Category: Guides & Explainers

Practical how-to guides, templates, checklists, and career pathways for research administrators, authors, and institutional teams.

  • Research-misconduct investigations: roles, due process and outcomes

    An allegation of research misconduct is one of the most serious events that can occur in academic life, and it is also one of the most easily mishandled. Handled badly, a process can punish the innocent, shield the culpable, or collapse on appeal because corners were cut. Handled well, it protects the research record while treating everyone involved fairly. The difference lies almost entirely in process: who does what, in what order, with what safeguards. This article walks through how misconduct investigations are structured, drawing on the framework defined in the research integrity domain of the CASRAI Dictionary and the procedural norms set out by bodies such as the Committee on Publication Ethics (COPE) and national oversight offices.

    What counts as research misconduct

    Most policies converge on a narrow core definition. Research misconduct is conventionally defined as fabrication (inventing data or results), falsification (manipulating research materials, equipment, processes, data or results so that the record is not accurately represented), and plagiarism (appropriating another person’s ideas, words or results without appropriate credit) — the three offences often abbreviated FFP. The standard formulation also requires that the act be committed intentionally, knowingly or recklessly, and the burden of proof typically rests on a balance of probabilities. Honest error and good-faith differences of scientific opinion are explicitly excluded; getting something wrong is not misconduct.

    It is worth distinguishing misconduct from the wider category of questionable research practices — things such as selective reporting or inappropriate authorship — which are corrosive but usually handled through institutional policy rather than a formal misconduct finding. Authorship disagreements in particular are better routed through the kind of dispute-resolution approach described in our guidance on resolving authorship disputes than through a misconduct process.

    The stages of a process

    A well-run process moves through recognisable phases. It begins with an allegation — a concern raised by a colleague, an editor, a reviewer or a member of the public. The first formal stage is an assessment or inquiry: a preliminary, often confidential, review to decide whether the allegation, if true, would constitute misconduct and whether there is enough substance to proceed. Many concerns are resolved here, either because they fall outside the definition or because they are quickly explained.

    If the inquiry finds the matter warrants it, the process escalates to a full investigation: a formal, evidence-gathering examination conducted by a panel, usually including members with relevant expertise and at least one person external to the immediate unit to guard against bias. The investigation gathers documents, examines original data, interviews witnesses and gives the respondent a structured opportunity to answer. It concludes with findings — a determination of whether misconduct occurred — and, where misconduct is found, a recommendation on outcomes. An appeal stage typically follows, allowing the respondent to challenge the finding on procedural or substantive grounds.

    The roles involved

    Several distinct roles keep the process fair. The complainant (or whistleblower) raises the concern and is entitled to protection from retaliation — a safeguard that good policies treat as non-negotiable, because without it concerns go unraised. The respondent is the person against whom the allegation is made and is entitled to the core elements of due process. The research integrity officer (or equivalent named individual) manages the process, ensures the policy is followed and maintains confidentiality. The inquiry and investigation panels do the fact-finding. Where journals are involved, editors and publishers have their own parallel responsibilities, guided by the COPE flowcharts, to correct the literature regardless of the institutional outcome.

    Why due process matters

    Due process is not a courtesy; it is what makes a finding defensible. Its essential elements are consistent across reputable frameworks: the respondent must be told the specific allegations against them; they must have a genuine opportunity to respond to the evidence; the people deciding must be impartial and free of conflicts of interest; the process must be confidential to protect reputations while it runs; and it must move within reasonable timeframes, because indefinite suspicion is itself a harm. A process that skips these steps risks two failures at once — an unjust outcome for the individual, and a finding so procedurally weak that it cannot withstand challenge and fails to protect the record.

    Outcomes and correcting the record

    Outcomes fall into two streams. Where misconduct is found, institutional sanctions may range from supervision and retraining through to disciplinary measures, and funders or oversight bodies may impose their own consequences. Separately, and importantly, the scholarly record must be corrected: affected publications may need correction, an expression of concern, or retraction. This second stream proceeds on the evidence about the publications themselves and does not simply wait on the disciplinary outcome, since the literature’s reliability is a public-interest matter distinct from any individual’s employment.

    Where an allegation is not upheld, the process has a final duty: to restore the respondent’s standing as far as possible and to ensure a good-faith complainant suffers no detriment for having raised it. A system that protects only the accused, or only the accuser, is not working. The thread running through all of it — clear definitions, staged process, defined roles, procedural fairness, and a duty to the record — is what lets an institution act decisively without acting unjustly. Readers wanting the precise vocabulary can consult the CASRAI Dictionary, and those interested in how positive contribution is recorded alongside accountability may find the CRediT taxonomy a useful complement.

  • GDPR and research data: lawful bases, consent and pseudonymisation

    An enormous amount of research depends on data about people — their health, their behaviour, their genetics, their opinions, their lives. Wherever such data identify or could identify individuals, they fall within data protection law, and in Europe and the United Kingdom that law is the General Data Protection Regulation (GDPR), supplemented in the UK by the UK GDPR and the Data Protection Act 2018. For researchers the GDPR is sometimes experienced as a thicket of obligations. But its core ideas are coherent, and it contains specific provisions designed to enable responsible research rather than obstruct it. Understanding lawful bases, the special rules for sensitive data, the research exemptions, and the distinction between anonymisation and pseudonymisation is part of doing data-driven research properly. This article offers an orientation, drawing on the compliance and regulatory domain of the CASRAI Dictionary. It is general guidance, not legal advice.

    You need a lawful basis

    The first principle is that processing personal data is not permitted by default; it requires a lawful basis. Article 6 of the GDPR sets out the possible bases, several of which can be relevant to research. Many researchers assume the answer is always consent, but for research by public institutions a basis such as the performance of a task carried out in the public interest is often more appropriate. The choice matters because different bases carry different consequences for the rights individuals can exercise. The key point is that a researcher must be able to identify and justify the lawful basis on which they process personal data — good intentions and scientific value do not by themselves make processing lawful.

