Category: Guides & Explainers

Practical how-to guides, templates, checklists, and career pathways for research administrators, authors, and institutional teams.

  • Ghost, guest and honorary authorship: what they are and how to avoid them

    Two opposite failures corrupt the authorship record, and they are mirror images of each other. In one, a name appears on a paper that should not be there; in the other, a person who did substantial work is left off entirely. Both distort who is accountable for the published work, and both are forms of authorship misconduct that journals and integrity bodies treat seriously. This article explains what they are and how to avoid them, building on the account of authorship and accountability and the formal authorship criteria.

    The starting point: authorship is accountability

    You cannot define the abuses without first fixing what authorship is supposed to be. The dominant standard in biomedical and much of STEM publishing is the ICMJE recommendation, which sets four criteria, all of which an author should meet: substantial contribution to the conception or design of the work, or to the acquisition, analysis, or interpretation of data; drafting the work or revising it critically for important intellectual content; final approval of the version to be published; and agreement to be accountable for all aspects of the work. The decisive idea running through all four is accountability. An author is someone who can answer for the work, not merely someone connected to it. Every form of authorship abuse is, at bottom, a breaking of that link between credit and accountability.

    Guest and honorary authorship: names that should not be there

    Guest authorship, also called honorary or gift authorship, is the inclusion of a person as an author when they have not made a contribution meeting the authorship criteria. The motives are familiar:

    • Adding a senior figure — a department head or laboratory director — whose name lends prestige but who did not contribute substantively to the specific work.
    • Reciprocal arrangements, where colleagues add each other to papers to inflate both publication lists.
    • Coercion, where a person in authority pressures a junior researcher to include them.

    Whatever the motive, the effect is the same: a name on the author line carries an implicit claim of contribution and accountability that is false. It dilutes the credit owed to those who did the work, and it attaches accountability to someone who cannot genuinely answer for the research. Honorary authorship is not a harmless courtesy; it is a misrepresentation of the contribution record.

    Ghost authorship: the writers who vanish

    Ghost authorship is the opposite failure: someone who made a contribution that qualifies for authorship, or who did substantial work on the manuscript, is not named as an author and frequently not acknowledged at all. The classic and most damaging case is the professional medical writer, often funded by a commercial sponsor, who drafts a paper that is then published under the names of academic authors with no disclosure of the writer’s role. Ghost authorship is especially corrosive because it conceals influence: a reader cannot weigh a possible conflict of interest they cannot see. It hides who actually shaped the words and, sometimes, who paid for them.

    There is a subtler, everyday version too. Postdocs, graduate students, and technicians who did substantial Investigation or Software work are sometimes pushed below the authorship line and into a footnote, or omitted entirely. Each instance erodes the integrity of the record by severing the contribution from the contributor.

    How the ICMJE criteria prevent both

    The elegance of a clear authorship standard is that the same test catches both abuses. Apply the four criteria honestly and the guest author fails them — they made no substantial contribution and cannot be accountable — so they should not be on the author line. Apply them honestly and the ghost is revealed — the medical writer who drafted the paper plainly meets the contribution and drafting criteria, so they must be named or, where they decline authorship, their role must be disclosed. The criteria are a bright line that, used in good faith, makes both the unearned name and the missing one visible.

    A useful discipline: for every name on the author line, ask whether that person can answer for the work. For everyone who did substantial work, ask whether they appear. The first question catches guests; the second catches ghosts.

    How CRediT helps — and one trap to avoid

    The CRediT taxonomy strengthens the defence by making contribution explicit. When each author’s specific roles are recorded against the fourteen CRediT roles, a guest author has nowhere to hide: they must either claim a role they did not perform — a falsifiable and serious misstatement — or appear with no roles at all, which invites the obvious question. A transparent contribution statement makes honorary authorship costly to sustain.

    But there is a trap. Because most publishers apply CRediT only to named authors, the taxonomy can inadvertently encourage a mild form of ghosting: authors, unable to credit the technician or writer who did the work, attribute that work to themselves. The fix is to credit contributors properly — through acknowledgements where authorship is genuinely not warranted, and by extending structured contribution metadata to acknowledged contributors as the standard evolves — rather than absorbing their roles into an author’s line.

    What to do — for authors, supervisors and journals

    • Agree authorship early. Decide, in writing, who will be an author and on what basis at the start of a project, and revisit it as contributions change. Most disputes and abuses grow from silence.
    • Apply the criteria, not the hierarchy. Seniority is not a contribution. A director who did not contribute substantively should be acknowledged, not authored.
    • Name the writers. Professional and medical writers must be disclosed; ghost-writing is incompatible with publication integrity.
    • Use contribution statements. A CRediT statement confirmed by every named author makes both guests and ghosts harder to sustain.
    • Follow COPE guidance when problems surface. The Committee on Publication Ethics provides flowcharts for editors handling suspected guest or ghost authorship; they set out a fair, documented process.

    Where shared vocabulary fits

    Terms like “guest”, “gift”, “honorary”, and “ghost” authorship are used loosely and sometimes interchangeably, which weakens policy that depends on them. A shared, federated vocabulary that defines these precisely — pointing back to ICMJE for the criteria and COPE for the handling of misconduct — is what lets editors and institutions act on a common understanding. Supplying that definitional layer is the role the CASRAI dictionary is designed to play; the relevant terms sit in the research-integrity domain.

    Related reading

  • Licensing research data: CC-BY, CC0 and when to use each

    You can deposit a dataset in a trusted repository, describe it with rich metadata, and give it a DOI — and still leave it effectively unusable, because you forgot the one line that tells a reuser what they are allowed to do with it. A dataset without a clear licence is data nobody can confidently build on: a careful researcher, unsure of the terms, will simply not reuse it. Licensing is therefore not a legal afterthought but the part of the data-infrastructure domain that determines whether a deposit delivers the “R” in FAIR at all. This guide explains the main choices — principally CC0 and CC BY — and when each fits.

