If particularly sensitive variables are used via remote desktop access, additional anonymisation measures must be taken for data protection reasons. As a rule, the information in these variables is altered for this purpose. However, these measures only affect the interim results generated as part of remote desktop access.
Once you applied for remote desktop access including access to particularly sensitive variables (these are specially labelled in the data report) and access has been approved, you receive access to two complementary versions of a data product.
- Version 1 contains, in accordance with the data application form, all approved variables in unaltered form.
- Version 2 of the data product is a copy of the first version, but with particularly sensitive variables only left unaltered up to a defined level of detail that is considered safe. For finer levels of detail, a procedure developed by the FDZ is used to disguise the true content of a variable through data alteration. An example of such a gradual disguising would be given for regional data. For example, a person's place of residence could remain unchanged up to the federal state level, but the district information would be distorted within the federal state.
The basic idea of the remote desktop access concept is that researchers only have access to the second version of the dataset when using the remote desktop. Access to the first version of the dataset is technically prevented. Researchers can use remote desktop access to interactively develop their evaluation programmes, get an overview of the data structure and carry out initial evaluations as long as these evaluations are not affected by the artificial data alteration. It is not possible to export the results obtained in this way for further use.
If researchers want to finally verify their results on the basis of the unaltered data (version 1), they must send in their data preparation and analysis programmes using the JoSuA software for controlled remote data processing or book an on-site visit.
When switching from remote desktop access to JoSuA or on-site access, no file paths etc. need to be changed. The IT system automatically accesses the right subdirectories. Access to dataset version 2 is technically prevented. Results that are checked and released by the FDZ are always based on the unaltered variables of dataset version 1.
If no particularly sensitive variables are required for a project, versions 1 and 2 of the data product are identical. However, the double structure described above also exists in these project directories. This means that in order to be able to export results, data preparation and evaluation programmes must be run again using the JoSuA software.