Skip to main navigationSkip to main content
The University of Southampton
Web Science Institute

Enabling Digital Fieldwork in Third Sector Organisations through Data Protection Research Exemptions


Aim: Our projects tests the research exemption of the General Data Protection Regulation (GDPR) in the context of studying third sector organisations (TSOs). This is crucial as TSOs increasingly rely on ICT and their activities and engagement with members and the wider public cannot be properly understood without an analysis of these processes. Yet, the data protection research exemptions introduced in the GDPR have sparked criticisms for their lack of clarity. Commentators agree that work is needed to better understand their domain and effects, in particular upon data subject rights. Our research hypothesis is that in order to be truly meaningful for those making data protection-related decisions on the ground, guidance about data subject rights needs to be context-specific. 

Objectives: We will test the GDPR research exemptions in context and develop legal guidelines for studying the use of ICT for TSO-internal communications which we will discuss with practitioners who are working in and for TSOs. The guidelines will be developed based on a scoping study, which will include a critical assessment of the GDPR research exemptions. We will adopt an interdisciplinary methodology creating a common terminology and combining different sources: TSO literature and literature on data protection compliance and existing guidance to understand what the research practices are and test the remit of the GDPR research exemptions. We will therefore tackle the following questions: 1) What methods have been used to study ICT communications in TSOs? 2) To what extent and how have empirical studies of ICT communications in TSOs addressed data protection compliance related issues? 3) How to interpret the research exemption contained in the GDPR and how to combine them with the legislation on ePrivacy for research on ICT communications in TSOs?  4) How to construct meaningful data protection compliance guidance for researchers studying ICT use in TSOs?


Principal Investigator: Dr Silke Roth

Co Investigator: Professor Sophie Stalla-Bourdillon

Privacy Settings