FUNDAMENTALS OF RESEARCH IN CRIMINOLOGY AND CRIMINAL JUSTICE
66
allow such deceptive practices in research if you were a member of your university’s
IRB? What about less dramatic instances of deception in laboratory experiments with
students like yourself? Do you react differently to the debriefing by Milgram compared
to that by Zimbardo?
What scientific or educational or applied “value” would make deception justifiable, even
if there is some potential for harm? Who determines whether a nondeceptive intervention
is “equally effective” (Miller 1986: 103)? Diana Baumrind (1985) suggested that personal
“introspection” would have been sufficient to test Milgram’s hypothesis and has argued
subsequently that intentional deception in research violates the ethical principles of self-
determination, protection of others, and maintenance of trust between people and so can
never be justified. How much risk, discomfort, or unpleasantness might be seen as affecting
willingness to participate? When should a post-experimental “attempt to correct any
misconception” due to deception be deemed sufficient?
Can you see why an IRB, representing a range of perspectives, is an important tool for
making reasonable, ethical research decisions when confronted with such ambiguity?
Maintain Privacy and Confidentiality
Maintaining privacy and confidentiality is another key ethical standard for protecting research
participants, and the researcher’s commitment to that standard should be included in the
informed consent agreement (Sieber 1992). Procedures to protect each subject’s privacy, such
as locking records and creating special identifying codes, must be created to minimize the
risk of access by unauthorized persons. However, statements about confidentiality should be
realistic: In some cases, laws allow research records to be subpoenaed and may require report-
ing child abuse; a researcher may feel compelled to release information if a health- or life-
threatening situation arises and participants need to be alerted. Also, the standard of
confidentiality does not apply to observation in public places and information available in
public records.
There are two exceptions to some of these constraints: The National Institute of Justice
can issue a “Privacy Certificate,” and the National Institutes of Health can issue a
“Certificate of Confidentiality.” Both of these documents protect researchers from being
legally required to disclose confidential information. Researchers who are focusing on
high-risk populations or behaviors, such as crime, substance abuse, sexual activity, or
genetic information, can request such a certificate. Suspicions of child abuse or neglect
must still be reported, as well as instances where respondents may immediately harm
themselves or others. In some states, researchers also may be required to report crimes
such as elder abuse (Arwood & Panicker 2007).
The Health Insurance Portability and Accountability Act (HIPAA) passed by Congress in
1996 created much more stringent regulations for the protection of health care data. As
implemented by the U.S. Department of Health and Human Services in 2000 (and revised in
2002), the HIPAA Final Privacy Rule applies to oral, written, and electronic information that
“relates to the past, present, or future physical or mental health or condition of an individual.”
The HIPAA rule requires that researchers have valid authorization for any use or disclosure
of “protected health information” (PHI) from a health care provider. Waivers of authorization
can be granted in special circumstances (Cava, Cushman, & Goodman 2007).