Hi Chris,

I am intending to use otree and heroku for a study at my university and the IRB has concerns about data security. Do you have any information that I could provide to them about if the data collected is securely stored so that participants will not be connected to their data?


I also had posted another post that I accidentally ran out of registration keys. I am a new user and I accidentally deleted my app on heroku and I didn't realize that I wouldn't be able to do it again. Would I be able to get one more registration key?

Thanks!

@elizabeth_champlin asked:

> Do you have any information that I could provide to them about if the data collected is securely stored so that participants will not be connected to their data?

What do you mean by “participants will not be connected to their data”?

Isn’t this completely dependent on your experimental design?

What I mean is that if you plan to pay your participants, say, via PayPal, then you will, of course, have to ask them for the e-mail address that they use to log into PayPal. Hence, this personally identifiable information is connected to the collected behavioral data in the oTree database.

If, by contrast, the recruitment and payment of participants is handled by, for instance, Prolific, then all information that you necessarily have to share between Prolific and oTree is the Prolific ID. Hence, the behavioral data collected via oTree will be a pseudonymized data set. As soon as you remove the Prolific IDs and payments from your data set, even Prolific cannot match your participants to their database anymore, so you have an anonymised data set.

(Please note that this in itself does not ensure pseudonymization/anonymization. If you ask participants for — say — age, gender, field of study, and the university that they attend, then anyone with access to your data set may be able to identify individuals in your data set, because — say — there is only one 16-year-old female student of astrophysics who attended that particular university in 2025.)

Hi! Thank you for your reply! I should have worded this a little better. They are concerned about how likely it is that someone, other than the researcher, would be able to access the data. I am going to recruit through Mturk and like you said they would need to enter their worker ID. But the IRB is worried that the data collection will not be secure and wants to know details about how securely the data is stored. They are concerned about this due to the always present possibility that participants would be connected to their data. Hopefully that clears things up! Thanks!