    Why a licence is the reusability switch

    The FAIR principles ask that data be Findable, Accessible, Interoperable, and Reusable — and reusability rests explicitly on data being “released with a clear and accessible data usage licence”. Without a licence, default copyright and database rights leave the legal status ambiguous, and ambiguity is fatal to reuse: a would-be user cannot tell whether combining your data with theirs, redistributing it, or building a tool on it is permitted. An explicit, standard, machine-readable licence resolves that uncertainty in advance, for everyone, without anyone having to ask. That is why “attach an explicit licence” is the step that turns a findable dataset into a reusable one.

    The two main choices for data

    CC0 — the public-domain dedication

    CC0 is a Creative Commons tool by which the rights-holder waives, to the fullest extent the law allows, all copyright and related rights in the work — placing it as close to the public domain as possible. For data, CC0 means a reuser can use, combine, modify, and redistribute the data with no conditions at all, including no obligation to attribute. This is widely recommended as the default for research data, and for a specific reason: data are routinely aggregated from many sources, and attribution requirements that stack up across hundreds of datasets (“attribution stacking”) can become legally and practically unworkable. CC0 removes that friction entirely and maximises interoperability. Several major data repositories and infrastructures apply CC0 by default for exactly this reason.

    Importantly, CC0 waives legal requirements, not scholarly norms. Citing the data you use remains an academic and ethical expectation regardless of the licence — CC0 simply means that expectation is enforced by the norms of good scholarship rather than by copyright law.

    CC BY — attribution required

    CC BY permits the same broad reuse — use, adaptation, redistribution, including commercially — but on the single condition that the original creator is credited. For data, CC BY is appropriate where attribution matters enough to be a legal condition, or where a funder or institution requires it. It is the most permissive of the conditional Creative Commons licences and is the default for many open-access publications. The trade-off relative to CC0 is precisely the attribution clause: it guarantees credit, but it reintroduces the attribution-stacking problem when many datasets are combined.

    Choosing between them

    • Prefer CC0 for data intended for the widest possible aggregation and reuse, especially where the data will be merged with many other sources. It maximises interoperability and removes legal friction; rely on citation norms for credit.
    • Choose CC BY where attribution must be a legal condition, where a funder or repository mandates it, or where the dataset is a discrete, citable product whose creators need enforceable credit.
    • Be cautious with more restrictive clauses. Non-commercial (NC) and No-Derivatives (ND) terms substantially limit reuse and can render data incompatible with other open data; they are generally discouraged for research data unless a specific ethical or legal constraint demands them.

    Data are not software: a critical caveat

    Creative Commons licences are designed for content — text, images, and data — and Creative Commons itself advises against using them for software. Software has needs that CC licences do not address: patent grants, the distinction between source and compiled code, and copyleft mechanics. For code, use a recognised software licence instead — a permissive one such as MIT, BSD, or Apache 2.0, or a copyleft one such as the GPL. If your deposit bundles a dataset and the code that processes it, licence each part appropriately: a CC licence (or CC0) for the data, an OSI-approved software licence for the code. Conflating the two is one of the most common licensing mistakes in research deposits.

    A practical checklist

    1. Confirm you have the right to licence the data. Check funder terms, any data-sharing agreements, third-party data within your dataset, and — for personal or sensitive data — consent and governance constraints. A licence cannot grant rights you do not hold.
    2. Default to CC0 for data unless there is a positive reason to require attribution; choose CC BY where there is.
    3. Licence software separately with an OSI-approved licence; never put code under a Creative Commons licence.
    4. State the licence explicitly in the deposit metadata and in any data availability statement, using the standard licence identifier so it is machine-readable.
    5. Cite the data you reuse regardless of its licence — the scholarly norm holds even when the law does not require it.

    How this connects to contribution and credit

    Licensing answers “what may be done with this output?”; it is a sibling of the question “who made it?”, which the CRediT taxonomy answers. A dataset’s intellectual work is recorded on the associated paper through roles such as Data curation and Investigation, while the licence governs downstream reuse of the artefact itself. Used together — a clear licence on the data and clear contribution roles on the people — they ensure both the dataset and its creators are properly accounted for.

    Where shared vocabulary fits

    “CC0”, “CC BY”, “public domain”, “attribution”, and “reuse” are interpreted differently across repositories and funders, which undermines the very interoperability that licensing is meant to enable. A shared, federated vocabulary that defines these terms precisely — pointing back to Creative Commons for the licences and to the FAIR principles for the reusability requirement — is what lets a licence chosen for one repository be understood correctly in another. Supplying that definitional layer is the role the CASRAI dictionary is designed to play; the relevant terms sit in the data-infrastructure domain.

    Related reading

  • Research-misconduct investigations: roles, due process and outcomes

    An allegation of research misconduct is one of the most serious events that can occur in academic life, and it is also one of the most easily mishandled. Handled badly, a process can punish the innocent, shield the culpable, or collapse on appeal because corners were cut. Handled well, it protects the research record while treating everyone involved fairly. The difference lies almost entirely in process: who does what, in what order, with what safeguards. This article walks through how misconduct investigations are structured, drawing on the framework defined in the research integrity domain of the CASRAI Dictionary and the procedural norms set out by bodies such as the Committee on Publication Ethics (COPE) and national oversight offices.

    What counts as research misconduct

    Most policies converge on a narrow core definition. Research misconduct is conventionally defined as fabrication (inventing data or results), falsification (manipulating research materials, equipment, processes, data or results so that the record is not accurately represented), and plagiarism (appropriating another person’s ideas, words or results without appropriate credit) — the three offences often abbreviated FFP. The standard formulation also requires that the act be committed intentionally, knowingly or recklessly, and the burden of proof typically rests on a balance of probabilities. Honest error and good-faith differences of scientific opinion are explicitly excluded; getting something wrong is not misconduct.

