Research Methods

Lecture 2
Getting started, resources, ethics and
legal issues

Topics

Selecting a problem
Reviewing the literature
Reading a journal article
Ethics working with adults
Ethics working with children
Legal issues of IT

Selecting a problem
Look at published research:
Gives you a good background
May suggest a hypothesis

Find a simple review of the subject

Identify an interesting area
Find a relevant text book
Narrow it down to a topic

Selecting a problem
Observe
You may hear of disagreements
You may notice gaps in knowledge
You may have an idea of a solution

Base ideas on practical problems

You will hear of these from many
sources
May get external support

Reviewing the literature

Literature review searching the
published studies on a topic
Begin with meta search facilities
such as Summon and Google
Scholar
Dont forget the expertise of the
librarians
Start with the journals peer review

Plagiarism
You will carry out a literature review
and as part of this give credit to
other people whose work you are
mentioning
To quote other peoples work without
referencing is regarded as cheating
or plagiarism this is a serious
offence and can lead to disciplinary
proceedings

Reading a journal article

Most journal articles will follow a
similar format this is a quick guide
to what to expect
Abstract
Introduction
Background or Literature Review
Method
Results
Discussion

Abstract
Brief description of the entire paper
a kind of executive summary
Between 150 and 250 words
Describes the problem under
investigation and the purpose of the
study and mentions the key findings

Introduction
Introduction to the problem
Sets the current work into the wider
context
Tries to get the readers interest to
continue reading
Tries to justify the importance of the
current work

Background/Literature Review
A review of the current state of the
art in the subject
A review of the key results that set
the context of the current work
Highlighting areas of disagreement
or gaps in knowledge which justify
the current work
The purpose and rationale for the
study

Method
Describes how the study was
conducted
Procedures implemented
Selection of participants
Choice of materials/software etc
Known limitations
Controls and/or precautions
Format of data to collect

Results
Summarise data and analysis used
Clear statement of variables
measured, controlled or eliminated
Presentation of results in a clear
style using graphs or charts if
appropriate
No explanation of the results at this
time

Discussion
Restatement of the intentions of the
study and the actual outcomes
Discussion of the findings from the
results with clarification of any
outstanding issues
Relationship with previous work
Criticism of the present study
Implications for future work

Ethics
All research carried out as part of
your MSc must get ethical approval
This is usually very straightforward
even in the case where you are
asking people to take part in your
research as participants
The only real problem occurs if you
want children as your participants

Ethical approval
You will submit a form asking for
ethical approval to the Ethics
Committee at the university
You submit the form at the same
time as your proposal document
You cannot proceed with your
project until you have received
approval

Ethical approval
We are mainly concerned that the
work that you carry out is safe and
that in the case of human
participants you are complying with
certain key requirements:
Informed consent
Voluntary and can withdraw
Confidentiality & anonymity
Minimise risk

Special case - children

It is possible to conduct a project that
requires children as participants but
we advise you that this is subject to
stringent controls:
Children are anyone under 18
Consent of parent/guardian
Location of research
Disclosure Scotland requirement

Legal Issues

Data Protection
Privacy
Freedom of Information
Internet issues
Computer misuse

Warning
The material covered here will only
be at a very superficial level
Please note that there are also
differences between English and
Scots law

Data Protection
The Data Protection Act 1984 and
1998 is concerned with the
information held about a person:
Its accuracy or completeness
Its unauthorised use
Its use by a person for an
unintended purpose

Data Protection
The act introduced 8 data protection
principles:
1.Personal data shall be processed
fairly and lawfully (usually requiring
consent)
2.Personal data shall be obtained
only for specific and lawful
purposes

Data Protection
3. Personal data shall be adequate,
relevant and not excessive in
relation to its purpose
4. Personal data shall be accurate
and kept up to date
5. Personal data shall not be kept for
longer than is necessary

Data Protection
6. Personal data shall be processed
in accordance with the rights of the
data subjects
7. The data controller must take
precautions against unauthorised
processing and data loss
8. Personal data must not be
transferred outside the EU without
an adequate level of protection

Rights of the individual

The Act confers certain rights:
A description of the data held
An explanation of why it is held
A description of who can access it
A statement of specific data held
A description of the source of the
data

Privacy
This concerns access to personal
communications by interception,
caching etc.
Recent concerns over the use of
modern means of communication
(blogs, texting, email etc.) led to a
new act in 2000

Regulation of Investigating
Powers Act 2000 (RIPA)
Grants certain agencies the power
to demand data and encryption
keys from employers, ISP etc.
Data can be obtained without
consent or knowledge
Agencies with these powers now
quite extensive (Local Authorities)

Freedom of Information Act

Concerns the right of access to
data held by public bodies
Personal data is covered by the
Data Protection Act
Data Protection and Freedom of
Information can often be in conflict

Freedom of Information Act

Right of access to information
subject to certain conditions and
exemptions
If an exemption applies it must be
explained
Access is enforceable by an
Information Tribunal

Freedom of Information Act

An obligation to publish the
information free of charge or at a
reasonable fee
Does not apply to the supply of
personal data (Data Protection)

Internet issues
With the use of the internet for
commerce and communication so
much of what we do now crosses
national boundaries
The ISP is often seen as the
mechanism for this communication
and is held responsible to a greater
or lesser extent

ISP EU position
In the EU the ISP can be seen to fit
into 1 of 3 roles which carry
different levels of responsibility:
Conduit merely a pipeline
Caching acts as a store
Hosting store and access
ISP in the US have better protection

Criminal Law
With the use of the internet it is
possible to obey the law in one
country while breaking it in another

Country A Home Country

Web site
contents legal

Country B
web site
contents
illegal

Criminal Law
Country A (where no law has been
broken) is unlikely to extradite a
person to Country B
The person concerned may be
advised never to visit Country B!
It is probably pointless trying to raise
an action in Country B unless the
perpetrator has a legal presence
there

Spam
These issues are highlighted particularly
in the case of spam
In Europe a spammer has to get your
permission to send you unsolicited
advertising
In the US you have to instruct the
spammer not to send it
Most spam therefore comes from the US

Computer Misuse Act 1990

This act introduced 3 new offences to
deal with hacking etc.
Unauthorised access to a computer
Unauthorised access with an intent to
commit a serious crime
Unauthorised access with an intent to
modify the contents

Computer Misuse Act 1990

For an offence to be committed the
computer and/or the offender has to
be in the UK
The unauthorised access must be
intentional
It makes no difference if no harm
was actually done

Computer Misuse Act 1990

Modification can include:
Spreading a virus
Encrypting files
Concealed redirection of home
pages
Implanting redirection schemes
(e.g. Premium rate diallers)

Computer Misuse Act 1990

The Act was reviewed in 2007 and an
offence of impairing access was
added (Denial of Service attacks)
This illustrates that regular updating
will be necessary one assumes.