Ethical and Legal Issues

If your research involves personal data, human participants or materials, you will require ethical approval before any data collection can begin.

Research involving animals in scientific procedures is overseen by the University’s Animal Welfare and Ethical Review Body.

See the University’s Research ethics pages for contacts and guidance on applying for ethical approval.

Use the University’s Research Ethics Decision Tool for guidance to determine if ethics approval is needed for your study.

When handling data that contain personal information, data protection rules apply. 

See the University’s Data Protection pages and Data Protection Policy for more information. 

Data Protection has created some guidance videos on GDPR for you:

GDPR for Researchers – Introduction

GDPR for Researchers – Principles

GDPR for Researchers - Consent 

If you are working with large amounts of personal or special category data, or your project involves working with sensitive issues you should complete a Data Protection Impact Assessment (DPIA).

It is best practice to have your Data Management Plan (DMP) completed before the DMPIA. The DPIA will also need to be attached to your ethics application.

In the UK, researchers collect, archive, and process data because processing is necessary for archiving purposes in the public interest, for scientific or historical research purposes or statistical purposes in accordance with Article 89(1) of the UK GDPR.

Before collecting individual’s personal data, you need to ensure informed consent is obtained. Consent will also need to be obtained if you wish to share pseudonymised or easily identifiable data.

The University provides guidance on obtaining participant consent as well as template information sheets and consent forms.

Withdrawl of consent

Individuals have the right to withdraw their consent and data. However, because you are collecting the data under Article 89(1), see above, you do not have to give individuals this right forever. You can give individuals a date, after which, as the data is to be anonymised or pseudonymised it would be too difficult or detrimental to the research to remove.

The period of withdrawal should be clearly stated on the consent form otherwise you cannot deny the right of the individual to withdraw. As well, if it would be relatively easy to remove the data and you have processes in place for this purpose, you cannot deny the individual’s right to withdraw.

The University’s Intellectual Property Policy outlines ownership of data created in the course of research carried out at the University. In most cases, the University owns data generated by researchers unless specified by a research funder or other contract, such as in the case of collaborative projects with external organisations or when using third-party or secondary data.

The University encourages researchers to make their data openly available where possible so ownership should not prevent you depositing your data in a research repository. See the section on Sharing your research data.

Exceptions to making data openly available include possibilities for patenting or commercialisation. If your research produces Intellectual Property (IP) contact The Enterprise Team for guidance on patents, commercialisation, and non-disclosure agreements (NDA).

If you are using secondary data or sources, Copyright may be owned by a third-party. You need to understand the terms and conditions in which you can use and reuse the data.

Consider the licence terms or data sharing agreements that outline conditions of use and reuse. If a data sharing agreement is not in place, consider using one. Contact Research Contracts for support.

Text and data mining (TDM) allows you to make copies of any copyrighted material for the purposes of ‘computational analysis’.

To do this the research must be non-commercial in nature and the researcher must already have lawful access to the material, for instance through a licence. Research contracted by an outside company is unlikely to be non-commercial. The copyright owners are unable to restrict access for the purposes of TDM and any contractual terms limiting TDM are unenforceable.

It is reasonable for publishers to apply measures to maintain their network security or stability but such measures should not prevent the ability to perform TDM.

If the results of your text and data mining are simply facts they are not in turn covered by copyright. Even in cases where the outputs contain original material, it may still be possible to share them using other copyright exceptions (fair dealing or the quotation exception). The law requires sufficient acknowledgement of copied works and this should extend to databases used for TDM.

Further reading:

UK Copyright Law and the Text and Data Mining for non-commercial research 

Original social media content is personal data and is also copyrighted, either by the creator or the platform (depending on the specific Terms and Conditions). You will need to consider both data protection and Copyright when using social media as research data.

Data Protection

Social media content can be used as a data source for research purposes. However, the content is personal data as covered by UK data protection legislation. Social media posts may also include special category (sensitive) personal data in some cases. Therefore, the requirements of the GDPR must be met when using social media data in research.

Where possible and appropriate you must be transparent with individuals about how their data is being used in your research. If you are looking at relatively few accounts and/or analysing accounts on a regular basis then you should contact the creators to advise them of what you are doing.

However, there is only a requirement to inform individuals of how their data will be used if the effort is not disproportionate. If your cohort includes a significant number of accounts or users, then it is too time prohibitive to contact each of them and therefore your use of their data is exempt from this task.

If you are looking at dormant accounts, the effort to try and trace the creator could be too difficult.

Your lawful basis for using this data should be “public task” in order to meet Article 6 of the GDPR and “made public by the data subject” to meet Article 9. You should not need to contact individuals for consent to use their data for research.

You MUST NOT use your own personal social media account for research purposes but set up a special account that clearly states it is for research purposes. This allows original creators to block your account if they do not wish to be involved.

In all your communications about your research project you should clearly describe the processes you are going through to research/analyse the social media platforms you are researching.

Most platforms have their own Terms and Conditions and some have the facility for researchers to pay for access. In such instances you may have additional rights, but in all instances, you need to check what you can and cannot do.

For more information about data protection go to the University data protection website or email the Data Protection Officer at LegalServices@liverpool.ac.uk.

Copyright

All original social media content is subject to copyright.

Copyright law allows the use of protected material, without having to ask for permission, for the purposes of quotation, criticism and review. If your research is not about specific accounts/creators you may be able to quote posts, so long as you only take as much of the material that is fair to demonstrate your criticism, review, or quotation. Although you should also always be aware of the Terms and Conditions of the platforms you are researching.

If, however, you are researching specific accounts/creators for a period of time and wish to refer, quote, or sample, then the risk of infringing copyright increases as you will be using a greater proportion of a single account. Therefore, you need to contact the creators to ask for their permission to use their material.

Most platforms have their own Terms and Conditions and some have the facility for researchers to pay for access. In such instances you may have additional rights, but in all instances you need to check what you can and cannot do.

Further Reading:

UK Research Integrity Office ethics of social media research