As geographers, we often work with personal data, meaning that the European Union's General Data Protection Regulation (GDPR) can have a major impact upon our research. The GDPR is a set of legal requirements that serves to ensure the protection of personal data. In this paper, we reflect on our experiences of how the GDPR impacts upon the planning and conduct of (international) geographical research; and develop good data protection practices for geography. In so doing, we explore the Data Protection Impact Assessment (DPIA) as a method to explore data protection and privacy issues and discuss three relevant issues for geographers in relation to the GDPR: (1) informing research participants; (2) data management; and (3) international collaboration. Although it is time-consuming to make a project ‘GDPR proof’, the process helps researchers to thoroughly think through its privacy implications at an early stage. Thus, the GDPR does not make geographical research impossible, but rather contributes to making it more effective and fairer.
- Data Protection Impact Assessment (DPIA)
- General Data Protection Regulation (GDPR)
- International collaboration
- Participant rights