Difference between revisions of "Participant Identification Code"

From TSG Doc
Jump to navigation Jump to search
m
Line 24: Line 24:
  
 
== Rationale ==
 
== Rationale ==
If you simply give the anonymous PPN to your participants, they can also identify themselves, but the PPN will have to be sufficiently long and random to make sure the participant cannot guess someone else's PPN as well. If you generate PPN the same way for every experiment, then anyone who knows how you do it for one experiment can do it for another and pretent to be a participant.
+
If you simply give the anonymous PPN to your participants, they can also identify themselves, but the PPN will have to be sufficiently long and random to make sure the participant cannot guess someone else's PPN as well. If you generate PPN the same way for every experiment, then anyone who knows how you do it for one experiment can do it for another and pretend to be a participant.
 
 
  
 
== Technical Details ==
 
== Technical Details ==
 
The PIC is the capitalized hexadecimal four character representation of the first two bytes of the SHA256 hash of the concatenation of the UTF-8 representation of the Experiment Secret and the Participant Number.
 
The PIC is the capitalized hexadecimal four character representation of the first two bytes of the SHA256 hash of the concatenation of the UTF-8 representation of the Experiment Secret and the Participant Number.

Revision as of 09:51, 24 April 2020

In order to observe the GDPR, experimental data is preferably saved anonymously. This poses a problem if a participant to the experiment wishes to identify themselves. This could occur for instance because the participant wishes to revoke the data submitted to the experiment. If you want to make this possible you can follow the approved procedure below.

Procedure

  • Make up an Experiment Secret (ES), this is some random string that you store with the experiment. Keep it secret from your participants.
  • Store an anonymous Participant Number (PPN) with the data that is related to a certain participant. This participant number can for instance be the token that you use in Limesurvey. It must be unique to the participant and it must not contain information that you cannot give to the participant. The participant number can contain letters. It is ok if the PPN is just the participant serial number (1, 2, 3, ...)
  • Calculate a Participant Identification Code (PIC) checksum for each participant. If you give the participant your contact information, the name of the experiment, the PPN and their PIC, they will be able to prove that they participated in your experiment and you can identify the data that they supplied. Especially if your PPN has a fixed length you can give them a concatenation of PPN and PIC. If for instance the PPN is 1234 and the PIC is A3D4 then you simple send them the following text:

Dear Participant,

Thank you for participating in my experiment 'The Role of Squares and Circles in modern Society'. Your data was stored anonymously. If you ever want to contact me about the data you supplied, please use the code 1234A3D4. I myself have no way of linking you to your data without this code.

Kind regards,

dr. Rudolph Everest Searcher

R.E.Searcher@socsci.ru.nl

Example

Try this calculator to make these checksums yourself.

If you install the cryptographic hash extension to Open Office/ Libre Office you can use this document to calculate PIC. You may have to enable macros for it to work.

Calculating Participant Identification Code in Libre Office

Rationale

If you simply give the anonymous PPN to your participants, they can also identify themselves, but the PPN will have to be sufficiently long and random to make sure the participant cannot guess someone else's PPN as well. If you generate PPN the same way for every experiment, then anyone who knows how you do it for one experiment can do it for another and pretend to be a participant.

Technical Details

The PIC is the capitalized hexadecimal four character representation of the first two bytes of the SHA256 hash of the concatenation of the UTF-8 representation of the Experiment Secret and the Participant Number.