Internet Research: Doing Virtual Research Virtuously



Similar documents
PRIVACY POLICY. I. Introduction. II. Information We Collect

How Your Current IT Security System Might Be Leaving You Exposed TAKEAWAYS CHALLENGES WHITE PAPER

Course: Information Security Management in e-governance. Day 1. Session 5: Securing Data and Operating systems

Vendor Assessment Worksheet:

Security Threat Risk Assessment: the final key piece of the PIA puzzle

Regain Your Privacy on the Internet

ChangeIt Privacy Policy - Canada

Data Security Considerations for Research

Privacy Policy MacID. Document last updated Sunday, 28 December 2014 Property of Kane Cheshire

Best Practices for PCI DSS V3.0 Network Security Compliance

Beyond the Hype: Advanced Persistent Threats

RezScore SM Privacy Policy

FIRST HOPE BANK BUSINESS ONLINE BANKING DIRECT CONNECT WITH QUICKBOOKS

Zubi Advertising Privacy Policy

Advanced Diagnostics Limited ( We ) are committed to protecting and respecting your privacy.

LOUISA MUSCATINE COMMUNITY SCHOOLS POLICY REGARDING APPROPRIATE USE OF COMPUTERS, COMPUTER NETWORK SYSTEMS, AND THE INTERNET

ONLINE SURVEY DESIGN & IMPLEMENTATION

Risks of Hosting Practice Data on the Cloud Vs. Locally

Chatzy Information. General. Invitations and access control

Tax and Accounting Document Delivery

PRIVACY POLICY. Your Personal Information will be processed by Whistle Sports in the United States.

Policy. Introduction to the use of technology in counselling. Client Suitability. Counsellor and Supervisor skills

Facebook s Emotional Contagion: Social Media Research

Security within a development lifecycle. Enhancing product security through development process improvement

CBHS HEALTH FUND LIMITED PRIVACY POLICY

What is Prospect Analytics?

Information & Asset Protection with SIEM and DLP

WHITE PAPER. A Practical Guide to Choosing the Right Clouds Option and Storage Service Levels.

Table of Contents. Auditor's Guide to Information Systems Auditing Richard E. Cascarino Copyright 2007, John Wiley & Sons, Inc.

City of Boston Department of Innovation and Technology Policy Title: Information Technology Resource Use Policy Effective Date: April 1, 2011

How To Collect Data From A Large Group

External Penetration Assessment and Database Access Review

Microsoft Dynamics CRM. Salesforce.com. 8 Reasons Microsoft is the Better Investment. versus

Privacy Rights Clearing House

Making the leap to the cloud: IS my data private and secure?

Visitors to our website The LCTHF website collects information about each visitor in several ways. These may include:

Advanced Online Threat Protection: Defending. Malware and Fraud. Andrew Bagnato Senior Systems Engineer

Privacy Policy. If you have questions or complaints regarding our Privacy Policy or practices, please see Contact Us. Introduction

Vyve Broadband Website Privacy Policy. What Information About Me Is Collected and Stored?

Background. Executive Summary

Selecting a Law Firm Cloud Provider: Questions to Ask and Ethical/Security Concerns

12 Security Camera System Best Practices - Cyber Safe

DRAFT National Rural Water Association Identity Theft Program Model September 22, 2008

Wellesley College Written Information Security Program

1.0 Scope. 2.0 Abbreviations. 3.0 Responsibilities

Directed Circuits Meet Today s Security Challenges in Enterprise Remote Monitoring. A White Paper from the Experts in Business-Critical Continuity TM

INTERNET, AND COMPUTER USE POLICY.

Encyclopedia of Information Assurance Suggested Titles: March 25, 2013 The following titles have not been contracted.

nwstor Storage Security Solution 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4.

1. Understanding Big Data

Copyright Telerad Tech RADSpa. HIPAA Compliance

How Microsoft is taking Privacy by Design to Work. Alan Chan National Technology Officer Microsoft Hong Kong 7 May 2015

AUD105-2nd Edition. Auditor s Guide to IT - 20 hours. Objectives

CS346: Advanced Databases

Sample Employee Network and Internet Usage and Monitoring Policy

N-CAP Users Guide Everything You Need to Know About Using the Internet! How Electronic Payment Works

Software and Cloud Security

CSIS Security Research and Intelligence Research paper: Threats when using Online Social Networks Date: 16/

Basics of Internet Security

Cloud Computing. What is Cloud Computing?