    It is worth distinguishing misconduct from the wider category of questionable research practices — things such as selective reporting or inappropriate authorship — which are corrosive but usually handled through institutional policy rather than a formal misconduct finding. Authorship disagreements in particular are better routed through the kind of dispute-resolution approach described in our guidance on resolving authorship disputes than through a misconduct process.

    The stages of a process

    A well-run process moves through recognisable phases. It begins with an allegation — a concern raised by a colleague, an editor, a reviewer or a member of the public. The first formal stage is an assessment or inquiry: a preliminary, often confidential, review to decide whether the allegation, if true, would constitute misconduct and whether there is enough substance to proceed. Many concerns are resolved here, either because they fall outside the definition or because they are quickly explained.

    If the inquiry finds the matter warrants it, the process escalates to a full investigation: a formal, evidence-gathering examination conducted by a panel, usually including members with relevant expertise and at least one person external to the immediate unit to guard against bias. The investigation gathers documents, examines original data, interviews witnesses and gives the respondent a structured opportunity to answer. It concludes with findings — a determination of whether misconduct occurred — and, where misconduct is found, a recommendation on outcomes. An appeal stage typically follows, allowing the respondent to challenge the finding on procedural or substantive grounds.

    The roles involved

    Several distinct roles keep the process fair. The complainant (or whistleblower) raises the concern and is entitled to protection from retaliation — a safeguard that good policies treat as non-negotiable, because without it concerns go unraised. The respondent is the person against whom the allegation is made and is entitled to the core elements of due process. The research integrity officer (or equivalent named individual) manages the process, ensures the policy is followed and maintains confidentiality. The inquiry and investigation panels do the fact-finding. Where journals are involved, editors and publishers have their own parallel responsibilities, guided by the COPE flowcharts, to correct the literature regardless of the institutional outcome.

    Why due process matters

    Due process is not a courtesy; it is what makes a finding defensible. Its essential elements are consistent across reputable frameworks: the respondent must be told the specific allegations against them; they must have a genuine opportunity to respond to the evidence; the people deciding must be impartial and free of conflicts of interest; the process must be confidential to protect reputations while it runs; and it must move within reasonable timeframes, because indefinite suspicion is itself a harm. A process that skips these steps risks two failures at once — an unjust outcome for the individual, and a finding so procedurally weak that it cannot withstand challenge and fails to protect the record.

    Outcomes and correcting the record

    Outcomes fall into two streams. Where misconduct is found, institutional sanctions may range from supervision and retraining through to disciplinary measures, and funders or oversight bodies may impose their own consequences. Separately, and importantly, the scholarly record must be corrected: affected publications may need correction, an expression of concern, or retraction. This second stream proceeds on the evidence about the publications themselves and does not simply wait on the disciplinary outcome, since the literature’s reliability is a public-interest matter distinct from any individual’s employment.

    Where an allegation is not upheld, the process has a final duty: to restore the respondent’s standing as far as possible and to ensure a good-faith complainant suffers no detriment for having raised it. A system that protects only the accused, or only the accuser, is not working. The thread running through all of it — clear definitions, staged process, defined roles, procedural fairness, and a duty to the record — is what lets an institution act decisively without acting unjustly. Readers wanting the precise vocabulary can consult the CASRAI Dictionary, and those interested in how positive contribution is recorded alongside accountability may find the CRediT taxonomy a useful complement.

  • GDPR and research data: lawful bases, consent and pseudonymisation

    An enormous amount of research depends on data about people — their health, their behaviour, their genetics, their opinions, their lives. Wherever such data identify or could identify individuals, they fall within data protection law, and in Europe and the United Kingdom that law is the General Data Protection Regulation (GDPR), supplemented in the UK by the UK GDPR and the Data Protection Act 2018. For researchers the GDPR is sometimes experienced as a thicket of obligations. But its core ideas are coherent, and it contains specific provisions designed to enable responsible research rather than obstruct it. Understanding lawful bases, the special rules for sensitive data, the research exemptions, and the distinction between anonymisation and pseudonymisation is part of doing data-driven research properly. This article offers an orientation, drawing on the compliance and regulatory domain of the CASRAI Dictionary. It is general guidance, not legal advice.

    You need a lawful basis

    The first principle is that processing personal data is not permitted by default; it requires a lawful basis. Article 6 of the GDPR sets out the possible bases, several of which can be relevant to research. Many researchers assume the answer is always consent, but for research by public institutions a basis such as the performance of a task carried out in the public interest is often more appropriate. The choice matters because different bases carry different consequences for the rights individuals can exercise. The key point is that a researcher must be able to identify and justify the lawful basis on which they process personal data — good intentions and scientific value do not by themselves make processing lawful.

    Special category data and Article 9

    Much research data is not merely personal but sensitive — data about health, genetics, ethnicity, sexual life, religious or political beliefs, and so on. The GDPR calls these special categories and gives them extra protection under Article 9, which prohibits their processing unless a specific additional condition is met. Among those conditions are explicit consent and, importantly for research, processing necessary for scientific research purposes subject to appropriate safeguards. This means that to process sensitive data lawfully, a researcher must satisfy both a lawful basis under Article 6 and a condition under Article 9. The heightened protection reflects the heightened risk: misuse of health or genetic data can cause serious harm, and the law accordingly demands a stronger justification and stronger safeguards before such data may be used.

    The research provisions

    The GDPR explicitly recognises the value of research and contains provisions, centred on Article 89, intended to facilitate it while protecting individuals. These measures allow certain flexibilities under conditions — for example, data collected for one purpose may in some circumstances be further processed for scientific research without that being treated as incompatible with the original purpose, and certain individual rights may be adjusted where they would seriously impair research objectives. Crucially, these provisions are not a free pass. They are conditioned on appropriate safeguards for the rights and freedoms of individuals — safeguards that the regulation specifically associates with techniques such as data minimisation and, prominently, pseudonymisation. The research exemptions, in other words, come bundled with the expectation that researchers will take concrete measures to protect the people in their data.

    Anonymisation versus pseudonymisation

    One distinction does more practical work in research than almost any other, and it is frequently misunderstood: the difference between anonymisation and pseudonymisation.