    Special category data and Article 9

    Much research data is not merely personal but sensitive — data about health, genetics, ethnicity, sexual life, religious or political beliefs, and so on. The GDPR calls these special categories and gives them extra protection under Article 9, which prohibits their processing unless a specific additional condition is met. Among those conditions are explicit consent and, importantly for research, processing necessary for scientific research purposes subject to appropriate safeguards. This means that to process sensitive data lawfully, a researcher must satisfy both a lawful basis under Article 6 and a condition under Article 9. The heightened protection reflects the heightened risk: misuse of health or genetic data can cause serious harm, and the law accordingly demands a stronger justification and stronger safeguards before such data may be used.

    The research provisions

    The GDPR explicitly recognises the value of research and contains provisions, centred on Article 89, intended to facilitate it while protecting individuals. These measures allow certain flexibilities under conditions — for example, data collected for one purpose may in some circumstances be further processed for scientific research without that being treated as incompatible with the original purpose, and certain individual rights may be adjusted where they would seriously impair research objectives. Crucially, these provisions are not a free pass. They are conditioned on appropriate safeguards for the rights and freedoms of individuals — safeguards that the regulation specifically associates with techniques such as data minimisation and, prominently, pseudonymisation. The research exemptions, in other words, come bundled with the expectation that researchers will take concrete measures to protect the people in their data.

    Anonymisation versus pseudonymisation

    One distinction does more practical work in research than almost any other, and it is frequently misunderstood: the difference between anonymisation and pseudonymisation.

    • Anonymisation means rendering data such that individuals are no longer identifiable, by anyone, taking account of all means reasonably likely to be used. Genuinely anonymous data falls outside the scope of the GDPR altogether, because it is no longer personal data. Achieving true anonymisation is harder than it sounds, because seemingly innocuous combinations of fields can re-identify people.
    • Pseudonymisation means processing data so that it can no longer be attributed to an individual without additional information — for example, replacing names with a code, while keeping the key that links code to identity separate and secure. Pseudonymised data remains personal data and remains within the GDPR’s scope, because re-identification is still possible with the key.

    The error to avoid is treating pseudonymised data as if it were anonymous and therefore outside the law. Pseudonymisation is a valuable safeguard — indeed the GDPR commends it — but it reduces risk rather than removing the data from regulation. Knowing which one you have done determines what obligations still apply.

    Accountability and impact assessments

    The GDPR is built on accountability: it is not enough to comply, one must be able to demonstrate compliance. For research using personal data this brings practical obligations — documenting the lawful basis and Article 9 condition, being transparent with participants, applying data minimisation, and securing the data. Where processing is likely to result in a high risk to individuals — as large-scale processing of sensitive data often will — a data protection impact assessment (DPIA) may be required, identifying the risks and planning mitigations before processing begins. The DPIA is not merely a form to file; it is the moment at which a team thinks systematically about how its use of personal data could affect people and how to reduce that effect.

    A consistent vocabulary for compliance

    Data protection touches institutions, funders, ethics committees and repositories alike, and for the relevant information to be handled consistently across them, the terms involved — lawful basis, consent type, special category, pseudonymised, anonymised, retention — must mean the same thing everywhere. That consistency is what the CASRAI Dictionary provides: a shared vocabulary so that the compliance metadata describing how personal data may be used is understood identically wherever it appears, supporting the broader machinery of research administration. And because stewarding personal data responsibly is genuine contribution, that work can be described within the same framework as any other — the CRediT taxonomy and its full set of contribution roles. The GDPR is not the enemy of research; properly understood, it is the framework within which research that depends on people’s data can be done in a way that keeps faith with them.

  • Conducting research-security risk assessments: proportionate due diligence

    Research-security policy can sound, to a working researcher, like a demand to treat every collaborator with suspicion and every international partnership as a threat. Understood properly, it is nearly the opposite. The aim of a research-security risk assessment is not to close doors but to open them with eyes open — to ask sensible, proportionate questions before entering a partnership, accepting funding or recruiting a colleague, so that genuine risks are identified and managed while the overwhelming majority of legitimate collaboration proceeds unimpeded. The skill lies in proportion: too little scrutiny leaves real risks unexamined, too much strangles the openness on which research thrives. This article looks at how institutions can build that proportionate assessment into their practice, through the research security domain of the CASRAI Dictionary.

    What a risk assessment is for

    A research-security risk assessment is a structured way of asking, before a commitment is made, whether a proposed partnership, funding source or appointment carries risks that need to be understood and managed. Those risks might include sensitive knowledge or technology being diverted to harmful ends, undisclosed conflicts of interest or commitment, or partnerships with entities whose affiliations warrant closer examination. The purpose is not to reach a verdict of “safe” or “dangerous” but to make an informed decision and proceed with confidence. Most assessments conclude that there is no significant concern, and that is a feature, not a failure — the process exists to distinguish the rare case that needs attention from the many that do not.

    Proportionality is the governing principle

    The single most important principle is proportionality. The depth of due diligence should match the level of risk, and most research carries little. A fundamental, openly published study with a long-standing academic partner needs nothing like the scrutiny appropriate to research in a sensitive area, involving technology with security implications, with a new and unfamiliar partner. Building proportionality into the process — through triage that applies light-touch checks to low-risk activity and reserves deeper examination for the genuinely sensitive — is what keeps research security workable. Without it, either everything receives burdensome scrutiny that researchers come to resent and evade, or nothing does. Proportionate assessment respects both the need for security and the value of open collaboration.

