Research ethics is the set of moral principles and professional standards that govern how you plan, conduct and report a study so that participants are protected, data are handled responsibly and findings are honest. In practice it means obtaining informed consent, keeping participation voluntary, protecting confidentiality, avoiding harm and never fabricating, falsifying or plagiarising. Apply it the moment you design your project — not after you have collected the data.
For any dissertation that involves people, their data or their words, research ethics is not optional box-ticking: it is a condition of approval, a marker of academic integrity and, increasingly, a legal duty under UK GDPR and the Data Protection Act 2018. This guide explains the core principles, the ethics approval process, special considerations for sensitive contexts, and the data-protection rules you must follow — with a master table and a worked student checklist you can lift straight into your project.
What research ethics is and why it matters
Research ethics is the framework of principles, rules and review processes that ensures research is conducted with honesty, respect and care for everyone affected by it. It protects three things at once: the participants (their welfare, dignity, privacy and autonomy), the integrity of the knowledge you produce (so that findings can be trusted and built upon), and the reputation of you and your institution. A study can be methodologically flawless and still be unacceptable if it harms people, deceives them without justification, or misrepresents its results.
The modern emphasis on research ethics grew directly out of historical abuses — the Nuremberg Code (1947) followed unethical wartime experimentation, and the Belmont Report (1979) distilled three enduring principles that still underpin most ethics frameworks today: respect for persons (autonomy and informed consent), beneficence (maximise benefit, minimise harm), and justice (fair distribution of the burdens and benefits of research). UK students will typically work within their university’s research ethics policy plus discipline-specific codes such as the British Psychological Society (BPS) Code of Human Research Ethics, the ESRC Framework for Research Ethics, or NHS Health Research Authority guidance for clinical work.
“Respect for the autonomy and dignity of persons… Scientific integrity… Social responsibility… Maximising benefit and minimising harm.” (Source: British Psychological Society, Code of Human Research Ethics, 2021)
The core principles of research ethics
Most ethics codes converge on the same cluster of principles. Understand each one as something you actively do, not merely something you promise on a form.
1. Informed consent
Participants must agree to take part on the basis of full, clear and honest information — what the study is about, what they will be asked to do, how long it will take, any risks or discomfort, how their data will be used, and that they can stop at any time. Consent must be informed (they understand it), specific (to this study), freely given (no coercion) and usually documented (a signed consent form, or a recorded verbal agreement for telephone/online work). Information must be in plain language a non-specialist can follow.
2. Voluntary participation and the right to withdraw
Nobody should be pressured, tricked or unduly incentivised into taking part, and every participant must be free to withdraw — without giving a reason and without penalty — typically up to a stated cut-off (for example, before data are anonymised and analysed). You must tell participants exactly how to withdraw and what happens to their data if they do.
3. Confidentiality and anonymity
These are distinct. Anonymity means you cannot link a response back to an individual (no names, no identifiers). Confidentiality means you may know who said what, but you keep that link private and secure and never disclose it. In reporting, use pseudonyms or participant codes (e.g. “P07”), remove identifying details, and be alert to indirect identifiers — a job title plus a small organisation can identify someone even without a name.
4. Avoiding harm (physical and psychological)
You must minimise the risk of physical, psychological, social, legal or economic harm. Psychological harm — distress, embarrassment, re-traumatisation when discussing sensitive topics — is the most common risk in social-science dissertations and is easy to underestimate. Plan mitigations in advance: the right to skip questions, signposting to support services, and a protocol for what to do if a participant becomes distressed.
5. Integrity and honesty (no fabrication, falsification or plagiarism)
Research integrity forbids the three cardinal sins of misconduct: fabrication (inventing data or results), falsification (manipulating data, images or methods so the record is inaccurate), and plagiarism (presenting others’ work or ideas as your own). It also requires transparent reporting — declaring conflicts of interest, reporting findings that don’t support your hypothesis, and citing every source properly. If you are unsure where the line sits on copying and attribution, read our guide on what plagiarism is and how to avoid it.