    • Anonymisation means rendering data such that individuals are no longer identifiable, by anyone, taking account of all means reasonably likely to be used. Genuinely anonymous data falls outside the scope of the GDPR altogether, because it is no longer personal data. Achieving true anonymisation is harder than it sounds, because seemingly innocuous combinations of fields can re-identify people.
    • Pseudonymisation means processing data so that it can no longer be attributed to an individual without additional information — for example, replacing names with a code, while keeping the key that links code to identity separate and secure. Pseudonymised data remains personal data and remains within the GDPR’s scope, because re-identification is still possible with the key.

    The error to avoid is treating pseudonymised data as if it were anonymous and therefore outside the law. Pseudonymisation is a valuable safeguard — indeed the GDPR commends it — but it reduces risk rather than removing the data from regulation. Knowing which one you have done determines what obligations still apply.

    Accountability and impact assessments

    The GDPR is built on accountability: it is not enough to comply, one must be able to demonstrate compliance. For research using personal data this brings practical obligations — documenting the lawful basis and Article 9 condition, being transparent with participants, applying data minimisation, and securing the data. Where processing is likely to result in a high risk to individuals — as large-scale processing of sensitive data often will — a data protection impact assessment (DPIA) may be required, identifying the risks and planning mitigations before processing begins. The DPIA is not merely a form to file; it is the moment at which a team thinks systematically about how its use of personal data could affect people and how to reduce that effect.

    A consistent vocabulary for compliance

    Data protection touches institutions, funders, ethics committees and repositories alike, and for the relevant information to be handled consistently across them, the terms involved — lawful basis, consent type, special category, pseudonymised, anonymised, retention — must mean the same thing everywhere. That consistency is what the CASRAI Dictionary provides: a shared vocabulary so that the compliance metadata describing how personal data may be used is understood identically wherever it appears, supporting the broader machinery of research administration. And because stewarding personal data responsibly is genuine contribution, that work can be described within the same framework as any other — the CRediT taxonomy and its full set of contribution roles. The GDPR is not the enemy of research; properly understood, it is the framework within which research that depends on people’s data can be done in a way that keeps faith with them.

  • Conducting research-security risk assessments: proportionate due diligence

    Research-security policy can sound, to a working researcher, like a demand to treat every collaborator with suspicion and every international partnership as a threat. Understood properly, it is nearly the opposite. The aim of a research-security risk assessment is not to close doors but to open them with eyes open — to ask sensible, proportionate questions before entering a partnership, accepting funding or recruiting a colleague, so that genuine risks are identified and managed while the overwhelming majority of legitimate collaboration proceeds unimpeded. The skill lies in proportion: too little scrutiny leaves real risks unexamined, too much strangles the openness on which research thrives. This article looks at how institutions can build that proportionate assessment into their practice, through the research security domain of the CASRAI Dictionary.

    What a risk assessment is for

    A research-security risk assessment is a structured way of asking, before a commitment is made, whether a proposed partnership, funding source or appointment carries risks that need to be understood and managed. Those risks might include sensitive knowledge or technology being diverted to harmful ends, undisclosed conflicts of interest or commitment, or partnerships with entities whose affiliations warrant closer examination. The purpose is not to reach a verdict of “safe” or “dangerous” but to make an informed decision and proceed with confidence. Most assessments conclude that there is no significant concern, and that is a feature, not a failure — the process exists to distinguish the rare case that needs attention from the many that do not.

    Proportionality is the governing principle

    The single most important principle is proportionality. The depth of due diligence should match the level of risk, and most research carries little. A fundamental, openly published study with a long-standing academic partner needs nothing like the scrutiny appropriate to research in a sensitive area, involving technology with security implications, with a new and unfamiliar partner. Building proportionality into the process — through triage that applies light-touch checks to low-risk activity and reserves deeper examination for the genuinely sensitive — is what keeps research security workable. Without it, either everything receives burdensome scrutiny that researchers come to resent and evade, or nothing does. Proportionate assessment respects both the need for security and the value of open collaboration.

    UK Trusted Research guidance

    Institutions do not have to design this from nothing. In the United Kingdom, the Trusted Research guidance, developed by national security bodies including the agency now responsible for protective security advice and the National Cyber Security Centre, gives researchers and institutions practical help in identifying and managing the risks of international collaboration. Its framing is deliberately constructive: it is about helping researchers collaborate safely and protect their work, not about discouraging international partnership, which it explicitly recognises as essential to research. Trusted Research offers a model of how security guidance can support rather than obstruct, equipping researchers to ask the right questions and make sound judgements while keeping the door to collaboration open. It is a useful touchstone for what proportionate, supportive research security looks like in practice.

    Specific tools: ATAS and disclosure

    Within the wider landscape sit specific mechanisms that an assessment may engage. The Academic Technology Approval Scheme (ATAS) is a UK scheme requiring certain international students and researchers working in specified sensitive subject areas to obtain clearance before commencing their studies or work — a targeted control focused on areas where there is genuine proliferation concern, rather than a blanket restriction. Equally central is the disclosure of conflicts of interest and conflicts of commitment: requiring researchers to declare outside affiliations, funding, appointments and obligations, so that potential conflicts are visible and can be managed. Transparency through disclosure is one of the most effective and least intrusive security tools available, because it surfaces the information needed to assess risk without presuming bad faith. These mechanisms are pieces of a proportionate system, applied where relevant rather than universally.

    The wider policy context

    Research-security risk assessment also responds to expectations set by funders and governments. In the United States, the policy framework known as NSPM-33 set out requirements for research-security programmes at institutions receiving federal funding, including expectations around disclosure and the protection of research. The detail of that framework, and of related concerns such as dual-use research and the cybersecurity of sensitive work, are addressed in our existing coverage of those topics; the point here is that institutional risk assessment is the practical mechanism through which such expectations are met. A research-security programme is, in large part, the capacity to conduct proportionate due diligence consistently and well.

