It's the Wild, Wild West: Lessons Learned From IRB Members' Risk Perceptions Toward Digital Research Data

Abstract

Digital technology that is prevalent in people's everyday lives, including smart home devices, mobile apps and social media, increasingly lack regulations for how the user data can be collected, used or disseminated. The CSCW and the larger computing community continue to evaluate and understand the potential negative impacts of research involving digital technologies. As more research involves digital data, Institutional Review Boards (IRBs) take on the difficult task of evaluating and determining risks--likelihood of potential harms--from digital research. Learning more about IRBs' role in concretizing harm and its likelihood will help us critically examine the current approach to regulating digital research, and has implications for how researchers can reflect on their own data practices. We interviewed 22 U.S.-based IRB members and found that, for the interviewees, "being digital" added a risk. Being digital meant increasing possibilities of confidentiality breach, unintended collection of sensitive information, and unauthorized data reuse. Concurrently, interviewees found it difficult to pinpoint the direct harms that come out of those risks. The ambiguous, messy, and situated contexts of digital research data did not fit neatly into current human subjects research protection protocols. We discuss potential solutions for understanding risks and harms of digital technology and implications for the responsibilities of the CSCW and the larger computing community in conducting digital research.