    UK Trusted Research guidance

    Institutions do not have to design this from nothing. In the United Kingdom, the Trusted Research guidance, developed by national security bodies including the agency now responsible for protective security advice and the National Cyber Security Centre, gives researchers and institutions practical help in identifying and managing the risks of international collaboration. Its framing is deliberately constructive: it is about helping researchers collaborate safely and protect their work, not about discouraging international partnership, which it explicitly recognises as essential to research. Trusted Research offers a model of how security guidance can support rather than obstruct, equipping researchers to ask the right questions and make sound judgements while keeping the door to collaboration open. It is a useful touchstone for what proportionate, supportive research security looks like in practice.

    Specific tools: ATAS and disclosure

    Within the wider landscape sit specific mechanisms that an assessment may engage. The Academic Technology Approval Scheme (ATAS) is a UK scheme requiring certain international students and researchers working in specified sensitive subject areas to obtain clearance before commencing their studies or work — a targeted control focused on areas where there is genuine proliferation concern, rather than a blanket restriction. Equally central is the disclosure of conflicts of interest and conflicts of commitment: requiring researchers to declare outside affiliations, funding, appointments and obligations, so that potential conflicts are visible and can be managed. Transparency through disclosure is one of the most effective and least intrusive security tools available, because it surfaces the information needed to assess risk without presuming bad faith. These mechanisms are pieces of a proportionate system, applied where relevant rather than universally.

    The wider policy context

    Research-security risk assessment also responds to expectations set by funders and governments. In the United States, the policy framework known as NSPM-33 set out requirements for research-security programmes at institutions receiving federal funding, including expectations around disclosure and the protection of research. The detail of that framework, and of related concerns such as dual-use research and the cybersecurity of sensitive work, are addressed in our existing coverage of those topics; the point here is that institutional risk assessment is the practical mechanism through which such expectations are met. A research-security programme is, in large part, the capacity to conduct proportionate due diligence consistently and well.

    Embedding assessment in research administration

    For risk assessment to work, it has to be part of the ordinary machinery of research administration rather than a special process invoked in alarm. Integrated into the points where commitments are made — partnership agreements, grant acceptance, recruitment — it becomes a routine, proportionate check rather than a disruptive intervention, and it draws on information institutions already gather. This integration is the concern of our research administration resources: building security-mindedness into normal processes so that it supports good decisions rather than obstructing them. Done well, assessment is largely invisible to the researcher whose work poses no concern, and genuinely helpful to the one whose work does.

    A consistent vocabulary for risk and disclosure

    For risk assessment to function across institutions, funders and partners, the information involved — disclosure categories, risk levels, affiliation and conflict information — must be described consistently, or an assessment in one context will be misread in another. That consistency is what the CASRAI Dictionary provides: a shared vocabulary so that the information underpinning research-security decisions is understood the same way wherever it is recorded. And because the people and contributions involved are part of the research record, they can be described in the same shared framework — the CRediT taxonomy and its full set of contribution roles. Research security, done proportionately, is not a barrier to collaboration but a way of protecting the collaboration that matters — asking the right questions so the lab door can stay open.

  • Greening the lab: practical steps toward sustainable research

    A research laboratory is, by floor area, one of the most resource-hungry spaces a university operates. A typical lab can consume several times the energy of an equivalent office, runs equipment around the clock, gets through single-use plastics at a startling rate, and depends on fume hoods and freezers whose appetite for power is easy to overlook. None of this is incidental to research; it is the cost of doing it. But a great deal of that cost is avoidable without compromising scientific quality, and the case for reducing it is now both environmental and financial. This article sets out the practical steps that make a measurable difference, framed by the concepts in the sustainable research domain of the CASRAI Dictionary.

    Where a lab’s footprint comes from

    Before changing anything, it helps to know where the impact actually sits. The largest contributors are usually energy — for HVAC, fume-hood ventilation, and cold storage — followed by consumables, particularly single-use plastics, and then the embodied impact of equipment, chemicals and reagents. Two pieces of equipment deserve special mention. Fume hoods can dominate a lab’s energy use because they continuously exhaust conditioned air; a single hood left open can use as much energy as several homes. Ultra-low temperature (ULT) freezers, typically run at around minus eighty degrees Celsius, are individually among the most power-hungry items in any building, and a building full of them adds up quickly.

    Knowing this changes priorities. A campaign to reduce printing is well-meant but trivial next to managing fume-hood sashes and freezer temperatures, which is where the energy genuinely is.

    Two frameworks that structure the effort

    Two community frameworks have become the common reference points for lab sustainability, and both work by making good practice concrete and recognised rather than aspirational.

    • LEAF — the Laboratory Efficiency Assessment Framework, developed at University College London — gives labs a structured set of actions across energy, waste, water, procurement and research quality, organised into bronze, silver and gold tiers. Crucially it pairs actions with calculators that estimate the carbon and financial savings, so a lab can see what its changes are worth.
    • My Green Lab offers a green-lab certification used internationally, assessing actual lab practices and behaviours, and also runs programmes such as the ACT environmental-impact labelling of laboratory products, which helps buyers compare the sustainability of what they purchase.

    The value of both is the same: they turn ‘be more sustainable’ into a checklist of specific, evidenced steps, with recognition for completing them. That structure is what carries an initiative past the enthusiasm of a few individuals into something a whole department sustains.

    Practical steps that actually move the needle

    The highest-yield actions are unglamorous. On energy: keep fume-hood sashes closed when not in use — the single most effective behavioural change in many labs; switch off equipment that does not need to run overnight; and consolidate cold storage. On ULT freezers specifically, three measures stand out: raising set-points where the science allows (the difference between minus eighty and minus seventy can cut energy substantially while remaining safe for many samples), regular defrosting and coil cleaning to maintain efficiency, and a sample-management discipline so that freezers are not running to preserve material no one will ever use.