    Embedding assessment in research administration

    For risk assessment to work, it has to be part of the ordinary machinery of research administration rather than a special process invoked in alarm. Integrated into the points where commitments are made — partnership agreements, grant acceptance, recruitment — it becomes a routine, proportionate check rather than a disruptive intervention, and it draws on information institutions already gather. This integration is the concern of our research administration resources: building security-mindedness into normal processes so that it supports good decisions rather than obstructing them. Done well, assessment is largely invisible to the researcher whose work poses no concern, and genuinely helpful to the one whose work does.

    A consistent vocabulary for risk and disclosure

    For risk assessment to function across institutions, funders and partners, the information involved — disclosure categories, risk levels, affiliation and conflict information — must be described consistently, or an assessment in one context will be misread in another. That consistency is what the CASRAI Dictionary provides: a shared vocabulary so that the information underpinning research-security decisions is understood the same way wherever it is recorded. And because the people and contributions involved are part of the research record, they can be described in the same shared framework — the CRediT taxonomy and its full set of contribution roles. Research security, done proportionately, is not a barrier to collaboration but a way of protecting the collaboration that matters — asking the right questions so the lab door can stay open.

  • Greening the lab: practical steps toward sustainable research

    A research laboratory is, by floor area, one of the most resource-hungry spaces a university operates. A typical lab can consume several times the energy of an equivalent office, runs equipment around the clock, gets through single-use plastics at a startling rate, and depends on fume hoods and freezers whose appetite for power is easy to overlook. None of this is incidental to research; it is the cost of doing it. But a great deal of that cost is avoidable without compromising scientific quality, and the case for reducing it is now both environmental and financial. This article sets out the practical steps that make a measurable difference, framed by the concepts in the sustainable research domain of the CASRAI Dictionary.

    Where a lab’s footprint comes from

    Before changing anything, it helps to know where the impact actually sits. The largest contributors are usually energy — for HVAC, fume-hood ventilation, and cold storage — followed by consumables, particularly single-use plastics, and then the embodied impact of equipment, chemicals and reagents. Two pieces of equipment deserve special mention. Fume hoods can dominate a lab’s energy use because they continuously exhaust conditioned air; a single hood left open can use as much energy as several homes. Ultra-low temperature (ULT) freezers, typically run at around minus eighty degrees Celsius, are individually among the most power-hungry items in any building, and a building full of them adds up quickly.

    Knowing this changes priorities. A campaign to reduce printing is well-meant but trivial next to managing fume-hood sashes and freezer temperatures, which is where the energy genuinely is.

    Two frameworks that structure the effort

    Two community frameworks have become the common reference points for lab sustainability, and both work by making good practice concrete and recognised rather than aspirational.

    • LEAF — the Laboratory Efficiency Assessment Framework, developed at University College London — gives labs a structured set of actions across energy, waste, water, procurement and research quality, organised into bronze, silver and gold tiers. Crucially it pairs actions with calculators that estimate the carbon and financial savings, so a lab can see what its changes are worth.
    • My Green Lab offers a green-lab certification used internationally, assessing actual lab practices and behaviours, and also runs programmes such as the ACT environmental-impact labelling of laboratory products, which helps buyers compare the sustainability of what they purchase.

    The value of both is the same: they turn ‘be more sustainable’ into a checklist of specific, evidenced steps, with recognition for completing them. That structure is what carries an initiative past the enthusiasm of a few individuals into something a whole department sustains.

    Practical steps that actually move the needle

    The highest-yield actions are unglamorous. On energy: keep fume-hood sashes closed when not in use — the single most effective behavioural change in many labs; switch off equipment that does not need to run overnight; and consolidate cold storage. On ULT freezers specifically, three measures stand out: raising set-points where the science allows (the difference between minus eighty and minus seventy can cut energy substantially while remaining safe for many samples), regular defrosting and coil cleaning to maintain efficiency, and a sample-management discipline so that freezers are not running to preserve material no one will ever use.

    On consumables, reducing single-use plastics where sterile single-use is not genuinely required, and joining glassware-washing or pipette-tip recycling schemes, addresses a visible and persistent waste stream. On procurement, choosing equipment and reagents with lower environmental impact — using labelling such as ACT to compare — builds sustainability into the supply chain rather than treating it as an afterthought. And on shared resources, pooling equipment across groups reduces the embodied impact of buying duplicate instruments that each sit idle most of the time.

    Understanding greenhouse-gas scopes

    To report progress credibly, it helps to understand how emissions are categorised under the Greenhouse Gas Protocol, because institutional reporting increasingly uses this language. Scope 1 covers direct emissions from sources an organisation owns or controls — for a lab, this includes things burned on site and certain process and refrigerant emissions. Scope 2 covers indirect emissions from purchased energy, principally electricity — which is where most of a lab’s energy footprint lands. Scope 3 covers all other indirect emissions in the value chain, including purchased goods and services, the manufacture of equipment and consumables, waste disposal and business travel — and for research, Scope 3 is frequently the largest and hardest-to-measure category.

    The practical lesson is that lab efficiency mostly reduces Scope 2 (energy) directly, while procurement choices and reduced consumption chip away at Scope 3. A lab that wants to report honestly should be clear about which scope a given action affects, rather than claiming everything as a single undifferentiated saving.

    Sustainability as part of research quality

    The most durable framing treats environmental responsibility not as a constraint on research but as part of doing it well — alongside reproducibility, good data management and proper resource stewardship. Many of the same disciplines overlap: a lab that manages its samples carefully wastes less freezer energy and produces more reproducible work; a group that shares equipment and documents its methods is both leaner and more rigorous. Recording these practices and the people who lead them, including through structured contribution captured in the CRediT taxonomy, helps make sustainability a recognised part of the research record rather than invisible goodwill. The consistent vocabulary for describing sustainable-research practices and metrics is maintained in the CASRAI Dictionary, so that a lab’s progress can be reported and compared meaningfully.

