Personal data protection for large scale public projects

I tried to get an answer to this over a year ago and thought I’d have another stab. I have a project that could be large scale. If I make it a private project then I would have to pre approve submitters which will be impractical. If I make it a public project, then all data can be seen by anybody who chooses to look. My problem is that I’d like the email address of the submitters for potential follow up. Under GDPR regulations, I have to inform the submitters when they join the project as to what personal data is collected and for what it purpose it will be used. I am unable to do this in a public project as the email addresses are visible to anyone. My original suggestion was to create a feature, perhaps at the form build level, that allows the project owner to determine what data is made available to the public. I don’t think GDPR is on the radar here as I just received an email from Epicollect to “Try our new Android app” and the email contained about 200 email addresses of other epicollect folks???

We are really sorry for the inconvenience, it will not happen again.
Please delete the email and ignore its content.

We are only trying to get some help from our community of users, If you are not interested, feel free to ignore any email from us.

Hi there. We are also interested in being able to decide which fields are public. Is there any intention to add this feature? Thanks

I’ve just discovered the ‘Hide’ option for columns in the Mapping Data tab. Given that columns can be hidden from download files, I would have thought it could also be applied to the data table and map?

To achieve what you are looking for, you will need to use a third-party visualisation tool.
Currently, we do not have any plans to add it to our platform, but we will add it to our to-do list. If there is a high number of requests, we might consider it.

1 Like

Thank you for your reply. Our issue isn’t about visualisation, but more about GDPR. We’d like to be able to contact users occasionally, but unless we make the project private, we can’t collect their email address without compromising user confidentiality. If a project has many users, it would be onerous to authorise each user to the project. This feature would be a great addition.

We have the same problem. We are planning a large citizen science project in which it is not feasible to register users but we still need to collect personal data: on the one hand, we have to give free access to the application to anyone on the other hand the data collected (at least the sensitive ones) must not be accessible to everyone.
This is a fairly common requirement for extensive data collection projects.
For public projects, it would be helpful to define, in the app’s design or in the mapping of the field, which confidential data are visible/accessible only to a small number of users and which are visible/accessible to everyone without restriction.

1 Like

This has been addressed here, which suggests this is not the best app to use for this use case:

Hi, you say this is not the best app to use, but this is a real shame as in virtually every other facet, Epicollect beats the pants off of anything out there. Being the OP on this, the original request I made was to explore the possibility of including into the Form Build, the ability for the project owner to ‘check a box’ that renders that part of the form only viewable by the project owner, and not to the public in general when viewing the public project on the website. In a ‘citizen science’ project that might have many thousands of submitters, it would be impractical to have to pre-authorise them all in a private project. By making the project public as things stand, whilst it removes the pre authorisation need of the submitters, because all data is viewable by anyone who chances on that project, this is in breach of GDPR law. If this could be included in a development update, it would be a game changer for Epicollect in encouraging large scale surveys, with the project owners being able to control their GDPR risk. TIA

We have the same issue. Epicollect is the best way of entering large amounts of data by many users in a variety of formats, that will hopefully last through time. And it’s a perfect basis to analyse the data.

However, we also need the contact info for people who are entered into the projects, but we don’t want the info to be visible by all. Only by the owner and the people entering the data.

Therefore we would be very interested in the development of such a feature. It would be a shame to have to abandon our current projects because of the lack of privacy. I think a large amount of projects are in this situation, namely participative science projects.

I’m personally very excited about what we could do with Epicollect so I hope you will consider working on this feature.

Hello, we would greatly appreciate it if you could provide us with an example of another platform where a similar feature is implemented. This would serve as a useful starting point for our consideration.

Our primary concern is with GDPR compliance. On Epicollect5, public projects do not require users to authenticate when using the mobile apps. Typically, on public projects, sensitive user details are avoided to prevent exposure to the general public, which aligns with your explanation.

However, a feature encouraging users to add personal details that will remain hidden from the public could potentially lead to issues when users decide to delete their Epicollect5 accounts. In such cases, all their personal data would be removed along with the account. The challenge arises when users do not authenticate, as it becomes impossible to track down the entries uploaded by those users. Consequently, we might be unable to delete any sensitive personal data associated with that user, which might have been added to a project.

One possible solution that we have considered is enforcing authentication for public projects as well. However, we are cautious about implementing this approach, as it could impact projects that aim to conduct anonymous data collection.

As a side note, we’d like to mention that authentication is enforced to add entries to a public project via the web. This measure primarily serves as protection against spam bots, malicious scripts and web crawlers.

@F_A @Gemzere @mappe_CPA