Ethical Considerations in Data Collection: Why It Matters More Than Ever

Authors:

–Ojo Babatunde Odunayo

West African Examinations Council (WAEC)

Makr Joy Ajala – Mark-ajala Joy

West African Examinations Council (WAEC)

Introduction

Most of the time, when we use social media, browse websites to shop online, or access banking apps and credit cards, we may be sharing more personal information than we intend. In today’s digital era, many aspects of daily life are increasingly digitised and automated, making data on our activity patterns a routine part of modern living. Collecting this data is essential for diagnostics and for improving and scaling technologies and devices. Many users aren’t aware of what they are actually consenting to when they agree to terms and conditions to use a software or access a certain functionality on the internet.

Policies can be lengthy, confusing and difficult to follow for an average person, so consent becomes something people give without a clear-cut understanding of the terms and conditions. Since nearly everyone in modern society is a data consumer, this write-up aims to provide insight and raise awareness about the importance of ethical practice in the sharing, collection, and management of data.

What is Data Collection?

Data collection is the systematic process of gathering and measuring information from diverse sources to evaluate outcomes, for decision-making, research, or business purposes. Data collection plays a crucial role in science and technology, education, and many other sectors.

Common Methods of Data Collection

Web tracking (cookies, browsing behaviour) involves the collection of user interaction data online to analyse behaviour, personalise experiences, and improve services. This method of data collection usually raises privacy concerns and often requires user consent.
Surveys and questionnaires: This method involves the collection of data from a group of people through questions.
Interviews:One on one or group discussion method to gather detailed information and opinions.
Observations: Recording or scientific study of behaviours or events, without direct interaction.
Experiment: Testing hypotheses under controlled conditions to observe cause-and-effect relationships.
Case studies: This method involves an in-depth analysis of a single individual, group or situation over time.

Data Classification

Understanding the types of data helps us clarify why ethics in data collection is important because different types of data carry different levels of risk and responsibility.

1. Personal vs. Non-Personal Data

Personal data: Information that can identify an individual (e.g., name, phone number)
Non-personal data: Information that cannot identify a specific person

2. Sensitive vs. Non-Sensitive Data

Sensitive data consist of information that must be protected because its exposure could harm an individual or organisation. (e.g., health records, financial details, location). It requires strong protection. Unautorised access to this type of data can lead to identity theft, financial loss, or legal issues.
Non-sensitive data: These are information that can be shared freely because it does not pose a risk if disclosed. These are categorised as general information, non-confidential business data, basic information that does not identify a specific person. This type of data is classified as less risky but still important.

3. Primary vs. Secondary Data

Primary data is information collected directly from users (e.g., surveys, interviews). That is, firsthand information.
Secondary data: An already existing data collected by someone else and is reused for a different purpose. For instance, government reports, previous research studies.

Understanding these methods is the first step toward ethical practice in data collection

Ethics in Data Collection

Data collection is an activity that is being implemented following a defined process, and this process usually involves patterns, conducts and guiding rules. Ethics in data collection are the moral principles and guidelines that ensure data is gathered, stored, and used responsibly, fiarly and legally. Key elements under ethics in data collection include obtaining informed consent, maintaining participant privacy and ensuring transparency in how the collected data will be used. In other words, ethics in data collection is concerned with respecting people and protecting their information. There are outlined principles that guide responsible practices in data collection.

Core Principles of Ethics in Data Collection

Informed Consent

People should clearly understand what type of data is being collected, why it is needed, and how it will be used. Importantly, consent description should be simple and easy to understand, not buried in complex legal language.

2. Data Security and Confidentiality

Collection of data comes with the responsibility to protect it. Organizations and concerned individuals must adopt strong protection measures to protect identities, avoid unauthorized sharing, and limit access to sensitive data. Without proper security, data breaches can expose personal and sensitive information which can subsequently damage trust or lead to legal matters.

3. Data Minimization and Purpose Limitation

Only collect what is necessary. Avoid gathering irrelevant information, and do not use data for purposes beyond what was originally stated.

4. Transparency and Accountability

Organizations and concerned individuals should be open about how data is collected, how it is used, and who has access to it.

5. Fairness and Avoidance of Harm

Data should not be used in ways that harm people, discriminate, or take advantage of vulnerable groups. Biased data can lead to unfair outcomes, so fairness is critical.

Ethical data collection ensures that individuals are respected and protected.

Data collection is undoubtedly a cornerstone of research, businesses and innovation development yet, it brings significant ethical dilemmas. Ethics in data collection involves navigating a balanced equation between gathering necessary and useful information and respecting privacy, rights and safety of participants / respondents.

Common Ethical Challenges in Data Collection

Lack of Informed Consent

This occurs when participants do not fully understand what data is being collected, how it will be used, or the risks involved. Ethical practice requires that participation is voluntary and based on clear, transparent communication.

2. Privacy and Confidentiality Breaches

Collecting personally identifiable information (PII) without adequate protection or sharing it without consent violates privacy. Even anonymised datasets can be re-identified by merging them with other data sources, creating high risks.

3. Data Misuse and Unauthorised Sharing

Using data for a purpose other than what the participant agreed to is unethical. Selling or sharing data with third parties without explicit consent often leads to reputational damage and legal issues.

4. Bias and Discrimination

Data sets can inherit biases from the collection method or sample population, particularly if they are not representative. This leads to algorithms that perpetuate inequality, such as in hiring, credit scoring, or healthcare.

5. Exploitation of Vulnerable Populations

It is unethical to take advantage of specific groups—such as children, the elderly, or marginalised populations—that may not fully understand the consequences of data sharing or who may feel coerced into participating.

6. Lack of Data Minimisation

Collecting more data than necessary (often called “data harvesting”) is unethical as it increases security risks and violates the principle of “minimum viable collection”.

7. Transparency and Trust

Failing to be transparent about who is collecting the data, why, and how it will be used erodes trust. This is particularly true in AI-driven data collection where processes are often opaque (“black box” algorithms).

To regulate data collection, several laws and policies exist to ensure that personal information is gathered, used, and stored responsibly, protecting individuals’ privacy while holding organisations accountable for ethical data practices.

GDPR (General Data Protection Regulation) – Protects user data in Europe
NDPR (Nigeria Data Protection Regulation) – Governs data protection in Nigeria
Organizational policies – Internal codes of ethics and compliance rules

These frameworks help ensure accountability and protect users.

For best practices of Ethical Data Collection, the following steps are recommended:

Clearly explain the purpose of data collection
Obtain genuine and informed consent
Collect only necessary data
Store data securely
Anonymize sensitive information
Regularly review data practices

Real-Life Example: Ethical Data Collection in Action

Imagine a healthcare app collecting user data for research and diagnostic purposes.

To remain ethical, it should:

Clearly explain why data is needed
Obtain user consent with clear and understandable narrative
Remove personal identifiers (anonymization)
Store data securely

This approach builds trust and protects users.

The issues outlined in this write-up show that ethical data collection requires ongoing effort, not just policies on papers.

Conclusion

Data comes second to ethics

Taking responsibility for your data doesn’t stop at running checks for legal compliance.

When it comes to data, ethics is just as important as protection. How can you expect your users to trust your organization with their data if you aren’t taking proactive steps to be transparent, fair, and provide adequate protections?

Trust is the most important thing in any data-centric system. Without ethics, you may not gain that trust.