  • Conflict-of-interest disclosure: a practical guide for authors

    Conflict-of-interest disclosure is one of the most misunderstood obligations in research publishing. Authors often treat it as an accusation to be avoided — as if declaring an interest were an admission of bias. It is the opposite. Disclosure exists to protect the reader, and a declared interest is a sign of good faith, not of wrongdoing. This guide explains what counts as a competing interest, how the standard disclosure model works, and how this declaration fits alongside the other statements an author now makes. It connects to the author-side declarations described at the author statement and the parallel disclosure covered in the AI-use disclosure guidance.

    What a conflict of interest actually is

    A conflict of interest — many journals prefer the less loaded term competing interest — exists when a secondary interest could, in a reasonable observer’s view, improperly influence the conduct or reporting of research. The key word is could. A conflict is about the potential for influence, not proof that influence occurred. You do not need to believe your judgment was actually affected; you need only recognise that an outside reader, knowing the interest, might reasonably weigh your conclusions differently. That is why disclosure is the remedy: it hands the reader the information they need to make that judgment for themselves.

    Conflicts come in several forms, and all are disclosable:

    • Financial interests: research funding, consultancy or speaker fees, employment, stock or equity, patents and royalties, paid expert testimony, and gifts. Financial interests are the most scrutinised because they are the most measurable.
    • Personal and professional relationships: close personal ties, rivalries, or affiliations that could shape how the work is reported or reviewed.
    • Intellectual or academic commitments: strongly held prior positions, or a role advocating for a particular view, that a reader might reasonably want to know about.
    • Institutional interests: interests held by the author’s employer that bear on the work.

    The standard: the ICMJE disclosure model

    The dominant framework in biomedical and much of STEM publishing comes from the International Committee of Medical Journal Editors (ICMJE), whose recommendations include a standard disclosure approach now adopted very widely. Its design has two features worth understanding.

    First, it asks each author to disclose individually. A competing interest belongs to a person, so every named author completes their own declaration rather than the corresponding author guessing on the others’ behalf. Second, it asks about a defined recent window — the ICMJE form covers interests over the preceding 36 months — rather than leaving “relevant” to the author’s discretion. Bounding the question makes disclosure more consistent and harder to under-report by omission.

    The ICMJE model also asks specifically about the relationship between any interest and the submitted work: money paid to you or your institution, the role of any funder in the study’s design, conduct, or reporting, and so on. The point is to surface not just that an interest exists but how it connects to this particular paper.

    How to approach your own disclosure

    1. Disclose when in doubt. The cost of declaring an interest that turns out to be immaterial is essentially nil; the cost of an undisclosed interest that later surfaces is serious — corrections, expressions of concern, and reputational damage. Asymmetry of risk argues for over-disclosure.
    2. Disclose interests, not just judgments about them. It is not your job to decide whether an interest biased you. State the interest and let editors and readers weigh it.
    3. Cover the defined window for every author. Circulate the disclosure question to all co-authors and collect each person’s declaration against the same time frame.
    4. Name the funder and its role. Funding is a competing interest, and readers are entitled to know whether the funder shaped the design, analysis, or decision to publish. “The funder had no role in…” is itself a meaningful disclosure.
    5. Keep it current. If an interest arises between submission and publication, update the declaration.

    A useful test: imagine the interest being revealed after publication by someone else. If that revelation would embarrass you or undermine trust in the work, it should have been disclosed. Disclose it now.

    Where COI sits among an author’s disclosures

    Competing-interests disclosure is now one of a small family of declarations an author makes at submission, and it helps to see them together. The contribution statement records who did what. The AI-use disclosure records which tools were used and where. The competing-interests declaration records what might bias the reporting. Each answers a different transparency question, and none substitutes for another: a thorough contribution statement does not excuse an undisclosed financial interest, and a clean competing-interests declaration says nothing about contribution. Treat them as a set, completed deliberately rather than copied from a previous paper.

    A note on funding bodies and institutions

    Disclosure obligations do not stop at the journal. Many funders and most institutions operate their own financial conflict-of-interest policies, often with formal thresholds and an annual reporting cycle. These are separate from the publication declaration and can be more demanding. An author with significant financial interests should assume that the institutional disclosure and the journal disclosure are both required, and that they should tell a consistent story.

    Where shared vocabulary fits

    “Conflict of interest”, “competing interest”, “financial interest”, and “funder role” are defined differently across journals, funders, and institutions, and that inconsistency makes a single author’s obligations hard to reconcile. A shared, federated vocabulary that defines these terms precisely — pointing back to ICMJE for the publication standard and to funder and institutional policy for the regulatory layer — is what lets one disclosure serve several systems coherently. Supplying that definitional layer is the role the CASRAI dictionary is designed to play; the relevant terms sit in the compliance-and-regulatory domain.

    Related reading

  • Green, gold and diamond open access: routes explained

    “Is it open access?” sounds like a yes-or-no question, but open access is not one thing. It is a set of distinct routes — conventionally labelled by colour — that differ in who pays, what licence applies, where the work lives, and, crucially, who is included or excluded by the economics. Those differences are not technicalities: they determine whether open access widens participation in scholarship or quietly reproduces existing inequities. That is why the routes belong in the knowledge-equity domain. For the plain-language starting point, see What is open access?

    First, what open access actually means

    True open access is more than “free to read”. It means a work is freely available online and carries reuse rights, normally via a Creative Commons licence — most often CC BY. The reuse rights are the part people forget: a paywalled article temporarily made free, or a PDF posted with all rights reserved, is free-to-read but not openly licensed, and so not fully open access. Holding that distinction in mind is what makes the colour scheme legible, because the colours differ precisely on the licence-and-venue axis.

    The two foundational routes

    Green open access — self-archiving

    Green open access is achieved by the author depositing a version of the manuscript in a repository — an institutional repository or a subject repository — making it freely accessible independently of the publisher’s paywall. Typically the deposited version is the accepted manuscript (the peer-reviewed, pre-typeset version), and access is sometimes subject to a publisher embargo before it can be made public. Green’s great virtue is that it costs the author nothing and works alongside any journal: the article can appear in a subscription journal while a green copy sits openly in a repository. Its limitation is that the openly available version may not be the formatted version of record, and embargoes delay access.