    On consumables, reducing single-use plastics where sterile single-use is not genuinely required, and joining glassware-washing or pipette-tip recycling schemes, addresses a visible and persistent waste stream. On procurement, choosing equipment and reagents with lower environmental impact — using labelling such as ACT to compare — builds sustainability into the supply chain rather than treating it as an afterthought. And on shared resources, pooling equipment across groups reduces the embodied impact of buying duplicate instruments that each sit idle most of the time.

    Understanding greenhouse-gas scopes

    To report progress credibly, it helps to understand how emissions are categorised under the Greenhouse Gas Protocol, because institutional reporting increasingly uses this language. Scope 1 covers direct emissions from sources an organisation owns or controls — for a lab, this includes things burned on site and certain process and refrigerant emissions. Scope 2 covers indirect emissions from purchased energy, principally electricity — which is where most of a lab’s energy footprint lands. Scope 3 covers all other indirect emissions in the value chain, including purchased goods and services, the manufacture of equipment and consumables, waste disposal and business travel — and for research, Scope 3 is frequently the largest and hardest-to-measure category.

    The practical lesson is that lab efficiency mostly reduces Scope 2 (energy) directly, while procurement choices and reduced consumption chip away at Scope 3. A lab that wants to report honestly should be clear about which scope a given action affects, rather than claiming everything as a single undifferentiated saving.

    Sustainability as part of research quality

    The most durable framing treats environmental responsibility not as a constraint on research but as part of doing it well — alongside reproducibility, good data management and proper resource stewardship. Many of the same disciplines overlap: a lab that manages its samples carefully wastes less freezer energy and produces more reproducible work; a group that shares equipment and documents its methods is both leaner and more rigorous. Recording these practices and the people who lead them, including through structured contribution captured in the CRediT taxonomy, helps make sustainability a recognised part of the research record rather than invisible goodwill. The consistent vocabulary for describing sustainable-research practices and metrics is maintained in the CASRAI Dictionary, so that a lab’s progress can be reported and compared meaningfully.

  • Conflict-of-interest disclosure: a practical guide for authors

    Conflict-of-interest disclosure is one of the most misunderstood obligations in research publishing. Authors often treat it as an accusation to be avoided — as if declaring an interest were an admission of bias. It is the opposite. Disclosure exists to protect the reader, and a declared interest is a sign of good faith, not of wrongdoing. This guide explains what counts as a competing interest, how the standard disclosure model works, and how this declaration fits alongside the other statements an author now makes. It connects to the author-side declarations described at the author statement and the parallel disclosure covered in the AI-use disclosure guidance.

    What a conflict of interest actually is

    A conflict of interest — many journals prefer the less loaded term competing interest — exists when a secondary interest could, in a reasonable observer’s view, improperly influence the conduct or reporting of research. The key word is could. A conflict is about the potential for influence, not proof that influence occurred. You do not need to believe your judgment was actually affected; you need only recognise that an outside reader, knowing the interest, might reasonably weigh your conclusions differently. That is why disclosure is the remedy: it hands the reader the information they need to make that judgment for themselves.

    Conflicts come in several forms, and all are disclosable:

    • Financial interests: research funding, consultancy or speaker fees, employment, stock or equity, patents and royalties, paid expert testimony, and gifts. Financial interests are the most scrutinised because they are the most measurable.
    • Personal and professional relationships: close personal ties, rivalries, or affiliations that could shape how the work is reported or reviewed.
    • Intellectual or academic commitments: strongly held prior positions, or a role advocating for a particular view, that a reader might reasonably want to know about.
    • Institutional interests: interests held by the author’s employer that bear on the work.

    The standard: the ICMJE disclosure model

    The dominant framework in biomedical and much of STEM publishing comes from the International Committee of Medical Journal Editors (ICMJE), whose recommendations include a standard disclosure approach now adopted very widely. Its design has two features worth understanding.

    First, it asks each author to disclose individually. A competing interest belongs to a person, so every named author completes their own declaration rather than the corresponding author guessing on the others’ behalf. Second, it asks about a defined recent window — the ICMJE form covers interests over the preceding 36 months — rather than leaving “relevant” to the author’s discretion. Bounding the question makes disclosure more consistent and harder to under-report by omission.

    The ICMJE model also asks specifically about the relationship between any interest and the submitted work: money paid to you or your institution, the role of any funder in the study’s design, conduct, or reporting, and so on. The point is to surface not just that an interest exists but how it connects to this particular paper.

    How to approach your own disclosure

    1. Disclose when in doubt. The cost of declaring an interest that turns out to be immaterial is essentially nil; the cost of an undisclosed interest that later surfaces is serious — corrections, expressions of concern, and reputational damage. Asymmetry of risk argues for over-disclosure.
    2. Disclose interests, not just judgments about them. It is not your job to decide whether an interest biased you. State the interest and let editors and readers weigh it.
    3. Cover the defined window for every author. Circulate the disclosure question to all co-authors and collect each person’s declaration against the same time frame.
    4. Name the funder and its role. Funding is a competing interest, and readers are entitled to know whether the funder shaped the design, analysis, or decision to publish. “The funder had no role in…” is itself a meaningful disclosure.
    5. Keep it current. If an interest arises between submission and publication, update the declaration.

    A useful test: imagine the interest being revealed after publication by someone else. If that revelation would embarrass you or undermine trust in the work, it should have been disclosed. Disclose it now.

    Where COI sits among an author’s disclosures

    Competing-interests disclosure is now one of a small family of declarations an author makes at submission, and it helps to see them together. The contribution statement records who did what. The AI-use disclosure records which tools were used and where. The competing-interests declaration records what might bias the reporting. Each answers a different transparency question, and none substitutes for another: a thorough contribution statement does not excuse an undisclosed financial interest, and a clean competing-interests declaration says nothing about contribution. Treat them as a set, completed deliberately rather than copied from a previous paper.