6. Beneficence (and justice)
Beneficence means the research should aim to do good — produce knowledge of value while keeping the cost to participants as low as possible. Justice means selecting participants fairly and not exploiting vulnerable or convenient groups simply because they are easy to access. A well-justified study can defend why its benefits outweigh its burdens.
- Respect autonomy — people decide for themselves whether to take part.
- Be transparent — no hidden purposes, no surprise uses of data.
- Protect the vulnerable — extra safeguards for those who can’t fully consent.
- Report honestly — including inconvenient or null results.
- Keep data secure — collect the minimum, store it safely, delete it on schedule.
A master table: principle, meaning and how to uphold it
| Principle | What it means | How you uphold it |
|---|---|---|
| Informed consent | Participants agree based on full, clear information about the study. | Provide a participant information sheet; obtain a signed (or recorded) consent form before any data are collected. |
| Voluntary participation & right to withdraw | No coercion; participants can stop at any time. | State that taking part is optional; give a withdrawal deadline and explain what happens to their data. |
| Confidentiality & anonymity | Identities are protected; data cannot be traced to individuals in outputs. | Use participant codes/pseudonyms; remove direct and indirect identifiers; store the key separately and securely. |
| Avoiding harm | Minimise physical, psychological, social and reputational risk. | Allow participants to skip items; signpost support services; have a distress protocol. |
| Integrity & honesty | No fabrication, falsification or plagiarism; transparent reporting. | Keep an audit trail of raw data; cite all sources; report null and unfavourable findings; declare conflicts. |
| Beneficence & justice | Maximise benefit, minimise burden; recruit participants fairly. | Justify the value of the study; collect only necessary data; avoid exploiting convenient or vulnerable groups. |
| Data protection | Personal data handled lawfully and securely (UK GDPR / DPA 2018). | Identify a lawful basis; minimise and anonymise; encrypt and access-control storage; set a retention and deletion date. |
The ethics approval process: step by step
Almost every UK dissertation involving human participants, their personal data, animals or sensitive secondary data must receive ethics approval before data collection begins. Collecting data first and seeking approval later is itself a breach. The route is usually proportionate to risk — a low-risk anonymous survey may get a light-touch review, while research with vulnerable groups or the NHS needs full committee scrutiny.
- Identify the risk level. Most universities triage projects into low / medium / high risk. Higher risk (deception, vulnerable participants, sensitive topics, NHS patients) triggers fuller review.
- Complete the ethics application. Describe your aims, design, recruitment, data handling, risks and mitigations. Be specific — vague answers get sent back.
- Prepare your supporting documents. Typically a participant information sheet, a consent form, recruitment materials, and your data collection instruments (questionnaire, interview schedule, debrief sheet).
- Submit to the ethics committee / IRB. In the UK this is usually a departmental or university Research Ethics Committee (REC); in the US the equivalent is an Institutional Review Board (IRB). NHS-related work goes to the Health Research Authority.
- Respond to feedback. The committee may approve, approve with conditions, or ask for revisions. Address every point before resubmitting.
- Receive approval and keep the reference. Only once you have written approval (and its reference number) may you begin recruiting and collecting data. Quote the reference in your methodology chapter.
Two documents do most of the heavy lifting. The participant information sheet (PIS) tells potential participants everything they need to make an informed decision — purpose, procedure, time commitment, risks, benefits, how data are stored, who to contact, and their right to withdraw. The consent form is a short checklist they sign to confirm they have read the PIS, understood it, and agree to take part on those terms. When you design your data collection — see our overview of methods of data collection — build these documents at the same time, not as an afterthought.
Special considerations
Vulnerable groups
Children, people with cognitive impairments, prisoners, patients, and others who may not be able to give free, fully informed consent require additional safeguards. This can mean parental/guardian consent plus the participant’s own assent, an appropriate adult present, DBS checks for researchers working with children, and stricter committee review. Never assume convenience of access justifies recruiting a vulnerable group.
