The second primary concern of most IRBs or RECs is to minimize the risks to potential research participation, assessing the trade-offs between those risks and the potential benefits that stem from the proposed research. A first consideration for many IRBs in assessing such risks is a preference for maintaining either participants’ anonymity or confidentiality. Anonymity indicates procedures for gathering data in a way that does not require the collection of any personally identifying information (PII). Unfortunately, for many of the applications of social network data, anonymity is often simply not viable because of the aim of linking relational information between research participants (Borgatti and Molina 2005). Alternatively, confidentiality describes the reporting of results in a way that does not reveal any PII, even though it is required and gathered to sustain that analysis. Data confidentiality requires the implementation of procedures for data storage, retrieval and analysis to ensure that PII is not revealed. While confidentiality is a much more viable standard for most social network research, it also requires additional layers of protection for social networks research than those developed for individual-level data.
As with any study’s confidentiality assurances, social network research generally follows the standard approach to de-couple any potentially PII from the rest of the data used in analyses (Klovdahl 2005). The capability for linking those types of data should be stored and encrypted separately from the data itself, and not attached to any shared data files. A well-publicized example illustrates the importance of not only maintaining any protections put in place, but also carefully considering what standards are actually necessary to maintain participants’ confidentiality.