Ethics & Indigenous Data Sovereignty
Protecting Rights & Dignity
 

Data management is a technical exercise and an ethical one. How you handle data determines whether you are protecting the rights and dignity of your participants.

Ethical Guidelines for Research Data

In Canada, the Tri-Council Policy Statement (TCPS 2) governs research involving humans.

 
Consent

Your data management practices (sharing, storage, retention) must align with what participants agreed to in their consent forms.

Note: You cannot share data publicly if, for example, you promised total destruction of records, which is why planning ahead is vital.

Risk Levels

You should classify your data based on risk (e.g., Low, Medium, High) and apply appropriate safeguards regarding storage and access.

Low Risk
Publicly available data or completely anonymized data where no identification is possible.
Safeguard: Standard password protection.
Medium Risk
Data that may contain sensitive info, but harm is mitigated by de-identification (e.g., working files).
Safeguard: Encrypted devices, restricted access.
High Risk
Sensitive personal information (e.g., health data, SINs). Disclosure would cause significant harm.
Safeguard: Secure institutional servers, multi-factor authentication, rigorous encryption.
Extreme Risk
Data subject to strict legal constraints.
Consult UPEI Cybersafety and Ethics immediately.
 
 
 
Indigenous Data Sovereignty

Standard "Open Data" policies may not apply if your research involves Indigenous Peoples. Indigenous Data Sovereignty describes the fundamental rights of Indigenous Peoples to control, access, interpret, manage, and collectively own data about their communities.

This is supported by UNDRIP (United Nations Declaration on the Rights of Indigenous Peoples).

Article 31 (UNDRIP)

"Indigenous peoples have the right to maintain, control, protect and develop their cultural heritage, traditional knowledge and traditional cultural expressions... They also have the right to maintain, control, protect and develop their intellectual property over such cultural heritage."

Canadian Legislation

In 2021, the UNDRIP Act (SC 2021, c14) was passed, recognizing that all relations must be based on the inherent right to self-determination. Data sovereignty is fundamental to that self-government.

 
What counts as "Indigenous Data"?

The definition of data in this context is broad and includes:

1. Individuals (Demographics)
Administrative, health, employment, or education data about Indigenous individuals.
2. Collectives (Culture)
Traditions, cultural practices, language systems, and ancestral knowledges belonging to Nations.
3. Non-Human Relations (Environment)
Knowledge describing land management, geology, water, plants, and ecosystems within traditional territories.

Reference: Walter, M., et al. (2020). Indigenous Data Sovereignty and Policy. Routledge.

Key Frameworks to Follow

Unlike general research data which is often owned by the researcher or institution, Indigenous data requires stewardship based on specific principles.

OCAP®
First Nations

The standards to guide data governance for First Nations.

Ownership
Community owns data collectively.
Control
Community controls the research cycle.
Access
Community rights to access data.
Possession
Physical control/stewardship of data.
CARE
Global / General

Complementing the FAIR principles, CARE focuses on people and purpose.

Collective Benefit
Aligns with community needs/goals.
Authority to Control
Indigenous governance of data.
Responsibility
Accountability to community.
Ethics
Rights and wellbeing are central.
I & M
Inuit & Métis
Inuit
Guided by Inuit Qaujimajatuqangit (traditional & ecological knowledge) and the National Inuit Strategy on Research. 
View Strategy (ITK)
Métis
Adhere to Métis Data Principles, focusing on reciprocal relationships, cultural safety, and historical context.
Some content based on resources from Simon Fraser University Library.
English