Skip to main content Main Header
LLS logo

Research Data Management: Ethics and Intellectual Property

Ethics and Intellectual Property

ChecklistThe management and sharing of research data creates questions of data ownership, data protection and ethical approval.  It is advisable to address these questions before the project starts, and to make sure that all parties are in agreement.

This page provides an overview of the issues involved, and does not constitute legal advice.

Ethical Approval

All research projects involving human data or where research is classed as ‘sensitive’ must undergo an ethics review within the faculty. 

See: Research Requiring Ethical Approval

Data Protection

This section to be updated. 

For further information, contact: Paul Starkey, Information Governance Manager

Intellectual Property Rights (IPR)

Intellectual Property Rights (IPRs), eg. copyrights and/or database rights, are often created by everyday research activities.  They may affect the way you and others can use your research data.  The management of IPRs should be included in your data management plan.

It is important to clarify and manage IPR arising from your own primary data and/or to seek appropriate permissions to use third party secondary data.  This should be done at the start of your research.  Failure to do so might create practical and legal difficulties further down the line, and can affect:

  • the quality of your research;
  • your ability to use and disseminate the data;
  • your right to receive credit as the data creator; and
  • your right to exploit the data for profit.

For example, research data in which IPRs are unknown and/or which have multiple rights owners can create complexities in cleanly establishing how such data can be published, modified, shared or reproduced. These activities often require the express permission of all the data owners.

For further information, contact: DMU Legal Services or Stuart Hilton, Business Development Manager.

IPR and primary data

All research data created by researchers working at, or on behalf of, DMU are the property of the University, unless subject to a grant, contract or other legally binding agreement signed by the University that stipulates that these data belong to a third party (NB where legislative requirements apply, they take precedence over this.)

See: DMU Good Practice Guidelines on RDM

Where research is being carried out with other academic or commercial collaborators, there may be distinct intellectual property and ownership rights in any arising research data.  It is important that all collaborators are clear about who owns which data, and how it can be used and shared. Consortium agreements and legal contracts should be put in place to protect academics' interests.  Contact DMU Legal Services for help with this.

IPR and secondary data

If your research requires the use, collection or processing of secondary data from existing sources (e.g. a commercial database, posts to a social media site such as Twitter, data collected and made available by other researchers), then it is likely that you will not have any IPR in such data.

If you need to use the data of others then you will need suitable permission from the data owner.  Permission may be in the form of a licence or clear terms and conditions detailing what you are allowed (or not allowed) to do with the data.

Simple activities such as reproducing, making available to the public or creating derived versions of the data can be rights exclusive to the data owner for which their permission is required.

If you wish to use secondary data, consider as early as possible in your research what such use will entail, and ensure you have explicit permission from the data owner to perform the acts you intend. 

If such permission is not demonstrably granted through any data owner's terms and conditions or standard licence, it may be possible to negotiate with them for permission to use their data as you wish. Bear in mind that permissions from data owners may distinguish between non-commercial and commercial uses, and that there may be a cost to secure any such permissions.

Sensitive Research

Not to be confused with sensitive personal data, as defined by the Data Protection Act; data arising from sensitive research needs to be managed in accordance with DMU's Policy on Conducting Sensitive Research.

The definition of sensitive research encompasses a wide variety of research topics, but there are three broad research areas which would usually cause the research to be classified as ‘sensitive’:

  • Research into illegal activities, including the collection of source data, e.g. crime statistics; 
  • Research which requires access to web sites normally prohibited on university servers; including, but not limited to; pornography, or the sites of any of the organisations proscribed by the UK Government;
  • Research into extremism and radicalisation. 

Licensing your data

The most common way of giving permission for others to use your data is through a licence.

A licence in this context is a legal instrument for a rights holder to permit a second party to do things that would otherwise infringe on the rights held.

Only the rights holder (or someone with a right or licence to act on their behalf) can grant a licence; it is therefore imperative that the intellectual property rights (IPR) pertaining to the data are established before any licensing takes place.

It is the nature of a licence to expand rather than restrict what a licensee can do, some licences are presented within contracts, and contracts can place additional restrictions on the licensee and indeed the licensor.

For further information, including the different kinds of licence available, see the Digital Curation Centre's 'How to License Research Data'



The text on this page is informed by websites from the Universities of Cambridge and Reading and the UK Data Service.