    A note on funding bodies and institutions

    Disclosure obligations do not stop at the journal. Many funders and most institutions operate their own financial conflict-of-interest policies, often with formal thresholds and an annual reporting cycle. These are separate from the publication declaration and can be more demanding. An author with significant financial interests should assume that the institutional disclosure and the journal disclosure are both required, and that they should tell a consistent story.

    Where shared vocabulary fits

    “Conflict of interest”, “competing interest”, “financial interest”, and “funder role” are defined differently across journals, funders, and institutions, and that inconsistency makes a single author’s obligations hard to reconcile. A shared, federated vocabulary that defines these terms precisely — pointing back to ICMJE for the publication standard and to funder and institutional policy for the regulatory layer — is what lets one disclosure serve several systems coherently. Supplying that definitional layer is the role the CASRAI dictionary is designed to play; the relevant terms sit in the compliance-and-regulatory domain.

    Related reading

  • Green, gold and diamond open access: routes explained

    “Is it open access?” sounds like a yes-or-no question, but open access is not one thing. It is a set of distinct routes — conventionally labelled by colour — that differ in who pays, what licence applies, where the work lives, and, crucially, who is included or excluded by the economics. Those differences are not technicalities: they determine whether open access widens participation in scholarship or quietly reproduces existing inequities. That is why the routes belong in the knowledge-equity domain. For the plain-language starting point, see What is open access?

    First, what open access actually means

    True open access is more than “free to read”. It means a work is freely available online and carries reuse rights, normally via a Creative Commons licence — most often CC BY. The reuse rights are the part people forget: a paywalled article temporarily made free, or a PDF posted with all rights reserved, is free-to-read but not openly licensed, and so not fully open access. Holding that distinction in mind is what makes the colour scheme legible, because the colours differ precisely on the licence-and-venue axis.

    The two foundational routes

    Green open access — self-archiving

    Green open access is achieved by the author depositing a version of the manuscript in a repository — an institutional repository or a subject repository — making it freely accessible independently of the publisher’s paywall. Typically the deposited version is the accepted manuscript (the peer-reviewed, pre-typeset version), and access is sometimes subject to a publisher embargo before it can be made public. Green’s great virtue is that it costs the author nothing and works alongside any journal: the article can appear in a subscription journal while a green copy sits openly in a repository. Its limitation is that the openly available version may not be the formatted version of record, and embargoes delay access.

    Gold open access — open at the publisher

    Gold open access means the version of record is made openly available immediately at the publisher, under an open licence, on the journal’s own site. The question gold raises is who pays for it. In many gold journals the cost is recovered through an Article Processing Charge (APC) — a fee, often substantial, charged to the author or their funder. This is where the equity problem bites: an APC-funded gold model can simply move the barrier from the reader to the author, excluding researchers without grants or institutional funds, and bearing hardest on those in lower-income settings. APC waivers exist to mitigate this, but they are a patch on a model whose default is pay-to-publish.

    Diamond: open with no charge to anyone

    Diamond (or platinum) open access is the model that breaks the pay-to-publish bind: the version of record is openly available immediately, under an open licence, with no charge to authors or readers. Costs are met by the community — typically through institutional, library, scholarly-society, or public funding of the publishing infrastructure itself, rather than per-article fees. Diamond is the model most aligned with knowledge equity, because it removes the barrier at both ends: nobody pays to read, and nobody pays to publish. Much of it operates outside the large commercial publishers, and a substantial share of the world’s diamond journals are run by scholarly communities and supported by regional infrastructures — the Latin American platforms SciELO, Redalyc, Latindex, and the AmeliCA initiative being prominent examples of community-owned, fee-free publishing at scale. Diamond’s challenge is sustainability: it depends on continued collective funding rather than a per-article revenue stream.

    The other colours, briefly

    • Bronze — free to read on the publisher’s site but without an open licence. The publisher can withdraw access at any time, and reuse rights are absent. Bronze is free-to-read, not genuinely open.
    • Hybrid — a subscription journal that offers individual articles as gold (usually for an APC) while the rest of the journal stays behind a paywall. Hybrid is widely criticised for “double dipping”, where institutions pay both subscriptions and APCs.
    • Black — articles obtained through unauthorised channels. This is not a publishing model and not a route an author chooses; it is mentioned only because the term circulates.

    How Plan S reshaped the landscape

    The policy backdrop to all of this is Plan S, the initiative led by the funder coalition cOAlition S, which requires that research it funds be made openly available immediately, with no embargo, under an open licence (CC BY by default). Plan S deliberately accepts multiple compliant routes — gold in a fully open-access journal, green via immediate repository deposit under a rights-retention strategy, or publication in a diamond venue — while explicitly disfavouring hybrid as a long-term destination. Its mechanism for the transition was the transformative agreement, a deal between institutions and publishers (often called read-and-publish) intended to convert subscription spend into open-access publishing and shift journals toward full openness over a defined period. Whether transformative agreements are a bridge to a fully open future or a way of entrenching incumbent publishers’ revenues is one of the live debates in the field.

    Choosing a route

    1. Check your funder’s requirements first. If you are bound by Plan S or a similar policy, the compliant routes — immediate gold, compliant green, or diamond — are defined for you, and an embargoed green copy may not satisfy them.
    2. Prefer routes that do not price out colleagues. Where a strong diamond venue exists for your field, it is the most equitable choice. Where gold is the route, check for fee waivers.
    3. Always secure an open licence, not just free-to-read. A CC BY (or funder-mandated) licence is what makes the work genuinely open and reusable.
    4. Use green to complement, not as an afterthought. Even when you publish gold or diamond, depositing in your institutional repository improves discoverability and preservation.

    Where shared vocabulary fits

    “Open access”, “gold”, “green”, “diamond”, “APC”, and “transformative agreement” are used inconsistently across funders, publishers, and institutions, which makes a single open-access policy hard to apply across systems. A shared, federated vocabulary that defines these routes precisely — pointing back to cOAlition S for Plan S and to the recognised open-access definitions — is what lets a policy written for one context be understood in another. Supplying that definitional layer is the role the CASRAI dictionary is designed to play; the relevant terms sit in the knowledge-equity domain.

