this kind of work - have found that on a good day, researchers are often successful in explaining to their review boards how their research designs meet (or more than meet) the ethical guidelines now widely available from AoIR, the Norwegian Ethical Committees (which have the particular utility of paying attention to the new GPDR), as well as, e.g., the recent UK / discipline-specific British Psychological Society (2017). Ethics Guidelines for Internet-mediated Research. INF206/04.2017. Leicester. www.bps.org.uk/publications/policy-and-guidelines/research-guidelines-policy-documents/researchguidelines-poli It requires considerably more time and effort on the side of the researchers to help inform their review boards in these ways - but again, many researchers over the years have found that doing so not only helps get their and their students' work "passed through" - but also leads to better research and subsequent dealings with the review boards down the road. Hope some of this is helpful - best of luck! - charles On 04/05/2019 11:45, Loretta Anthony-Okeke wrote:
Dear colleagues,
My name is Loretta and I am a Senior Tutor at the University of Manchester. I am currently supervising a number of Chinese Master’s students for their dissertation projects. Most of them want to either go to China and conduct face-to-face interviews with Chinese research participants in China, or remain in the UK and conduct online interviews with the same sample using WeChat, Skype.
The former is usually deemed medium-risk (i.e. related to research outside the EU/EEA, in countries with travel advisory, etc.) but with new data protection guidelines in the UK (GDPR and all), university ethics committee is now classifying audio/video data collected through these online mediums as medium-risk as well, even when the data is collected here in the UK.
I am hoping that you can advise on how students might enhance data protection as they outline the main ethical issues with this aspect of their research design? Is it wishful thinking that there might be a way data collection through Skype/WeChat can be assessed to be low-risk?
Many thanks.
Best wishes,
Loretta Anthony-Okeke _______________________________________________ The Air-L@listserv.aoir.org mailing list is provided by the Association of Internet Researchers http://aoir.org Subscribe, change options or unsubscribe at: http://listserv.aoir.org/listinfo.cgi/air-l-aoir.org
Join the Association of Internet Researchers: http://www.aoir.org/
-- Professor in Media Studies Department of Media and Communication University of Oslo <http://www.hf.uio.no/imk/english/people/aca/charlees/index.html> Postboks 1093 Blindern 0317 Oslo, Norway c.m.ess@media.uio.no
Thanks for your comments and suggestions, Charles. Much to consider. Agree a well-designed informed consent protocol is key Will have to see which of the more secure channels are not restricted in China and are acceptable to the ethics committee I have often seen this as more of the university taking some of these decisions more for legal reasons (can data be compromised in terms of storage and transfer?) rather than ethical ones. As an ‘ethicist’ myself ethical considerations I think are central to any research design I hope a bit of extra work on this by then won’t put my students off engaging in research and time is not on our side (they’re slowly losing the will to go on- a PhD this is not after all) In the meantime, I will follow up on your suggestions and look forward, with Keith’s kind permission, to reading some of his suggestions. Best, Loretta
On 4 May 2019, at 1:00 pm, Charles M. Ess <c.m.ess@media.uio.no> wrote:
Hi Loretta, copy to Keith Douglas,
Not an easy set of questions - but, like a good philosopher (and ethicist), let me respond to the question with some additional questions... (This is why the Athenians gave Socrates hemlock, but I'm willing to take a chance here ...)
First of all, what are the primary research methods and aims? It has become a happy and useful commonplace to quote Annette Markham's mantra, ethics is method and method is ethics. Much to be said in its favor and endorsement - but minimally, in this case, these questions help sharpen the definition of what sorts of data are being collected, and thereby what the more precise ethical (and legal) risks may be.
In particular, will it be required by the methods involved, especially in the write-up and dissemination stages of the projects, to use direct quotes or images from the interviews? If the answers head in the direction of yes, then that increases the need for informed consent from the interviewees.
More broadly: you didn't mention the possibility of informed consent. But offhand, why can there not be an informed consent protocol for the interviewees in which they acknowledge the possible risks to their identity / privacy and personal data?
And/or: is your university ethics committee more concerned about the security of the data itself, both during its collection (over WeChat/Skype) and/or once it's collected - e.g., a student recording interviews in China, such that the interview data itself has a medium risk of interception / leakage / ... ?
In these directions: AoIRist Keith Douglas has contributed a fine overview on "IT Operational Security" that outlines steps that can be taken to improve the security of data and related research work. This will be included in the forthcoming Internet Research Ethics 3.0 documents that will be made available to AoIR members for comments and suggestions later on this summer. Briefly, a first move would be to be in touch with your university IT / security department to see if they can offer the expertise needed to enhance the security of the data collection procedures and storage (and destruction). A second move would be to avoid WeChat and Skype and use more secure channels instead.
(While not wanting to put Keith on the spot - if you would like to review his list of suggestions in greater detail, with his permission, I'd be happy to send it along. I should point out that it has yet to be reviewed or commented on by the AoIR Ethics Working Group: this will start up in another couple of weeks or so and, I'm sure, will inspire additional suggestions and good ideas. But in the meantime, from my perspective, his list is an excellent starting point.)
