Research often involves sensitive data. Ranging from (pseudonymised) medical records to interviews with threatened or persecuted individuals.

During collection and usage, but also after use, we want to store these records securely: protected against unauthorised access from outside, but also within the organisation. Even against sysadmins and dataset access managers. Recent examples of data-breaches at Clinical Diagnostics and ODIDO stress the urge for more solid security and privacy measures.

To achieve this at new levels of privacy and security, University of Amsterdam is developing a new digital archive, using the open source PEP Repository software developed at Radboud University in Nijmegen. The PEP Repository software has been developed and in use since 2016 for several large longitudinal studies on sensitive data, and was designed for this purpose by a group of privacy experts, academic researchers and digital security experts with novel cryptographic privacy enhancing techniques (PETs).

During this presentation, Tim Fierens from UvA’s ICTS will discuss the challenges in implementing the digital archive in a responsible manner. Joep Bos-Coenraad, project leader and co-developer of the PEP Repository, will explain how the privacy-by-design approach enables what was previously ethically impossible.