    Related reading

  • NSPM-33 Disclosure and Compliance: A Roadmap for US Research Security and Administrative Teams

    Introduction to NSPM-33 and Research Security

    National Security Presidential Memorandum 33 (NSPM-33) directs key United States federal funding agencies to establish unified, robust requirements for research security. Primarily targeting academic institutions receiving more than $50 million in annual federal research and development funding, NSPM-33 mandates the implementation of standardized disclosure requirements and formal Research Security Programs. For research administrators, compliance is a high-stakes endeavor—non-compliance risks the loss of millions in federal grants and severe reputational damage.

    This roadmap provides US research security teams with a step-by-step compliance guide, analyzing disclosure mandates, programmatic requirements, and technological solutions.

    Core Pillars of NSPM-33 Compliance

    The White House Office of Science and Technology Policy (OSTP) has organized NSPM-33 execution into two fundamental pillars: Disclosures and Institutional Programs.

    Pillar Key Requirements Primary Administrative Impact
    Unified Disclosures Standardized formats (SciENcv) for Biosketches, Current and Pending Support, and digital persistent identifiers (PIDs). Eliminates agency-specific variation; mandates complete disclosure of foreign affiliations and funding.
    Institutional Programs Formal research security programs addressing cybersecurity, foreign travel, export control, and insider threat training. Requires a designated Research Security Officer (RSO) and mandatory annual training for research staff.

    Standardizing Disclosures: The Role of SciENcv and PIDs

    To eliminate administrative complexity, NSPM-33 guidelines enforce the use of standardized digital formats across major federal agencies, including the NSF, NIH, DOE, and DoD:

    • SciENcv Integration: Investigators must use the Science Experts Network Curriculum Vitae (SciENcv) tool to generate Biosketches and Current and Pending Support documents. Hand-written or custom-formatted PDFs are no longer accepted.
    • Digital Persistent Identifiers (PIDs): The implementation guidelines highly encourage or mandate the use of authenticated persistent identifiers, such as ORCID iDs, to link researchers to their affiliations, grants, and publications. This digital lineage allows automated compliance checking and reduces the risk of omitted disclosures.
    • Failing to Disclose: Omissions—whether accidental or intentional—regarding foreign talent recruitment programs, international laboratory space, or non-monetary support (e.g., equipment, postdocs funded by external governments) are subject to civil and criminal penalties.

    Implementing a Certified Research Security Program

    For universities exceeding the $50M federal funding threshold, research administrators must implement and document a comprehensive Research Security Program covering four core areas:

    1. Cybersecurity Safeguards

    The institution must provide a secure IT network compliant with NIST SP 800-171 or CMMC standards. This includes multi-factor authentication, end-to-end data encryption for research data, and regular vulnerability scanning.

    2. Foreign Travel Security

    Establish travel registry policies requiring researchers to register international travel funded by federal grants. Provide mandatory pre-travel briefings, security training, and clean loaner devices (laptops/phones) for travel to high-risk nations.

    3. Export Control & Disclosure Oversight

    Implement rigorous export control protocols (covering ITAR and EAR) to track dual-use technologies, sensitive biological agents, and advanced aerospace designs. Insist on annual audits of international collaborative agreements.

    4. Insider Threat and Research Integrity Training

    Deploy mandatory training modules for all faculty, postdocs, and graduate students working on federal grants. The curriculum must cover intellectual property theft, ethical collaboration boundaries, and disclosure reporting mechanisms.

    Conclusion: Building a Culture of Trustworthy Science

    NSPM-33 compliance should not be viewed simply as a bureaucratic burden. When implemented correctly, a robust Research Security Program protects researchers’ intellectual property, safeguards tax-payer-funded discoveries, and ensures academic freedom is preserved. By leveraging modern digital tools like SciENcv, ORCID, and robust encryption protocols, US institutions can secure their research pipelines while maintaining their position as global leaders in scientific collaboration.

  • Implementing the CRediT Taxonomy: Practical Guide for Journals, Libraries, and Research Administrators

    Introduction to the Contributor Roles Taxonomy (CRediT)

    The traditional model of academic authorship—which ranks researchers in a linear sequence (first author, co-author, corresponding author)—fails to reflect the multi-faceted reality of modern scientific collaboration. Large-scale research requires specialized roles, including software development, data curation, project administration, and hardware calibration. To provide granular, machine-readable attribution, CASRAI pioneered and NISO standardized the CRediT Taxonomy (Contributor Roles Taxonomy), consisting of 14 distinct roles.

    This practical guide outlines how journals, research libraries, and university administrators can implement the CRediT Taxonomy to build transparent, equitable, and modern evaluation systems.

    The 14 CRediT Roles and Definitions

    To ensure high data quality, all stakeholders must understand and apply the 14 standardized roles consistently:

    CRediT Contributor Role Official Definition and Scope
    Conceptualization Ideas; formulation or evolution of overarching research goals and aims.
    Data Curation Management activities to annotate, scrub data and maintain research data.
    Formal Analysis Application of statistical, mathematical, computational, or other formal techniques to analyze study data.
    Funding Acquisition Acquisition of the financial support for the project leading to this publication.
    Investigation Conducting a research and investigation process, specifically performing the experiments, or data/evidence collection.
    Methodology Development or design of methodology; creation of models.
    Project Administration Management and coordination responsibility for the research activity planning and execution.
    Resources Provision of study materials, reagents, materials, patients, laboratory samples, animals, instrumentation, computing resources, or other analysis tools.
    Software Programming, software development; designing computer programs; implementing the computer code and supporting algorithms.
    Supervision Oversight and leadership responsibility for the research activity planning and execution, including mentorship external to the core team.
    Validation Verification, whether as a part of the activity or separate, of the overall replication/reproducibility of results/experiments.
    Visualization Preparation, creation and/or presentation of the published work, specifically data visualization/presentation.
    Writing – Original Draft Preparation, creation and/or presentation of the published work, specifically writing the initial draft.
    Writing – Review & Editing Preparation, creation and/or presentation of the published work by those from the original research group, specifically critical review, commentary or revision.

