Due to the COVID-19 pandemic, this research will largely be conducted online. This means that interviews and video diaries will need to be transferred online too. I have ensured that all data storage and transmission is compliant with GDPR regulations.
Below I will list my protocol for how I will keep data safe, and how I will protect the anonymity of my participants.
Interviews
As part of the interview the principal researcher(*) will record a statement of consent and this will be separated out from the audio and transcript to form a consent document. These files will be stored on an external hard drive which will be stored in the researcher’s workplace(**).
Phone interviews will be recorded via a digital recorder, which does not have internet capabilities. This recorder will be stored in a locked box in the researcher’s workplace until the data can be transferred to a secure university drive. Video or audio interviews held using Microsoft Teams will be recorded through the Teams app on the researcher’s laptop. The resultant files of these will be removed from the Teams app as soon as the data has been downloaded (immediately post-interview).
The data will be transferred directly to the university’s DataStore, a secure data drive which can only be accessed by the principal researcher and the research supervisors.
All interview data will be transcribed by the principal researcher. Transcripts will have names and locations anonymised. The anonymised transcripts will be stored on an encrypted university drive. The transcripts and the raw interview data will be accessible only to the principal researcher and the research supervisors (Fadhila Mazanderani and Ingrid Young).
Video Diaries
Video diaries will be recorded by participants using the app Signal. Signal is an end-to-end encrypted service, which allows participants to record and send videos within the app. These videos will not be stored locally on the participants’ devices. Signal allows for encryption auditing by distributing unique security codes for each exchange. Signal has a PIN protection option, which will be switched on on both the participants’ and the researcher’s devices.
Participants will use Signal to capture their videos and then send these to the principal researcher using the same app to a designated research phone. This phone will only be used for the sake of receiving messages via signal from participants. This device will not be connected to any cloud storage or sharing facilities. Videos will be saved to the device, transferred via USB-link to the university’s DataStore. Videos will be kept on the smartphone device until they have successfully been transcribed, then they will be deleted from the device and only kept within DataStore.
All videos will be transcribed by the principal researcher and anonymised in the same manner as interview data. Raw data will only be accessible to the principal researcher and the research supervisors.
Microsoft Teams
The University of Edinburgh has designated Microsoft Teams as a secure app to conduct and record interviews. The app can be accessed from laptops, tablets and smartphones. It has the capacity to have video calls as well as audio-only calls, using a stable internet connection. It is possible to have one of these calls with someone from outside of the UoE organisation.
Microsoft Teams allows for private spaces to be created where interviews can be recorded, and resultant recordings are stored securely.
Signal
Signal is an instant messaging app similar to other popular apps such as WhatsApp and Facebook Messenger. Signal’s main purpose within the instant messaging market is to provide a fully encrypted communication app. All messages within Signal are encrypted, with no third-party access to any of the data sent. Any data created within the app, such as photos, videos or voice recordings, are not stored locally on the device, but are kept fully encrypted within the app and are only accessible by the creator of that data and whomever they choose to send the data to. The data encryption of each exchange on Signal can be audited, if ever there was need to investigate security. Signal has the option for the app itself to be PIN protected.
(*) The principal researcher in this case is Sophie Buijsen.
(**) When referring to ‘my workplace’ I am currently referring to my home. As the situation with COVID-19 might change between the time of writing and the completion of my thesis, this might become my office space at the University of Edinburgh. At both places there is a secure locked place where no one else besides me has access.
sophiebuijsen.com 