    Gold open access — open at the publisher

    Gold open access means the version of record is made openly available immediately at the publisher, under an open licence, on the journal’s own site. The question gold raises is who pays for it. In many gold journals the cost is recovered through an Article Processing Charge (APC) — a fee, often substantial, charged to the author or their funder. This is where the equity problem bites: an APC-funded gold model can simply move the barrier from the reader to the author, excluding researchers without grants or institutional funds, and bearing hardest on those in lower-income settings. APC waivers exist to mitigate this, but they are a patch on a model whose default is pay-to-publish.

    Diamond: open with no charge to anyone

    Diamond (or platinum) open access is the model that breaks the pay-to-publish bind: the version of record is openly available immediately, under an open licence, with no charge to authors or readers. Costs are met by the community — typically through institutional, library, scholarly-society, or public funding of the publishing infrastructure itself, rather than per-article fees. Diamond is the model most aligned with knowledge equity, because it removes the barrier at both ends: nobody pays to read, and nobody pays to publish. Much of it operates outside the large commercial publishers, and a substantial share of the world’s diamond journals are run by scholarly communities and supported by regional infrastructures — the Latin American platforms SciELO, Redalyc, Latindex, and the AmeliCA initiative being prominent examples of community-owned, fee-free publishing at scale. Diamond’s challenge is sustainability: it depends on continued collective funding rather than a per-article revenue stream.

    The other colours, briefly

    • Bronze — free to read on the publisher’s site but without an open licence. The publisher can withdraw access at any time, and reuse rights are absent. Bronze is free-to-read, not genuinely open.
    • Hybrid — a subscription journal that offers individual articles as gold (usually for an APC) while the rest of the journal stays behind a paywall. Hybrid is widely criticised for “double dipping”, where institutions pay both subscriptions and APCs.
    • Black — articles obtained through unauthorised channels. This is not a publishing model and not a route an author chooses; it is mentioned only because the term circulates.

    How Plan S reshaped the landscape

    The policy backdrop to all of this is Plan S, the initiative led by the funder coalition cOAlition S, which requires that research it funds be made openly available immediately, with no embargo, under an open licence (CC BY by default). Plan S deliberately accepts multiple compliant routes — gold in a fully open-access journal, green via immediate repository deposit under a rights-retention strategy, or publication in a diamond venue — while explicitly disfavouring hybrid as a long-term destination. Its mechanism for the transition was the transformative agreement, a deal between institutions and publishers (often called read-and-publish) intended to convert subscription spend into open-access publishing and shift journals toward full openness over a defined period. Whether transformative agreements are a bridge to a fully open future or a way of entrenching incumbent publishers’ revenues is one of the live debates in the field.

    Choosing a route

    1. Check your funder’s requirements first. If you are bound by Plan S or a similar policy, the compliant routes — immediate gold, compliant green, or diamond — are defined for you, and an embargoed green copy may not satisfy them.
    2. Prefer routes that do not price out colleagues. Where a strong diamond venue exists for your field, it is the most equitable choice. Where gold is the route, check for fee waivers.
    3. Always secure an open licence, not just free-to-read. A CC BY (or funder-mandated) licence is what makes the work genuinely open and reusable.
    4. Use green to complement, not as an afterthought. Even when you publish gold or diamond, depositing in your institutional repository improves discoverability and preservation.

    Where shared vocabulary fits

    “Open access”, “gold”, “green”, “diamond”, “APC”, and “transformative agreement” are used inconsistently across funders, publishers, and institutions, which makes a single open-access policy hard to apply across systems. A shared, federated vocabulary that defines these routes precisely — pointing back to cOAlition S for Plan S and to the recognised open-access definitions — is what lets a policy written for one context be understood in another. Supplying that definitional layer is the role the CASRAI dictionary is designed to play; the relevant terms sit in the knowledge-equity domain.

    Related reading

  • NSPM-33 Disclosure and Compliance: A Roadmap for US Research Security and Administrative Teams

    Introduction to NSPM-33 and Research Security

    National Security Presidential Memorandum 33 (NSPM-33) directs key United States federal funding agencies to establish unified, robust requirements for research security. Primarily targeting academic institutions receiving more than $50 million in annual federal research and development funding, NSPM-33 mandates the implementation of standardized disclosure requirements and formal Research Security Programs. For research administrators, compliance is a high-stakes endeavor—non-compliance risks the loss of millions in federal grants and severe reputational damage.

    This roadmap provides US research security teams with a step-by-step compliance guide, analyzing disclosure mandates, programmatic requirements, and technological solutions.

    Core Pillars of NSPM-33 Compliance

    The White House Office of Science and Technology Policy (OSTP) has organized NSPM-33 execution into two fundamental pillars: Disclosures and Institutional Programs.

    Pillar Key Requirements Primary Administrative Impact
    Unified Disclosures Standardized formats (SciENcv) for Biosketches, Current and Pending Support, and digital persistent identifiers (PIDs). Eliminates agency-specific variation; mandates complete disclosure of foreign affiliations and funding.
    Institutional Programs Formal research security programs addressing cybersecurity, foreign travel, export control, and insider threat training. Requires a designated Research Security Officer (RSO) and mandatory annual training for research staff.

    Standardizing Disclosures: The Role of SciENcv and PIDs

    To eliminate administrative complexity, NSPM-33 guidelines enforce the use of standardized digital formats across major federal agencies, including the NSF, NIH, DOE, and DoD:

    • SciENcv Integration: Investigators must use the Science Experts Network Curriculum Vitae (SciENcv) tool to generate Biosketches and Current and Pending Support documents. Hand-written or custom-formatted PDFs are no longer accepted.
    • Digital Persistent Identifiers (PIDs): The implementation guidelines highly encourage or mandate the use of authenticated persistent identifiers, such as ORCID iDs, to link researchers to their affiliations, grants, and publications. This digital lineage allows automated compliance checking and reduces the risk of omitted disclosures.
    • Failing to Disclose: Omissions—whether accidental or intentional—regarding foreign talent recruitment programs, international laboratory space, or non-monetary support (e.g., equipment, postdocs funded by external governments) are subject to civil and criminal penalties.

