This site aims to guide in the process of establishing and using ethical principles of research at the Department of informatics, Lund University School of Economics and Management (LUSEM). The information on the site concerns research within the social science of informatics, which is socio-technical in its nature. As a result, research ethics directly derived from medical research on humans and animals do not apply. The site is a compilation of information about different aspects of research ethics from other sources, which are mentioned in the text. The guidelines have been established by the research and research education committee (FoKom) at the department.

Research ethics builds on both legislation and rules of what is ethical research principles. The following text describes both general principles and research ethics based on legislation.

Contents:

• Research ethics: General principles
• Informed consent and information to research persons
• Privacy and confidentiality
• Research ethics built on legislation
• Deviations from good research practice: misconduct
• Privacy law
• Sensitive personal data
• Research data management
• Ethical review by the Swedish Ethical Review Authority

Research ethics: general principles

The general principles of what is good research ethics are mainly based on the Helsinki declaration (World Medical Association, 2013) and includes four basic pillars for ethical research:

• Information: The participants in a research project must achieve information about the research and why they are asked to participate.
• Consent: The participants should actively give consent to participation in the research. They have the right to cancel their participation at any time.
• Confidentiality: The privacy of the participants must be protected.
• Principles for use of the results from research: The results from a research project can only be used for the purposes originally stated in the research project plan. In particular, it cannot be used for commercial purposes.

Informed consent and information to research persons

Participation in a research project must be voluntary. The interviewee, respondents of a survey or the persons that are being observed (which are in this document labelled “research persons” according to the terminology of the Swedish Ethical Review Authority) shall be informed about the following aspects of the research project:

• What the project is about and why the research person should participate?
• How long will the participation take (for example expected length of interviews)?
• What does it mean to participate in the research project (for example being interviewed, observed or answering a survey questionnaire)?
• Possible consequences of participating in the project.
• What happens to the empirical data that the research person submits to the research project?
• How will the research person achieve information about the results of the research project?
• A clear and concise information about the voluntariness of participating in the project and the right to cancel the participation in the project at any time or at a specifical withdrawal date which is set by the researcher.
• Contact information to the responsible researcher of the project.

This information is generally conveyed to the participant using a participant information sheet (PIS). In connection to interviews and observations, a written consent form should be signed by the interviewee. In connection to survey questionnaires, the information (see the bullet points above) should be presented in the introduction to the questionnaire. To fill in the written questionnaire is regarded as equivalent to giving consent to participate in the study by the respondent.

The department expects every researcher to give a participant information sheet (PIS) and to obtain informed consent from the research persons. An example of a PIS and an informed consent form is presented here. Research participants might have different needs regarding the PIS and consent form. The director of PhD studies can give advice on tailoring the PIS to the needs of the research participants.

Privacy and confidentiality

It is essential to protect the privacy of interviewees and respondents. Means to do that is to provide either anonymity, confidentiality, or pseudonymity.

Confidentiality and anonymity are ethical practices designed to protect the privacy of human subjects while collecting, analysing, and reporting data. Confidentiality refers to separating or modifying any personal, identifying information provided by participants from the data. By contrast, anonymity refers to collecting data without obtaining any personal, identifying information. Typically, anonymity is the procedure followed in quantitative studies, and confidentiality is maintained in qualitative studies. (Coffelt, n.d.)

Pseudonymity means that the research person has a pseudonym which is tied to their identity. When research is presented, only the pseudonym of the research person is used.

Research ethics built on legislation

Deviations from good research practice: misconduct

The Act on Responsibility for Good Research Practice and the Examination of Research Misconduct (2019:504) applies as of 1 January 2020. The act prescribes that the researcher is responsible for compliance with good research practice in their research. The University has overarching responsibility for research being conducted in accordance with good research practice.

The act defines research misconduct as fabrication, falsification or plagiarism (FFP) that is committed intentionally or through gross negligence when planning, conducting or reporting research.

In the act, FFP is referred to as serious deviation from good research practice. Suspected serious deviation from good research practice (FFP) is to be investigated by a special national board. Other deviations from good research practice are to be handled by Lund University. (Lund University, 2023).

The use of generative artificial intelligence (AI) in reporting research can result in e.g., fabrication and falsification. Researchers should carefully follow the rules of use of generative AI, which are decided by each journal and conference.

Privacy law

When performing research in Sweden, the project must comply with Swedish privacy law (Sv. sekretesslagstiftningen). According to this law, certain information is confidential, for example trade secrets (Sv. affärshemligheter) and information about a person’s health status. The latter also falls into the category of sensitive personal data (see next section).

Sensitive personal data

The handling of personal data within the research project must comply with the General Data Protection Regulation (GDPR). If the research handles sensitive personal data, an ethical review must be performed by the Swedish Ethical Review Authority. Sensitive personal data includes:

• racial or ethnic origin
• political opinions
• religious or philosophical beliefs
• membership of a trade union
• health
• a person's sex life or sexual orientation
• genetic data
• biometric data that is being used to uniquely identify a person.

Also, the handling of data on criminal convictions and offenses requires an ethical review to be performed by the Swedish Ethical Review Authority.

Research data management

Guidelines for research data management is given on these web pages:

• Research Data Management: https://www.staff.lu.se/research-and-education/research-support/support-research-process/research-data-management
• Data storage: https://www.it.lu.se/it-tjanster/lagring/

Ethical review by the Swedish Ethical Review Authority

When is an ethical review by the Swedish Ethical Review Authority needed? The following text is a quotation from the Swedish Ethical Review Authority website, which describes what research needs an ethical review:

The first question to decide is whether what is planned constitutes research according to the definition of the term found in Section 2 of the Ethics Review Act [Sv. Etikprövningslagen], i.e., whether it is scientific experimental or theoretical work or scientific studies through observation, whether the work or studies are carried out to gather new knowledge, or if it involves development work on a scientific basis. If the project falls outside this, it is not covered by the law. But if it concerns research, ethical review of the research is required if it:

• includes the processing of sensitive personal data or personal data about violations of the law,

and or

• involves a physical intervention, on both the living and the deceased,
• takes place with a method that aims to affect a person physically or psychologically or that involves an obvious risk of harming the research subject or
• is performed on biological material from a living or deceased person and is traceable.

Note that according to the definition of research used by the Swedish Ethical Review Authority above, bachelor and master theses are not regarded as research.

The law only applies to research to be carried out in Sweden …[(Section 5)], but ethics review is also required when not all but parts of the research are to be carried out here. These parts can and must be examined by the authority, not the parts that must take place in another country. (The Swedish Ethical Review Authority).

Detailed instructions on how to apply for ethical review can be found on the web site of the Swedish Ethical Review Authority. The application must be submitted by a responsible researcher, which is a PhD in collaboration with the head of department.

- Christina Keller, 2023-09-04