It is said that the biggest lie on the internet is “I have read and understood the terms and conditions”. Can you honestly say that when presented with terms online, you read them carefully and make sure you agree before signing up to that new site or service? If not, you’re not alone! A recent study asked people to open an account on a fake website and 98% of participants agreed to the terms and conditions, barely scanning them: they signed over their first-born to the company (being given until 2050 to produce a child to hand over) and all of their personal information to the NSA. This is worrying, but probably unsurprising if we take an honest look at our own behaviour. Indeed, a test back in 2014 showed that people would equally hand over their first-born or most beloved pet for free wifi, so things don’t seem to be changing.
Now, I’m not going to propose a solution to impenetrable terms and conditions, or pass judgment on those who skim them as I’ll admit to being guilty myself at times (but I love my cat so much that I promise to check in future). But what does this have to do with research data management? Well, I’m often asked about various cloud services when it comes to data storage, and one check that I recommend is to read the terms, in order to decide if such storage is appropriate for your project.
What rights are you giving away? One reason to check terms is to know if you are giving away rights to access and publish your data. For example, if you store work on Google Drive or send anything by gmail, the Google terms highlight that you are granting Google (and partners) “a worldwide license to use, host, store, reproduce, modify, create derivative works (…), communicate, publish, publicly perform, publicly display and distribute such content”. This is for the purpose of promoting and developing their services, so does limit reuse to an extent, but it may still be inadvisable for your work. Furthermore, Google’s “automated systems analyze your content (including emails)…as the content is sent, received, and when it is stored”. If you are collecting data from human participants or your work is confidential or sensitive in any way, it must not be shared with Google like this (not to mention the UK’s Data Protection Act requirement for personal data to be held within the European Economic Area – if the terms don’t guarantee the storage location, it could be illegal).
What is security like? Another reason is for security: is your data safe and guaranteed to be restored to you? The iCloud terms include a section on backup stating that: “Apple shall use reasonable skill and due care in providing the Service, but, to the greatest extent permissible by applicable law, Apple does not guarantee or warrant that any content you may store or access through the service will not be subject to inadvertent damage, corruption, loss, or removal in accordance with the terms of this agreement, and Apple shall not be responsible should such damage, corruption, loss, or removal occur. It is your responsibility to maintain appropriate alternate backup of your information and data.” So you should never be using iCloud as the sole location for your data.
So what’s the answer? As a general principle, a free storage solution will want to provide a good service but should disasters happen, they understandably won’t have your data availability as their key priority. This is why we always advise researchers to use institutional network storage. Cranfield understands the importance of the safe storage of your data and should anything happen, restoring your access to that data will be an utmost priority. IT Services also guarantee its storage geographically within the UK and take on responsibility for nightly backups, to put your mind at ease. Cloud services may be practical and appropriate in some aspects of your life, but when it comes to research data, you are probably better using the institutional provisions we make for you.
CC-BY-NC-SA 2.0 image by mnwatts on Flickr