    Implementation Roadmap for Journals and Publishers

    For scholarly journals, capturing contributor roles during submission requires minor changes to editorial management software (e.g., Editorial Manager, ScholarOne, OJS):

    • Mandate at Submission: Require the corresponding author to assign one or more of the 14 CRediT roles to every listed author during the metadata entry phase. Authors can have multiple roles, and multiple authors can share the same role.
    • Integrate XML Metadata: Export the selected roles in the JATS XML format using the <contrib-group> tag attributes. This ensures indexers like PubMed, Crossref, and Scopus can harvest and display the contributor data programmatically.
    • Visible Authorship Statements: Render a clear, dedicated ‘Author Contributions’ section at the end of every PDF and HTML article layout, translating the XML metadata into human-readable text.

    The Role of Libraries and Administrators

    University libraries and research administrators can leverage CRediT metadata to drive fairer evaluation and protect research security:

    Improving Evaluation and Hiring

    By mapping CRediT data to university CRIS systems, promotion committees can look beyond traditional citation counts. For example, hiring committees can identify highly skilled research programmers or biostatisticians whose names appear in the middle of authorship lists but who executed 100% of the ‘Software’ and ‘Formal Analysis’ work.

    Strengthening Research Security

    With frameworks like NSPM-33 demanding complete transparency, CRediT profiles provide verified documentation of who funded, designed, and executed specific portions of international research collaborations, reducing risk and simplifying institutional audits.

    Conclusion: Modernizing Scholarly Collaboration

    The global adoption of the CRediT Taxonomy represents a vital step toward open, equitable, and transparent scholarship. By providing clear pathways for attribution, publishers and institutions can celebrate the diverse contributions of every research team member, incentivize reproducible science, and build a more robust, searchable historical record of scientific discovery.

  • Data availability statements: what to write and where to deposit

    Most journals now ask for a data availability statement, and most authors now write one. Far fewer write one that does what it is meant to do. The phrase “data are available from the authors on reasonable request” has become the default, yet study after study has found that requests against such statements frequently go unanswered — which means the statement records an intention rather than a reality. This guide covers what to write, where to put the data, and how to make a statement that is true. It builds on the foundations in the data-infrastructure domain and connects to the practices described in the reproducibility domain.

    What a data availability statement is for

    A data availability statement (sometimes a data accessibility statement) tells a reader where the data underlying a publication can be found, under what conditions, and — where access is restricted — why. Its purpose is to make the evidential basis of the work locatable and, where ethically possible, reusable. It is the public-facing expression of the principle that a published claim should be checkable against the data behind it. A good statement is specific: it names a repository, gives an identifier, and states the access conditions plainly.

    Make the data FAIR first, then describe it

    The statement is downstream of a deposit decision, so the deposit is where the real work happens. The widely adopted reference point is the FAIR principles — that data should be Findable, Accessible, Interoperable, and Reusable. FAIR is frequently misread as “open”, and the distinction matters: FAIR does not require data to be public. It requires that data be findable (with a persistent identifier and rich metadata), accessible (retrievable by a clear, possibly authenticated, protocol), interoperable (using shared formats and vocabularies), and reusable (with a clear licence and provenance). Sensitive data can be FAIR while remaining access-controlled — the metadata is open and findable even where the data themselves are not.

    Practically, making data FAIR before you write the statement means:

    • Deposit in a repository that mints a persistent identifier — typically a DataCite DOI — so the data are citable and resolvable independently of the article.
    • Describe the data with structured metadata, not just a filename, so they can be found and understood by someone who did not produce them.
    • Attach an explicit licence (for example a Creative Commons licence for open data) so reuse conditions are unambiguous.
    • Use community formats and vocabularies where they exist, so the data interoperate with other datasets in the field.

    Choosing where to deposit: domain first, generalist as fallback

    Where to put the data is the decision that most shapes their long-term value. The general rule is to prefer a domain repository where a recognised one exists for your data type, and to use a generalist repository otherwise.

    Domain repositories

    A domain (or discipline-specific) repository is built around a particular kind of data and enforces the community’s metadata standards — GenBank for nucleotide sequences, the PDB for protein structures, and many others. Depositing here means your data sit alongside comparable datasets, are described to a standard your field already reads, and are discoverable by the people most likely to reuse them. Where your field expects deposit in a specific repository, that expectation is effectively mandatory and should be your first choice.

    Generalist repositories

    Where no suitable domain repository exists, a generalist repository — Zenodo, Figshare, Dryad and others — accepts data of any type, mints a DOI, and supports structured metadata and licensing. Generalists are the right home for the long tail of data that no specialised archive covers.

    A note on trust

    Whichever route you take, prefer a trusted digital repository — one assessed against a recognised standard such as CoreTrustSeal — over ad-hoc hosting. A repository’s job is long-term preservation and stable resolution; a personal website or a generic file-sharing link offers neither, and a link that has rotted makes a data availability statement worse than useless. Institutional and supplementary-file hosting can be acceptable, but the persistence commitment is what matters.

    Writing the statement

    A strong statement names the repository, gives the identifier, and states the conditions. Some patterns:

    • Open deposit: “The data supporting this study are openly available in [repository] at [DOI], under a [licence].”
    • Controlled access: “The data are available from [repository / controlled-access archive] subject to [conditions, e.g. a data access committee], because they contain [reason, e.g. identifiable personal data]. Metadata are openly available at [DOI].”
    • Genuinely no new data: “No new data were generated; the study analysed [named existing datasets] available at [identifiers].”

