Enabling the Reuse of Personal Data in Research: A Classification Model for Legal Compliance

Eduard Mata i Noguera; Ruben Ortiz Uroz; Ignasi Labastida i Juan

doi:10.5334/dsj-2026-018

Enabling the Reuse of Personal Data in Research: A Classification Model for Legal Compliance

Data Science Journal

Volume 25 (2026): Issue 1

By: Eduard Mata i Noguera , Ruben Ortiz Uroz and Ignasi Labastida i Juan

Open Access

|May 2026

Abstract

Inspired by a proposal made almost 10 years ago, this paper presents a model for classifying personal data to inform researchers on how to manage it. The classification is based on the principles of the European General Data Protection Regulation (GDPR) and its implementation under Spanish law. The paper also describes the conditions in which personal data should be stored and accessed to ensure compliance with data protection regulations and to safeguard privacy. The authors developed the work collaboratively with the library (CRAI) and the Data Protection Office of the University of Barcelona. The outcomes of this collaboration were a decision tree for researchers and a list of requirements for research data repositories to ensure personal data is stored and accessed securely. This proposal is aligned with the FAIR principles and the commitment to responsible open science practices.

References

Alter, G., Gonzalez-Beltran, A., Ohno-Machado, L. and Rocca-Serra, P. (2020) ‘The Data Tags Suite (DATS) model for discovering data access and use requirements’, GigaScience, 9(2), giz165. Available at: 10.1093/gigascience/giz165
Open DOI Search in Google Scholar Back to article
Bar-Sinai, M., Sweeney, L. and Crosas, M. (2016) ‘DataTags, data handling policy spaces and the tags language’, Proceedings – 2016 IEEE Symposium on Security and Privacy Workshops, pp. 1–8. Available at: 10.1109/spw.2016.11
Open DOI Search in Google Scholar Back to article
Baxter, R., Thomas, E. and Tjalsma, H. (2017) Using DataTags to classify personal data under GDPR. Dealing with Data 2017, University of Edinburgh. Available at: https://era.ed.ac.uk/handle/1842/26035 [Accessed 15-05-2026].
Search in Google Scholar Back to article
European Union (2016) Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation), Official Journal of the European Union, L 119, pp. 1–88.
Search in Google Scholar Back to article
European Union (2022) Regulation (EU) 2022/868 of the European Parliament and of the Council of 30 May 2022 on European data governance and amending Regulation (EU) 2018/1724 (Data Governance Act), Official Journal of the European Union, L 152, pp. 1–44.
Search in Google Scholar Back to article
Jacobsen, A. et al. (2020) ‘FAIR principles: Interpretations and implementation considerations’, Data Intelligence, 2(1–2), pp. 10–29. Available at: 10.1162/dint_r_00024
Open DOI Search in Google Scholar Back to article
Sansone, S.A. et al. (2017) ‘DATS, the data tag suite to enable discoverability of datasets’, Scientific Data, 4, 170059. Available at: 10.1038/sdata.2017.59
Open DOI Search in Google Scholar Back to article
Spain (2018) Organic Law 3/2018, of 5 December, on the protection of personal data and guarantee of digital rights, Boletín Oficial del Estado (BOE), 294, pp. 119788–119857.
Search in Google Scholar Back to article
Sweeney, L., Crosas, M. and Bar-Sinai, M. (2015) ‘Sharing sensitive data with confidence: The datatags system’, Technology Science, 2015101601. Available at: https://techscience.org/a/2015101601/ [Accessed 15-05-2026].
Search in Google Scholar Back to article
von Stein, I. (2017) First GDPR datatags results presented in workshop. Available at: https://dans.knaw.nl/en/news/first-gdpr-datatags-results-presented-in-workshop/ [Accessed 20-08-2025].
Search in Google Scholar Back to article
Wilkinson, M.D. et al. (2016) ‘The FAIR Guiding Principles for scientific data management and stewardship’, Scientific Data, 3, 160018. Available at: 10.1038/sdata.2016.18
Open DOI Search in Google Scholar Back to article

Articles in this issue

DOI: https://doi.org/10.5334/dsj-2026-018 | Journal eISSN: 1683-1470

Journal RSS Feed

Language: English

Page range: 18 - 18

Submitted on: May 26, 2025

Accepted on: Apr 29, 2026

Published on: May 15, 2026

Published by: Ubiquity Press

In partnership with: Paradigm Publishing Services

Publication frequency: 1 issue per year

Keywords:

Data Labelling,

FAIR,

Personal Data Legal Regulations

© 2026 Eduard Mata i Noguera, Ruben Ortiz Uroz, Ignasi Labastida i Juan, published by Ubiquity Press
This work is licensed under the Creative Commons Attribution 4.0 License.

Volume 25 (2026): Issue 1