    Implementing a Certified Research Security Program

    For universities exceeding the $50M federal funding threshold, research administrators must implement and document a comprehensive Research Security Program covering four core areas:

    1. Cybersecurity Safeguards

    The institution must provide a secure IT network compliant with NIST SP 800-171 or CMMC standards. This includes multi-factor authentication, end-to-end data encryption for research data, and regular vulnerability scanning.

    2. Foreign Travel Security

    Establish travel registry policies requiring researchers to register international travel funded by federal grants. Provide mandatory pre-travel briefings, security training, and clean loaner devices (laptops/phones) for travel to high-risk nations.

    3. Export Control & Disclosure Oversight

    Implement rigorous export control protocols (covering ITAR and EAR) to track dual-use technologies, sensitive biological agents, and advanced aerospace designs. Insist on annual audits of international collaborative agreements.

    4. Insider Threat and Research Integrity Training

    Deploy mandatory training modules for all faculty, postdocs, and graduate students working on federal grants. The curriculum must cover intellectual property theft, ethical collaboration boundaries, and disclosure reporting mechanisms.

    Conclusion: Building a Culture of Trustworthy Science

    NSPM-33 compliance should not be viewed simply as a bureaucratic burden. When implemented correctly, a robust Research Security Program protects researchers’ intellectual property, safeguards tax-payer-funded discoveries, and ensures academic freedom is preserved. By leveraging modern digital tools like SciENcv, ORCID, and robust encryption protocols, US institutions can secure their research pipelines while maintaining their position as global leaders in scientific collaboration.

  • Implementing the CRediT Taxonomy: Practical Guide for Journals, Libraries, and Research Administrators

    Introduction to the Contributor Roles Taxonomy (CRediT)

    The traditional model of academic authorship—which ranks researchers in a linear sequence (first author, co-author, corresponding author)—fails to reflect the multi-faceted reality of modern scientific collaboration. Large-scale research requires specialized roles, including software development, data curation, project administration, and hardware calibration. To provide granular, machine-readable attribution, CASRAI pioneered and NISO standardized the CRediT Taxonomy (Contributor Roles Taxonomy), consisting of 14 distinct roles.

    This practical guide outlines how journals, research libraries, and university administrators can implement the CRediT Taxonomy to build transparent, equitable, and modern evaluation systems.

    The 14 CRediT Roles and Definitions

    To ensure high data quality, all stakeholders must understand and apply the 14 standardized roles consistently:

    CRediT Contributor Role Official Definition and Scope
    Conceptualization Ideas; formulation or evolution of overarching research goals and aims.
    Data Curation Management activities to annotate, scrub data and maintain research data.
    Formal Analysis Application of statistical, mathematical, computational, or other formal techniques to analyze study data.
    Funding Acquisition Acquisition of the financial support for the project leading to this publication.
    Investigation Conducting a research and investigation process, specifically performing the experiments, or data/evidence collection.
    Methodology Development or design of methodology; creation of models.
    Project Administration Management and coordination responsibility for the research activity planning and execution.
    Resources Provision of study materials, reagents, materials, patients, laboratory samples, animals, instrumentation, computing resources, or other analysis tools.
    Software Programming, software development; designing computer programs; implementing the computer code and supporting algorithms.
    Supervision Oversight and leadership responsibility for the research activity planning and execution, including mentorship external to the core team.
    Validation Verification, whether as a part of the activity or separate, of the overall replication/reproducibility of results/experiments.
    Visualization Preparation, creation and/or presentation of the published work, specifically data visualization/presentation.
    Writing – Original Draft Preparation, creation and/or presentation of the published work, specifically writing the initial draft.
    Writing – Review & Editing Preparation, creation and/or presentation of the published work by those from the original research group, specifically critical review, commentary or revision.

    Implementation Roadmap for Journals and Publishers

    For scholarly journals, capturing contributor roles during submission requires minor changes to editorial management software (e.g., Editorial Manager, ScholarOne, OJS):

    • Mandate at Submission: Require the corresponding author to assign one or more of the 14 CRediT roles to every listed author during the metadata entry phase. Authors can have multiple roles, and multiple authors can share the same role.
    • Integrate XML Metadata: Export the selected roles in the JATS XML format using the <contrib-group> tag attributes. This ensures indexers like PubMed, Crossref, and Scopus can harvest and display the contributor data programmatically.
    • Visible Authorship Statements: Render a clear, dedicated ‘Author Contributions’ section at the end of every PDF and HTML article layout, translating the XML metadata into human-readable text.

    The Role of Libraries and Administrators

    University libraries and research administrators can leverage CRediT metadata to drive fairer evaluation and protect research security:

    Improving Evaluation and Hiring

    By mapping CRediT data to university CRIS systems, promotion committees can look beyond traditional citation counts. For example, hiring committees can identify highly skilled research programmers or biostatisticians whose names appear in the middle of authorship lists but who executed 100% of the ‘Software’ and ‘Formal Analysis’ work.

    Strengthening Research Security

    With frameworks like NSPM-33 demanding complete transparency, CRediT profiles provide verified documentation of who funded, designed, and executed specific portions of international research collaborations, reducing risk and simplifying institutional audits.

    Conclusion: Modernizing Scholarly Collaboration

    The global adoption of the CRediT Taxonomy represents a vital step toward open, equitable, and transparent scholarship. By providing clear pathways for attribution, publishers and institutions can celebrate the diverse contributions of every research team member, incentivize reproducible science, and build a more robust, searchable historical record of scientific discovery.