    Avoid the bare “available on request” formulation wherever the data could instead be deposited. Where access genuinely must be restricted — for participant confidentiality, commercial sensitivity, or Indigenous data governance — say so, give the reason, name who controls access, and still publish open metadata so the dataset is findable. An honest restricted-access statement is far stronger than a vague promise of availability.

    Where shared vocabulary fits

    Terms like “available on request”, “restricted access”, “trusted repository”, and even “FAIR” are used inconsistently across journals and funders, which weakens the policies that depend on them. A shared, federated vocabulary that defines these precisely — pointing back to the FAIR principles and to certification schemes such as CoreTrustSeal — is what lets a statement written for one venue be understood by another. Supplying that definitional layer is the role the CASRAI dictionary is designed to play; the relevant terms sit in the data-infrastructure domain.

    Related reading

  • CRediT degree-of-contribution qualifiers: using lead, equal and supporting correctly

    Most researchers who have encountered the CRediT taxonomy know it as a list of fourteen contribution roles — Conceptualization, Methodology, Software, Investigation, Writing – original draft, and so on — that allows a paper to say who did what rather than relying on a bare author list. But there is a second dimension to CRediT that is less widely understood and frequently underused: the ability to attach a degree of contribution to each role. CRediT is not only about which roles a person played; it can also convey how much they contributed to each, through the qualifiers lead, equal and supporting. Used correctly, these transform a flat list of roles into a far more informative account of a collaboration. This article explains them, drawing on the CRediT extensions domain of the CASRAI Dictionary.

    The standard behind CRediT

    It is worth recalling that CRediT is not merely an informal convention but a recognised standard. It was formalised as ANSI/NISO Z39.104-2022, the standard maintained through the National Information Standards Organization (NISO). That formalisation matters: it gives CRediT a stable, authoritative definition that publishers, systems and institutions can implement consistently, rather than each interpreting the taxonomy in its own way. Part of what the standard defines is precisely the degree-of-contribution dimension — the provision that each role may carry a qualifier indicating the extent of a person’s involvement. The qualifiers are therefore an official part of CRediT, not an add-on, and understanding them is part of using the taxonomy as it was designed.

    What lead, equal and supporting mean

    The three degrees are straightforward in concept, and their value lies in applying them honestly. A contributor designated lead for a role had primary responsibility for that aspect of the work — they drove it, took the leading part, bore the main responsibility for it. A contributor marked equal shared responsibility for the role roughly evenly with one or more others; no single person led it, the work was genuinely joint. A contributor marked supporting made a real and acknowledged contribution to the role but in a secondary capacity, assisting rather than leading. The point of the qualifiers is to capture the texture of collaboration that a yes/no assignment misses. Two people might both be credited with Investigation, but if one designed and ran the experiments while the other assisted, “lead” and “supporting” convey that asymmetry truthfully, where listing both would imply a parity that did not exist.

    Why the qualifiers matter

    The degree qualifiers add value in several ways. They improve accuracy: a contribution statement that distinguishes who led from who assisted is simply a more truthful account of the work. They aid recognition: a researcher who led the methodology and another who supported it both deserve credit, but distinguishing the two does justice to each, and helps those reading the record — hiring panels, promotion committees, collaborators — understand the actual shape of someone’s contribution. And they support fairness in difficult cases. Where contributions are genuinely shared, the equal qualifier provides a recognised way to say so, which is particularly valuable for marking shared leadership of a role without forcing an artificial hierarchy. In each case, the qualifier carries information that the plain list of roles cannot, and that information is exactly what makes a contribution statement useful rather than merely present.

    How to apply them in a contributor statement

    Applying the qualifiers well is a matter of judgement exercised honestly. Some practical principles help:

    • Assign degrees role by role. A person’s degree can differ across roles — lead on Writing – original draft, supporting on Investigation. Consider each role on its own terms rather than assigning one overall level.
    • Reserve “lead” for genuine primary responsibility. If several people are all marked lead on the same role, the designation loses its meaning. Lead should identify who actually drove that aspect of the work.
    • Use “equal” when it is true, not as a courtesy. The equal qualifier is valuable precisely because it is accurate; applying it to smooth over differences that really exist undermines the honesty the system depends on.
    • Do not inflate “supporting” into more than it was, nor dismiss it as trivial. A supporting contribution is a real contribution, properly acknowledged; the qualifier honours it for what it was.
    • Agree the assignments among contributors. Degrees, like roles, should be discussed and agreed by the people involved, ideally early, to avoid disputes and to ensure the statement reflects a shared understanding.

    The limits and the discipline

    The qualifiers are powerful only if they are used with discipline. Their entire value rests on being applied truthfully; a contribution statement in which everyone is “lead” on everything conveys nothing, and one in which degrees are assigned to flatter rather than to describe is worse than none, because it dresses up inaccuracy as precision. The degrees are an invitation to be honest about the real distribution of work, not a set of titles to be distributed for diplomatic convenience. Used with that discipline, they let a contribution statement do justice to the genuine complexity of collaborative research; used carelessly, they merely add noise.

    A consistent vocabulary for contribution

    For degree qualifiers to mean the same thing across journals, institutions and reporting systems, the taxonomy and its qualifiers must be applied consistently — which is precisely what formalisation as ANSI/NISO Z39.104-2022 enables, and what a shared vocabulary sustains in practice. That consistency is what the CASRAI Dictionary supports: a shared vocabulary so that a role marked lead, equal or supporting is understood the same way wherever it is recorded, whether it travels through a publisher’s system, a repository or an institutional CRIS. CRediT’s roles tell the reader which parts of the work a contributor touched; the degree qualifiers tell them how much. Together, and used honestly, they turn the author list from a question into an answer — a clear, structured account, grounded in good authorship practice, of exactly who did what, and to what extent.