Ethics for data protection
Ethical principles are applied throughout the research process, from design to execution and reporting. The rapid increase in the use and sharing of personal data made the right to privacy and data protection a pressing ethical concern. The General Data Protection Regulation (GDPR) was developed to protect the rights and freedoms of individuals when organizations process their personal data. If you are conducting research with people, it is, therefore, essential to design your research in accordance with the ethics standards in your field and to comply with the GDPR.
Privacy as a fundamental right
The right to privacy is a fundamental right recognized in the Universal Declaration of Human Rights (art. 12). It is important to realize that the right to privacy cannot be seen in isolation from its context and other fundamental rights and ethics frameworks. According to the GDPR (rec. 4), the right to data protection “must be considered in relation to its function in society and be balanced against other fundamental rights, in accordance with the principle of proportionality.”
This principle of proportionality is particularly relevant in the context of research. In most cases, fully complying with the GDPR - including exercising data subject rights - may make it impossible to achieve the research objectives. Recognizing the societal value of research and to prevent such obstacles from hindering scientific progress that could benefit society as a whole, the GDPR provides specific exemptions from certain data subject rights in the context of research (art. 89(1)), provided that appropriate safeguards are in place.
Ethics review as a safeguard for data protection
Ethics review serves as one of the key safeguards to assess whether the proposed use of personal data is justified and proportionate, while also ensuring that the rights, dignity, and well-being of the individuals involved are respected. This means that when researchers are processing personal data, ethics review and self-reflection play an important role and are mandatory for most research projects.
How to apply for an ethics review
How to apply for an ethics review
The DCC does not play a direct role in the ethics review of your research. For more information on how to apply for the ethics review of your research, please consult the ethics committee pages of your faculty. Be aware that faculty requirements might differ.
Codes and guidance documents
Codes and guidance documents
In preparation for your ethics assessment, you can look into codes and guidance documents - both domain-specific and general - drafted by Dutch and European bodies to guide researchers in conducting their research responsibly.
Rules & codes of conduct
Ethical guidelines for research
Where to find ethics support
Where to find ethics support
The main responsibility for reflecting on ethical conduct during a research project lies with the Principal Investigator (PI) in collaboration with junior researchers, such as PhD candidates or students. They can find support in this ethical reflection with different roles in the organization:
-
A data steward can review a data management plan, and ask questions to help researchers reflect on how they are going to manage their data responsibly throughout the whole data life cycle.
-
A privacy and security (P&S) coordinator can provide advice on how to best implement the principles of the GDPR, such as which legal ground to choose. They are also the contact point for setting up agreements with third parties.
-
An ethics review committee evaluates the full project proposal based on relevant ethics codes, such as the Nethics Code, and their expertise in the research field, including its methodologies and common ethical issues.
| Last modified: | 29 September 2025 4.06 p.m. |