Participant Identification Code
In order to observe the GDPR, experimental data is preferable saved anonymously. This poses a problem if the a participant to the experiment wishes to identify themselves. This could occur for instance because the participant wishes to revoke the data submitted to the experiment. If you want to make this possible you can follow the approved procedure below.
Procedure
- Make up an Experiment Secret (ES), this is some random string that you store with the experiment. Keep it secret for your participants.
- Store an anonymous Participant Number (PPN) with the data that is related to a certain participant. This participant number can for instance be the token that you use in Limesurvey. It must be unique to the participant and it must not contain information that you cannot give to the participant. It is ok if the PPN is just the participant serial number (1, 2, 3, ...)
- Calculate a Participant Identification Code for each participant. If you give the participant your contact information, the name of the experiment, the PPN and their PIC, they will be able to prove that they participated in your experiment and you can identify the data that they supplied. Especially if your PPN has a fixed length you can give them a concatenation of PPN and PIC. If for instance the PPN is 1234 and the PIC is A3D444 then you simple send them the following text:
Dear Participant,
Thank you for participating in my experiment 'The Role of Squares and Circles in modern Society'. Your data was stored anonymously. If you ever want to contact me about the data you supplied, please use the code 1234A3D444. I myself have no way of linking you to your data without this code.
Kind regards,
dr. Rudolph Everest Searcher
R.E.Searcher@socsci.ru.nl
Example
Try this calculator to make these checksums yourself.
Rationale
If you simply give the anonymous PPN to your participants, they can also identify themselves, but the PPN will have to be sufficiently long and random to make sure the participant cannot guess someone else's PPN as well. If you generate PPN the same way for every experiment, then anyone who knows how you do it for one experiment can do it for another and pretent to be a participant.
Technical Details
The PIC is the capitalized hexadecimal four character representation of the first two bytes of the SHA256 hash of the concatenation of the UTF-8 representation of the Experiment Secret and the Participant Identifier.