Skip to content

Module 3: Balancing Benefits of Open Science and Real-Life Data Related Obligations and Restrictions

This page is currently under construction

The training curriculum is currently undergoing final revisions and quality checks. All materials will be released shortly. Until the official release, please refrain from using, distributing, or implementing any part of these resources.

Learning Objectives

  • Learning Objective 1 (LO1): Recognise the challenges in balancing the objectives of Open Science and the obligations and restrictions of real life and learn strategies to overcome them.

Total Module Duration

1 hour (without optional activity)

Learning Objective 1

LO1: Recognise the challenges in balancing the objectives of Open Science and the obligations and restrictions of real life and learn strategies to overcome them.

Learning Activities

  • Lecture with slides (20 mins): The lecture will focus on the different aspects to consider when considering the benefits of open science (Information security, dual use, archiving law, GDPR, and so on).
  • Discussion activity (40 mins): This activity will require some pre-reading on the part of the learners.The activity aims to let learners acquaint themselves with the resources in greater detail and have a discussion on the different aspects of real life obligations and restrictions, and strategies to overcome this.
    • The objective of this activity is to explore and understand the complexities institutions face in balancing the goals of Open Science with real-life data management obligations and restrictions.
    • Plan for group discussion:
      • Divide participants into small groups.
      • Assign each group a specific challenge and share thematic resources for support. This could be: information security (Resources 1, 2), dual use of data (Resources 3, 4), commercial and contractual regulations (Resources 5), archiving laws (Resources 6), GDPR (Resources 7, 8).
      • Ask each group to discuss how this challenge impacts the balance between Open Science objectives and real-life obligations.
      • Encourage groups to consider solutions or strategies to address these challenges.
    • The activity will be followed by a presentation from each group.
  • (Optional) Presentation by Expert (40 mins): Within an institution there are various experts (Ethical, legal, contract managers, for example). One such expert can be requested to come and share challenges specific to an institution (if feasible to organise).

Materials to Prepare

  • Slide presentation of real-life constraints on the use of data.
  • Preparing for the discussion activity.
  • Finding an expert to talk about data-related challenges in institutions.

Instructor Notes

Lecture:

  • Provide the learners an overview of the specific data-related obligations and restrictions including information security (see Resources 1, 2), dual use of data (Resources 3, 4), commercial and contractual regulations (Resource 5), archiving laws (Resource 6), GDPR (Resources 7, 8) and stakeholder interaction (Resource 9).
  • The material provided helps to describe the information security principles and practices, recognise the considerations related to dual use potential, identify contractual regulations relating to access and use of data, recognising existing archiving laws and GDPR regulation. Always remember to check national laws in force.
  • The video (Resource 9) gives an overview of the questions that the researcher can ask the data steward, including the above issues, and the related stakeholders, who might be of help.
  • Further content can be found in the GDPR and stakeholder collaboration sections of this curriculum.

Discussion Activity:

  • Assign the learners with pre-reading for this activity.
  • For the instructor, below are some tips on strategies how to overcome the challenges:
    • Data Anonymisation: Removing or masking personal identifiers to protect privacy while sharing data.
    • Access Controls: Implementing robust authentication and authorisation mechanisms to restrict access to sensitive data.
    • Compliance Frameworks: Adopting frameworks that align with regulatory requirements while promoting open access.
    • Data Governance: Establishing policies and procedures to manage data responsibly and ethically.
    • Education and Training: Providing training to researchers and staff on data privacy and security best practices.
    • Regular Audits: Conducting regular audits to ensure compliance with data protection laws.
    • Legal Expertise: Consulting with legal experts to navigate complex regulatory landscapes.

(Optional): Presentation by expert:

  • Visiting expert tells learners about the data-related challenges in institutions and discussion with questions. The expert would have lots of real life examples to share with learners and highlight the obligations and restrictions within their institutes.

Resources

Inputs for lecture:

Information security:

  1. What Is the CIA Triad and Why Is It Important? Fortinet, https://www.fortinet.com/resources/cyberglossary/cia-triad.
    A common model that forms the basis for the development of security systems.
  2. Information security in research. Tampere Universities.https://www.tuni.fi/en/it-services/handbook/information-security/information-security-work/information-security-research-0.
    How to integrate information security to all stages of the research life cycle.

Dual use:

  1. What Is Dual-Use Research of Concern? https://www.who.int/news-room/questions-and-answers/item/what-is-dual-use-research-of-concern.
  2. The Ethics and Risks of Dual Use Research. Responsible Research, https://vastuullinentiede.fi/en/planning/ethics-and-risks-dual-use-research.

Commercial and contractual regulations:

  1. Eu data act regulates business-to-business contracts relating to access and use of data. Inside Global Tech. https://www.insideglobaltech.com/2024/02/21/eu-data-act-regulates-business-to-business-contracts-relating-to-access-and-use-of-data/.

Archiving laws:

  1. What are relevant legislations in relation to data archiving? https://dag.cessda.eu/Chapter-1/9-What-are-relevant-legislations-in-relation-to-data-archiving.

GDPR:

  1. Your Europe. Data protection under GDPR. https://europa.eu/youreurope/business/dealing-with-customers/data-protection/data-protection-gdpr/index_en.htm.
  2. Scientific research and data protection. Office of the Data Protection Ombudsman. https://tietosuoja.fi/en/scientific-research-and-data-protection.

Stakeholders:

  1. Video: ELIXIR CONVERGE - The why of research data management. https://www.youtube.com/watch?v=S7HfUe1hWcg.
    An overview of what the data steward will instruct the researcher on throughout the data life cycle and who the relevant stakeholders are and security considerations.

Additional material as input for instructors for ideas/inspiration:

Archiving laws:

  1. Course: Essentials 4 Data Support. DANS. Section: V - LEGISLATION AND POLICY | Essentials 4 Data Support (English) - Public | DANS. https://danstraining.moodlecloud.com/course/section.php?id=86.

GDPR:

  1. Data Governance and GDPR: What You Need to Know in 2024. https://atlan.com/data-governance-and-gdpr/.
    Practical insights and best practices to align your data management practices with GDPR requirements (NOTE: a commercial site).