What we are learning in the CADRE project through our Content and Technical Working Groups is that the relationship between people and their affiliations is important for data custodians to make judgements about sensitive data access. Both Working Groups discussions have moved from discussing “safe people” to what a person’s involvement is with, role or membership of collective entities i.e., organisations and groups.
What can be understood in terms of governance, oversight and guidance of a person (a data requestor) is important. The discussion in the Content Working Group discussed two scenarios:
- The role of legislation, university policy and codes of conduct as instruments that govern organisational processes and people’s research activities and assist with tackling ethical dilemmas and determining appropriate approaches.
- The critical relationship between an academic as a supervisor of a student and the ethics guidance and training that occurs for the student through curriculum and in research activities.
In the Technical Working Group the group are looking at what information can be supplied that expresses this relationship between a person and a university. A person’s relationship(s) to an institution can be known via attributes supplied to the Australian Access Federation (AAF). In the core attributes for the AAF, the affiliation a person has to an organisation is expressed as values or free text:
- eduPersonAffiliation – more than one affiliation value can be applied
- eduPersonPrimaryAffiliation – one free text string can be entered
- eduPersonScopedAffiliation – more than one affiliation value can be applied
These are the affiliation values:
What is important to note is the function of the eduPersonScopedAffliation attribute:
“addresses the common case where a resource is provided on a site licence basis, and the only access requirement is that the user is a bona fide member of an organisation, or a specific school or faculty within it.”