Privacy in Research: Asking the Right Questions

Education about privacy in research


Within universities much research is conducted. Furthermore, many classes are taught about how to do research. Since the introduction of the General Data Protection Regulation (GDPR, in Dutch: AVG) guarding the privacy of stakeholders has become a top priority. That is why we need reusable and accessible educational materials about privacy in research to be used in research-driven multi and interdisciplinary online and face-to-face education, as well as a practical and manageable approach that can connect with discussions and codes of conduct of responsible research.

In 2019 a Comenius Senior Teaching Fellowship was awarded to Esther Hoorn (ABJZ) for the project Privacy in Research: Asking the Right Questions. As part of that project the following items have been developed:

Online course

The online course Privacy in Research (with a total study load of 9 hours, although you can also choose to select only some parts) can be built into a regular on-campus course as self-study material as part of a blended learning approach. This course is accessible to all staff and students of the University of Groningen. You can find more information on the content and implementation of this course on the Online course page.


The 26-minute film follows a student as he goes through the privacy in research process and finds out how to properly deal with privacy in his research project.


Privacy cases in English and in Dutch were developed. Based on research practice, these are an addition to the online course materials. This way, the course materials became more realistic, specific and flexible, making them more attractive and easy for lecturers to implement them into their courses. What makes this educational material unique is the fact that it is constructed in a modular and interactive way. Real-life cases can be added to course materials, helping them to become more authentic and applicable during courses on research methodology. You can find them under Cases.

Role-playing game

A role-playing game that makes it possible to execute a Data Protection Impact Assessment (DPIA) when working on a research proposal. This multi-stakeholder assessment tool is a new instrument in European privacy law. It is a well-suited authentic and applicable way to promote active learning amongst students. You can find more information about on the Role-playing game page.

Aim of the project

The project aims to reach the following goals:

  1. Teach students how to ask the right questions about the privacy of stakeholders by helping them look at privacy issues from different perspectives (researcher, subject, legal expert, IT expert, etc.)

  2. Develop an approach for successfully designing, implementing and embedding responsible research methodology in multi/interdisciplinary research.

The project will run until the end of 2021, but beyond that the aim is to ensure that the online course, film, cases and Data Protection Impact Assessment approach will be used in all research methods curriculums across the university.

Best practice

The Privacy in Research project was commended as a best practice in promoting academic integrity by the Council of Europe.

Privacy in Research in use

CLARIN (Common Language Resources and Technology Infrastructure) used our materials to help them perform their own Data Protection Impact Assessment. Check it out how!