Data donation

On this page: data donation, digital trace data, local processing, interactive consent
Date of last review: 2025-04-28

People leave all kinds of digital traces, for example on social media, smartphones, search engines, email, banks, energy providers, and online shops. Article 15 of the GDPR mandates that individuals have the right to request access to a copy of their personal data collected and stored on those digital platforms. The owners of those platforms will then make that digital trace data available through individual “Data Download Packages” (DDPs). These DDPs can contain a lot of personal information that may be too sensitive to share, but can also be of high value for scientific research purposes.

The data donation approach as developed by Boeschoten et al. (2020) allows researchers to automatically analyse the digital traces found in DDPs, while preserving the privacy of research participants. The workflow is as follows:

Visualisation of the workflow. The following steps take place at the participant's device: 1. Participant requests Data Download Package (DDP) at data controller, 2. Participant downloads DDP to own device, 3. Participant visits PORT website, 4. PORT extracts relevant features from the DDP locally. Step 5 takes place at the researcher's environment, where they perform analyses on the extracted features.

  1. Data subjects are recruited as respondents like in a regular research project.
  2. The researcher determines which DDPs are relevant for the research question and writes a script to extract the relevant information.
  3. Each data subject requests their DDPs with the selected providers and stores these locally on their own device.
  4. Stored DDPs are then locally processed with the software PORT to extract relevant research variables. PORT executes the script provided by the researcher and locally extracts the data from the DDP. PORT uses Pyodide technology to run in its own secure environment which is completely separated from the device. This environment is destroyed as soon as the browser page is closed.
  5. The data subject inspects the information resulting from the analysis and is asked to provide informed consent to share it with the researcher.
  6. If the data subject consents, the derived information is encrypted and sent to the researcher for further analysis.

When to use

The data donation approach can be used:

  • As an alternative or in addition to surveys to study human behaviour.
  • To analyse data that are too sensitive to transfer in raw form.
  • To allow data subjects a large degree of control over their (personal) data.
  • To access data that are representative of a population of interest, in contrast to, for example, data retrieved from APIs, which often pertain a non-random subset of a platform’s user group.
  • As a user-centric approach that is independent from platforms or data controllers: private companies cannot suddenly withdraw from a collaboration or restrict access to a dataset, because the data were not obtained directly through them. It is important, however, to review the Terms of Service of the platforms you use, to review if there are restrictions on data usage for scientific research.

Implications for research

  • DDPs may be large and contain different types of information. For both the analysis (writing the script) and the informed consent (informing data subjects specifically), it is important that you know which specific data are of interest.
  • The structure of DDPs varies by provider and by person, making it difficult to set up analysis scripts generically. Moreover, DDPs change over time. Analysis scripts should regularly be checked and updated (Boeschoten et al., 2021).
  • Analysis scripts are usually developed based on sample data. However, due to the sensitive content, DDP sample data are difficult to obtain. As sample data, you could use your own DDP, synthetic data (example), or already available open data (example).
  • It is important to make sure that data subjects understand what they are consenting to when presenting the results that will be shared with you (step 5). Do they understand the risks involved (if any)? We recommend talking to a privacy officer and/or testing this among data subjects before you start your Data Donation project.

Examples and resources

Utrecht University logo

Data Privacy Handbook

The information presented here is provided as is, with no guarantees of accuracy or completeness. For the most up-to-date information, please refer to your privacy officer, the university website or intranet. We cannot be held responsible for any negative consequences due to incorrect interpretation or use, and inconsistencies with policies/views of other institutions.

Privacy policy | Cite the Data Privacy Handbook