Stuart Schulman has properly commented that university ethics committees are often far behind in terms of understanding emerging technological possibilities and affordances, and thereby especially the finer-grained details of the ethics involved. But many of us - now after nearly 20 years of this kind of work - have found that on a good day, researchers are often successful in explaining to their review boards how their research designs meet (or more than meet) the ethical guidelines now widely available from AoIR, the Norwegian Ethical Committees (which have the particular utility of paying attention to the new GPDR), as well as, e.g., the recent UK / discipline-specific British Psychological Society (2017). Ethics Guidelines for Internet-mediated Research. INF206/04.2017. Leicester. www.bps.org.uk/publications/policy-and-guidelines/research-guidelines-policy-documents/researchguidelines-poli
It requires considerably more time and effort on the side of the researchers to help inform their review boards in these ways - but again, many researchers over the years have found that doing so not only helps get their and their students' work "passed through" - but also leads to better research and subsequent dealings with the review boards down the road.
Hope some of this is helpful - best of luck! - charles
On 04/05/2019 11:45, Loretta Anthony-Okeke wrote: Dear colleagues, My name is Loretta and I am a Senior Tutor at the University of Manchester. I am currently supervising a number of Chinese Master’s students for their dissertation projects. Most of them want to either go to China and conduct face-to-face interviews with Chinese research participants in China, or remain in the UK and conduct online interviews with the same sample using WeChat, Skype. The former is usually deemed medium-risk (i.e. related to research outside the EU/EEA, in countries with travel advisory, etc.) but with new data protection guidelines in the UK (GDPR and all), university ethics committee is now classifying audio/video data collected through these online mediums as medium-risk as well, even when the data is collected here in the UK. I am hoping that you can advise on how students might enhance data protection as they outline the main ethical issues with this aspect of their research design? Is it wishful thinking that there might be a way data collection through Skype/WeChat can be assessed to be low-risk? Many thanks. Best wishes, Loretta Anthony-Okeke _______________________________________________ The Air-L@listserv.aoir.org mailing list is provided by the Association of Internet Researchers http://aoir.org Subscribe, change options or unsubscribe at: http://listserv.aoir.org/listinfo.cgi/air-l-aoir.org Join the Association of Internet Researchers: http://www.aoir.org/
-- Professor in Media Studies Department of Media and Communication University of Oslo <http://www.hf.uio.no/imk/english/people/aca/charlees/index.html>
Postboks 1093 Blindern 0317 Oslo, Norway c.m.ess@media.uio.no _______________________________________________ The Air-L@listserv.aoir.org mailing list is provided by the Association of Internet Researchers http://aoir.org Subscribe, change options or unsubscribe at: http://listserv.aoir.org/listinfo.cgi/air-l-aoir.org
Join the Association of Internet Researchers: http://www.aoir.org/
I'm not sure what the UK rules are, but in Norway, so long as we don't store any personally identifiable data electronically, we're generally fine. A voice recording, or an IP address on an online survey, is personally identifiable data. Handwritten notes, or a survey filled out on paper by hand without names entered are not. Which makes me wonder whether anyone has used dictation software during an interview (whether an online video interview or a face-to-face interview) in order to generate an on-the-fly written transcript - and NOT record the audio or video of the conversation? Presumably that would solve the data protection part/privacy part of research ethics, if it were possible to stay away from sensitive issues that would identify the person. I know a transcript loses some of the nuance of a recording, but alongside the interviewer's notes, it might be good enough. Is dictation software currently good enough for this? I would imagine that if this setup is technically possible, it allows interviews with no personal information being stored, and thus might be approved? It doesn't solve the question of online (or face-to-face) interviews with Chinese participants potentially being surveilled. Jill On 04/05/2019, 14:39, "Air-L on behalf of Loretta Anthony-Okeke" <air-l-bounces@listserv.aoir.org on behalf of loretta.okeke@manchester.ac.uk> wrote: Thanks for your comments and suggestions, Charles. Much to consider. Agree a well-designed informed consent protocol is key Will have to see which of the more secure channels are not restricted in China and are acceptable to the ethics committee I have often seen this as more of the university taking some of these decisions more for legal reasons (can data be compromised in terms of storage and transfer?) rather than ethical ones. As an ‘ethicist’ myself ethical considerations I think are central to any research design I hope a bit of extra work on this by then won’t put my students off engaging in research and time is not on our side (they’re slowly losing the will to go on- a PhD this is not after all) In the meantime, I will follow up on your suggestions and look forward, with Keith’s kind permission, to reading some of his suggestions. Best, Loretta > On 4 May 2019, at 1:00 pm, Charles M. Ess <c.m.ess@media.uio.no> wrote: > > Hi Loretta, copy to Keith Douglas, > > Not an easy set of questions - but, like a good philosopher (and ethicist), let me respond to the question with some additional questions... (This is why the Athenians gave Socrates hemlock, but I'm willing to take a chance here ...) > > First of all, what are the primary research methods and aims? It has become a happy and useful commonplace to quote Annette Markham's mantra, ethics is method and method is ethics. Much to