Practical Examples
The following real-world example illustrates measures for securely handling research data in the field, particularly when working with vulnerable research participants.
Example: Excerpt from an Interview with Max Kramer on Secure Handling of Research Data (2023)
As audio file, only in German
Source: Excerpt from an Interview Röttger-Rössler with Max Kramer on Secure Handling of Research Data, 2023, licensed under CC BY-NC-ND 4.0
As transcript
Birgitt Röttger-Rössler: Given the political sensitivity of your research, particularly as Muslim minority groups frequently face hostilities from Hindu nationalists – as you mentioned – how do you handle this challenge? You’ve already touched on it, but could you elaborate on how you ensure the safety of your interview partners? And to what extent does this affect – or rather, influence – your approach to managing your research data?
Max Kramer: Yes, in all kinds of ways. For instance, when communicating in the field, we don’t use WhatsApp but Signal. While in the field, I set Signal to automatically delete messages after 30 minutes. I ensure that everything I record as raw data is securely captured, stored, and processed.
To record videos, photos, and audio files, I use a separate phone that has no SIM card and runs GrapheneOS, a secure operating system. On this phone, I also use encryption software, which I use every evening to encrypt all the files I recorded during the day. The phone has two separate user accounts, and it’s quite difficult to discover that a second account even exists. This means that if someone were to take my phone, they likely wouldn’t even find the second account, where most of my research data is securely encrypted. Even if someone did find it, decrypting a VeraCrypt file would be extremely difficult.
I also use a dedicated research laptop – an Ubuntu system – where I install only software that I fully understand and trust. I’ve blocked online access for most installed software in the system settings, preventing any background uploads to cloud storage. When I transcribe my interviews, I do so entirely offline, using a USB stick. Before transcription, I decrypt the files, transcribe them, and then re-encrypt them before storing or transferring anything online.
All of this concerns the collection, transportation, storage, and processing of my research data – especially transcription, which is the most sensitive part. My interviewees grant me access to operational knowledge that, while based on visible micro-level interactions, contains insights that must remain confidential. It’s crucial that this knowledge never falls into the wrong hands.