Ethical Risks of Using Public Secondary Data

Many researchers assume public secondary datasets are automatically “safe” because they did not collect the data themselves. Journal reviewers, ethics boards, and leading publishers now disagree. Ethical blind spots in secondary data use increasingly trigger desk rejections, major revision demands, compliance investigations, and reputational damage.

This guide explains the most overlooked ethical risks, why they matter, and how to build defensible, publication-ready governance around secondary data use.

Why Public Data Still Requires Ethical Governance

Public availability does not equal ethical permission. Major frameworks such as GDPR, OECD Data Governance Principles, UNESCO AI Ethics Recommendations, APA Ethics Code, and leading journals (Elsevier, Springer, Nature) explicitly require ethical handling even for public datasets. Researchers still hold accountability for privacy, fairness, security, and responsible interpretation.

Critical Ethical Risks Most Researchers Miss

1. Consent Does Not Automatically Transfer

Original participants may have consented to one purpose, but not:

New research topics
New audience or jurisdiction
Linking multiple datasets
Commercial or algorithmic reuse

This is especially important for sensitive populations, such as children, minority communities, healthcare data, criminal justice data, and marginalized groups. Ethical best practice requires verifying scope of original consent before reuse.

2. “De-Identified” ≠ “Non-Identifiable”

Anonymization sounds final. It is not. Re-identification risk rises when:

Rare traits, locations, or timestamps exist
Small sample cells allow identification
Cross-dataset linkage becomes possible
AI improves inference capabilities

Studies show re-identification can reach 87% accuracy when combining demographic markers (Sweeney, 2000; Narayanan & Shmatikov, 2008). Ethical research must include re-identification risk assessment, not blind trust.

3. Violating Data Use Agreements (DUAs) Without Realizing

DUAs are ethical contracts. Violations commonly occur when:

Researchers upload restricted data to AI tools or cloud drives
Teams share files casually
Cross-border data transfers break conditions
Derivative sharing exceeds permissions

Breaking DUAs risks paper retraction, legal action, and ethics investigation.

4. License and Privacy Law Conflicts

Open license does not override privacy law.
Public ≠ permissible.

GDPR, HIPAA, state privacy acts, and institutional data laws still apply. Ethical responsibility includes respecting both license requirements and privacy obligations simultaneously.

5. Algorithmic Harm and Group Privacy

Even when individuals are not identifiable, groups can be harmed. Models built using secondary data can:

Reinforce stereotypes
Enable discriminatory targeting
Stigmatize communities
Shape harmful policies

Group privacy and societal risk must be ethically evaluated.

6. Security Is Ethical Responsibility

Weak security is one of the most reported compliance failures in secondary data use. Risks include:

Weak passwords
Lack of encryption
Insecure storage
Informal collaboration practices

Security failures create legal, institutional, and ethical liability.

7. Reporting Gaps Reviewers Now Flag

Many papers fail review because they do not include:

Ethics statement for secondary data
Consent scope explanation
Licensing and DUA compliance note
Governance and storage procedures
Re-identification risk evaluation

Transparency strengthens credibility and acceptance.

Practical Best Practices

Conduct an Ethics & Governance Audit
Minimize data use to what is necessary
Avoid unnecessary linkage or enrichment
Secure encryption and controlled access
Include a clear ethics statement in publications
Document decision-making and risk assessments

At Research & Report Consulting, rapid Secondary Data Ethics & Governance Audits ensure your research remains publishable, compliant, and defensible.

References

European Union. (2016). General Data Protection Regulation (GDPR) Regulation (EU) 2016/679 of the European Parliament and of the Council. Official Journal of the European Union.

OECD. (2021). OECD recommendation on enhancing access to and sharing of data. Organisation for Economic Co-operation and Development.

UNESCO. (2021). Recommendation on the ethics of artificial intelligence. United Nations Educational, Scientific and Cultural Organization.

American Psychological Association. (2017). Ethical principles of psychologists and code of conduct. APA.

Sweeney, L. (2000). Simple demographics often identify people uniquely. Data Privacy Working Paper 2000-03. Harvard Data Privacy Lab.

Narayanan, A., & Shmatikov, V. (2008). Robust de-anonymization of large sparse datasets. IEEE Symposium on Security and Privacy.

Elsevier. (n.d.). Research data guidelines and publishing ethics. Elsevier Author Resources.
https://www.elsevier.com/authors/policies-and-guidelines/research-data

Springer Nature. (n.d.). Publishing ethics guidelines. Springer Nature Author Services.

Do you think journals should require formal ethics review for all public secondary data research? Share your thoughts.

Want research service from Research & Report experts? Please get in touch with us.

Leave a Comment Cancel reply

About Us

Research and Report is a premier research consulting firm specializing in academic mentoring, publication support, and data-driven research solutions. Our mission is to assist scholars, professionals, and organizations in achieving research excellence and impactful publications.

Useful Links

Contact Us

Copyright 2025 © researchandreport.org. All Rights Reserved.