Deception and debriefing
Sometimes telling participants the full aim would invalidate the study (for example, in some psychology experiments on behaviour). Limited deception may be permitted only when there is no alternative, the risk is minimal, and it is justified to the ethics committee. Where deception is used, a thorough debrief is mandatory: afterwards you explain the true purpose, why the deception was necessary, and offer participants the chance to withdraw their data.
Online research
Internet-based studies raise their own questions: how do you verify consent online, confirm participants are adults, and protect data in transit and at rest? Be careful with social-media data — public visibility does not automatically mean people consent to being studied. Use reputable survey platforms with appropriate security, and treat scraped or forum data with the same care you would interview transcripts.
Incentives
Modest incentives (a prize draw, a small voucher) can aid recruitment, but they must not be so large that they amount to coercion — especially for low-income or vulnerable participants. Disclose any incentive in the information sheet and pay it regardless of whether the participant completes the study, so withdrawing carries no penalty.
Data protection: UK GDPR and the Data Protection Act 2018
Whenever your research processes personal data (anything that can identify a living individual), you are legally bound by UK GDPR and the Data Protection Act 2018. Ethics approval does not replace these duties — it sits alongside them. The practical implications for a student researcher are:
- Lawful basis & transparency — for university research this is usually “public task”; tell participants in the information sheet how their data will be used.
- Data minimisation — collect only what you genuinely need. Don’t ask for a name, address or date of birth unless the analysis requires it.
- Anonymisation / pseudonymisation — anonymise as early as possible. Truly anonymous data falls outside GDPR; pseudonymised data (codes with a separately stored key) does not, so protect the key.
- Special category data — health, ethnicity, religion, sexual orientation and similar need extra justification and safeguards.
- Secure storage — encrypt files, use password protection and institutional drives (not personal USB sticks or unsecured cloud), and restrict access.
- Retention & deletion — state how long you will keep data and delete it on schedule once the project and any verification period end.
A research-ethics checklist for your student project
Before you collect a single data point, work through this checklist. If you can tick every item honestly, you are ready to submit your ethics application.
- I have written a clear participant information sheet in plain English.
- I have a consent form that participants sign (or verbally agree to) before taking part.
- I have stated that participation is voluntary and explained how and by when participants can withdraw.
- I use codes or pseudonyms and have removed direct and indirect identifiers from my outputs.
- I have identified possible harms and planned mitigations (skip option, support signposting, distress protocol).
- I collect only the personal data I genuinely need (data minimisation).
- My data are stored securely (encrypted, access-controlled institutional storage) with a deletion date.
- I have additional safeguards if any participants are from a vulnerable group.
- If I use any deception, it is justified and followed by a full debrief.
- I have obtained written ethics approval before starting data collection and recorded the reference number.
- I cite all sources correctly and will report findings honestly, including null or unfavourable results.
If your study design hinges on participant-generated data — surveys, interviews or questionnaires — getting the ethics and the instrument right together saves rework. Our guides on building a qualitative research questionnaire and the wider process of how to write a dissertation walk through how the methodology, instruments and ethics fit together.
Common research-ethics mistakes to avoid
- Starting data collection before ethics approval is granted.
- Using a vague, jargon-heavy information sheet participants can’t actually understand.
- Promising “anonymity” while collecting names, emails or other identifiers.
- Storing data on personal devices, unsecured cloud accounts or USB sticks.
- Forgetting indirect identifiers (small employers, rare roles, unique circumstances) when reporting quotes.
- Offering incentives so large they pressure people into taking part.
- Treating debriefing as optional after using any deception.
- Cherry-picking results or quietly dropping inconvenient data — a form of falsification.
Need help getting your methodology and ethics right?
Our academics can help you design an ethically sound study and write a rigorous, approval-ready methodology chapter.
Conclusion
Research ethics is best understood not as a hurdle before “the real research” but as part of the research itself — the discipline of doing your study in a way that is honest, respectful and lawful. Master the core principles (informed consent, voluntary participation, confidentiality, avoiding harm, integrity and beneficence), follow your institution’s approval process, build proper safeguards for sensitive contexts, and treat personal data with the care UK GDPR demands. Do that, and your findings will be not only credible and defensible but worthy of the people who made them possible.