be said in its favor and endorsement - but minimally, in this case, these questions help sharpen the definition of what sorts of data are being collected, and thereby what the more precise ethical (and legal) risks may be. > > In particular, will it be required by the methods involved, especially in the write-up and dissemination stages of the projects, to use direct quotes or images from the interviews? If the answers head in the direction of yes, then that increases the need for informed consent from the interviewees. > > More broadly: you didn't mention the possibility of informed consent. But offhand, why can there not be an informed consent protocol for the interviewees in which they acknowledge the possible risks to their identity / privacy and personal data? > > And/or: is your university ethics committee more concerned about the security of the data itself, both during its collection (over WeChat/Skype) and/or once it's collected - e.g., a student recording interviews in China, such that the interview data itself has a medium risk of interception / leakage / ... ? > > In these directions: AoIRist Keith Douglas has contributed a fine overview on "IT Operational Security" that outlines steps that can be taken to improve the security of data and related research work. This will be included in the forthcoming Internet Research Ethics 3.0 documents that will be made available to AoIR members for comments and suggestions later on this summer. Briefly, a first move would be to be in touch with your university IT / security department to see if they can offer the expertise needed to enhance the security of the data collection procedures and storage (and destruction). A second move would be to avoid WeChat and Skype and use more secure channels instead. > > (While not wanting to put Keith on the spot - if you would like to review his list of suggestions in greater detail, with his permission, I'd be happy to send it along. I should point out that it has yet to be reviewed or commented on by the AoIR Ethics Working Group: this will start up in another couple of weeks or so and, I'm sure, will inspire additional suggestions and good ideas. But in the meantime, from my perspective, his list is an excellent starting point.) > > Stuart Schulman has properly commented that university ethics committees are often far behind in terms of understanding emerging technological possibilities and affordances, and thereby especially the finer-grained details of the ethics involved. But many of us - now after nearly 20 years of this kind of work - have found that on a good day, researchers are often successful in explaining to their review boards how their research designs meet (or more than meet) the ethical guidelines now widely available from AoIR, the Norwegian Ethical Committees (which have the particular utility of paying attention to the new GPDR), as well as, e.g., the recent UK / discipline-specific > British Psychological Society (2017). Ethics Guidelines for Internet-mediated Research. > INF206/04.2017. Leicester. www.bps.org.uk/publications/policy-and-guidelines/research-guidelines-policy-documents/researchguidelines-poli > > It requires considerably more time and effort on the side of the researchers to help inform their review boards in these ways - but again, many researchers over the years have found that doing so not only helps get their and their students' work "passed through" - but also leads to better research and subsequent dealings with the review boards down the road. > > Hope some of this is helpful - best of luck! > - charles > > > >> On 04/05/2019 11:45, Loretta Anthony-Okeke wrote: >> Dear colleagues, >> My name is Loretta and I am a Senior Tutor at the University of Manchester. I am currently supervising a number of Chinese Master’s students for their dissertation projects. Most of them want to either go to China and conduct face-to-face interviews with Chinese research participants in China, or remain in the UK and conduct online interviews with the same sample using WeChat, Skype. >> The former is usually deemed medium-risk (i.e. related to research outside the EU/EEA, in countries with travel advisory, etc.) but with new data protection guidelines in the UK (GDPR and all), university ethics committee is now classifying audio/video data collected through these online mediums as medium-risk as well, even when the data is collected here in the UK. >> I am hoping that you can advise on how students might enhance data protection as they outline the main ethical issues with this aspect of their research design? Is it wishful thinking that there might be a way data collection through Skype/WeChat can be assessed to be low-risk? >> Many thanks. >> Best wishes, >> Loretta Anthony-Okeke >> _______________________________________________ >> The Air-L@listserv.aoir.org mailing list >> is provided by the Association of Internet Researchers http://aoir.org >> Subscribe, change options or unsubscribe at: http://listserv.aoir.org/listinfo.cgi/air-l-aoir.org >> Join the Association of Internet Researchers: >> http://www.aoir.org/ > > -- > Professor in Media Studies > Department of Media and Communication > University of Oslo > <http://www.hf.uio.no/imk/english/people/aca/charlees/index.html> > > Postboks 1093 > Blindern 0317 > Oslo, Norway > c.m.ess@media.uio.no > _______________________________________________ > The Air-L@listserv.aoir.org mailing list > is provided by the Association of Internet Researchers http://aoir.org > Subscribe, change options or unsubscribe at: http://listserv.aoir.org/listinfo.cgi/air-l-aoir.org > > Join the Association of Internet Researchers: > http://www.aoir.org/ _______________________________________________ The Air-L@listserv.aoir.org mailing list is provided by the Association of Internet Researchers http://aoir.org Subscribe, change options or unsubscribe at: http://listserv.aoir.org/listinfo.cgi/air-l-aoir.org Join the Association of Internet Researchers: http://www.aoir.org/
participants (4)
-
Charles M. Ess -
Jill Walker Rettberg -
Loretta Anthony-Okeke -
Shulman, Stu