Whitepaper. What You Need to Know About Infrastructure as a Service (IaaS) Encryption

How To Protect Decd Information From Harm

MAXIMUM DATA SECURITY with ideals TM Virtual Data Room

Transcription:

Internet Research: Doing Virtual Research Virtuously Joe Konstan, University of Minnesota Dean Gallant, Harvard (and a special thanks to Scott Bradner) Summary It s not different from offline research Except where it is! Evaluation follows the same principles But may bring forward different questions

Dividing Up the Space Online Recruitment of Subjects Online Surveys Observing Online Behavior Experimenting in Online Environments Delivering Experiments Online and plenty more Online Recruitment A Researcher Proposes to: Conduct a study of Gay men seeking sex online, recruiting subjects via: Keyword-linked Google ads Advertisements on Gay sex sites Researchers entering Gay chat rooms to recruit subjects individually What are the issues here?

Recruitment Issues Is this the right subject pool? Risk of bias (lack of random sample) Consider alternatives to validate subject pool Minors or others who should be ineligible Appropriate informed consent Understanding how people read online What degree of risk? What degree of consent process? Risks of fraud Repeat subjects seeking multiple payments Risks of subject confidentiality What trail is left behind on subject s computer? Logs? Some Lessons from MINTS Men s Internet Study Internet-recruited Latino men who have sex with other men

Informed Consent Online Online reading different from print Jumping around, hypertextual Skimming, not reading Bullets, not sentences Nobody reads long consent forms Harder to read on screen Solution: Chunked consent with active consent statements Chunking Consent: How Internet consent differs from conventional Design considerations: Note common use large portions of white space to focus

Chunk 2: Chunk 3:

Links to more detailed page: Section 1: how we will treat the personal information provided

Section 2: Explaining a Certificate of Confidentiality and limits of confidentiality Chunk 6: Ways of asking questions prior to participation

MINTS-I Data Online Surveys A Researcher Proposes to: Conduct an online survey, of existing research subjects, through SurveyMonkey What are the concerns?

Online Survey Concerns Data integrity and security Can you trust SurveyMonkey site? Doesn t require secure link Many routes through which data can be obtained and/or changed What alternatives exist? Professional survey tools run by your IT group (e.g., limesurvey) Outsource surveying to reliable vendor who is experienced with research integrity But There s More! Survey design may raise ethical questions: Are there options to skip questions? Can these be invoked after an initial answer Potential coercion later in a paid survey And what other identifying information do you receive?

Observing Online Behavior A Researcher Proposes to: Study online social networks in FaceBook Joining Facebook networks and groups where possible Collecting data about what people make visible to those they haven t friended Issues To Consider Expectations of Privacy vs. Reality This is a tough one; research continues to show that users are surprised when information they make public is later used. A useful line: what is actually public behavior vs. behavior normally only seen by a limited group

Experimenting in Online Environments Researcher 1 wants to: Pose sets of questions in online Q&A sites, paying for answers when appropriate, and studying the answers Researcher 2 wants to: Repost old messages in online cancer support discussion groups, varying the rhetoric and observing the results Issues to Consider Is there any risk here at all? May depend on how much the research activity risks perturbing the group Small percentage, unnoticed, no risk High percentage, notices, possible risk Is there ever a need to inform subjects? Is this human subjects research at all?

Internet Delivery A researchers proposes to: Deliver an innovative HIV-prevention system online, logging user actions and behaviors. Risks to Consider How is the data protected? On the client end (monitoring, encryption, etc.) On the server end (OS protection from viruses, account access limitations, hacking, firewalls, and more) This is not something for the nonexpert to undertake: Involve IT experts at your university.

A Few General Rules Don t Over-React If it would be OK to do the research in a public park or mall, it s probably ok onlne Don t Under-Prepare If you d require a locked file cabinet then you need equivalent (and perhaps more extensive) computer guidelines. More General Rules Flexibility is Necessary Online consent, online payment mechanisms are very different from conventional The online environment changes very rapidly Make sure research teams have the needed expertise (co-pi, IT staff)

Some Useful Principles Anonymity has trade-offs against Inducements (payment trails) Data integrity Security that makes work too hard gets circumvented! There are significant cost/benefit trade-offs Q&A