1.1 The Counter-Terrorism and Security Act 2015 places a duty on Universities to have “due regard to the need to prevent people from being drawn into terrorism”. This requires the University to have appropriate policies and procedures in place for projects which will utilise violent extremist materials, and to identify and address issues where such materials are accessed for non-legitimate purposes. This document sets out requirements relating to the use of such materials for research, in line with advice provided by Universities UK.
1.2 The University supports both its academic faculty and the student body in undertaking research utilising materials that may be considered ‘security-sensitive’ in this context, but takes seriously its responsibility to protect them from the potentially radicalising effects of viewing materials of this type and of misinterpretation of intent by authorities (which may result in legal sanction).
1.3 To ensure the University is able to protect its researchers it must be aware of and approve the research before it begins. Early notification is through the ethical review process; it is from this that the institution is able to ensure proper data governance and oversight.
2.1 In the context of this document the term ‘security-sensitive’ is used to designate:
Such materials include those produced by groups currently proscribed by the UK government as terrorist organisations, or by other groups which advocate the use of violence to achieve their aims.
2.2 Where researchers are unclear whether the sources utilised in their research fall within the scope of this legislation, they should in the first instance seek advice from their supervisor (in the case of students), or departmental ethics officer (in the case of staff), who may refer to the Deputy Lead Safeguarding Officer for advice where required.
3.1 Research or scholarship involving the access, collection and use of security-sensitive materials is subject to ethical review in line with the University’s Policy on Ethics in Research and Scholarship.
4.1 When accessing security sensitive material, researchers should be aware that there are circumstances where use (and further dissemination) of this material may be illegal (i.e. in breach of legislation), or unlawful (i.e. in breach of a website’s terms and conditions of use). Concerns that proposed use of material may contravene legal or contractual obligations should be referred to Legal Services for advice.
4.2 Researchers should be aware that websites containing security-sensitive materials may be under surveillance by the authorities and that accessing them and / or downloading related materials may lead to police enquiries.
4.3 Security sensitive research material should not be kept on personal computers, personal cloud storage, or in non-secure locations. The material should not be stored on One-drive due to the risk of accidental exposure outside the University.
4.4 Where there is a requirement to store security-sensitive material in electronic format, this should be stored in a dedicated secure folder, with controlled permissions, within University-provided file storage. When a requirement to store security-sensitive material is identified, once ethical approval has been obtained a request should be made to CIS to set up a suitable storage location for the researcher(s) involved in the project. This applies for taught students who need to store such material, as well as staff and research students. By using a designated secure file store (along with appropriate ethics approval), the researcher will ensure that, if required, the University can confirm that the materials within it are being used for legitimate purposes.
4.5 Researchers may be required to provide a list of the material within their secure file store and evidence of the permissions attached to it.
4.6 Security-sensitive material in hard copy should be stored in a secure location, or scanned and uploaded to the secure file store and the paper copy securely destroyed.
4.7 Materials within the file store must not be circulated to anyone outside the research project or transmitted by insecure means.
4.8 Secure file stores are intended primarily for source materials, and it is not expected that researchers store their own writing about security-sensitive material within this location, unless the latter is also identified as best kept out of circulation.
4.9 University IT facilities should be used when accessing any security-sensitive websites, thereby helping to ensure that access is flagged as being a legitimate part of research and ensuring that enquiries come to the institution in the first instance. Additional guidance on accessing online materials is available.
5.1 The University has a responsibility to consider the welfare of all staff and students, and to offer advice and support to researchers who may be adversely affected (emotionally or intellectually) by the research that they undertake. Individuals also have a responsibility to consider the potential impacts of their research (on themselves, or on those with whom they may share it), and should seek advice and support as needed. Any concerns should be raised as soon as possible.
5.2 In the case of student projects, in the first instance it is the project supervisor’s responsibility to consider the welfare of the students. Supervisors should share concerns with their line manager, or a responsible person in the relevant department or college in the first instance. Further information on support is available from the Student Support and Wellbeing Directorate.
5.3 In the case of staff projects, the Head of Department should share concerns with Human Resources in the first instance. Resources for support are available via the Health and Wellbeing Hub.
5.4 The University provides training on safeguarding from radicalisation, which can be accessed via Oracle Learning.
6.1 Any queries from legitimate bodies e.g. the police or security services should be directed to the University’s Deputy Lead Safeguarding Officer in the first instance, and Research & Innovation Services should be informed.
6.2 Where a member of staff requires further advice or support with a proposal related to security-sensitive research, they should contact their departmental ethics representative, who may escalate queries to Research & Innovation Services to direct as appropriate.
2 May 2023