Researching Extremes: The Fine Line of Consent in Online Radicalization Studies

Marzena Oliveira Ribas

December 11, 2023

Research on online radicalization operates within a complex web of ethical and legal constraints. While the pursuit of knowledge in this field is crucial, it must be approached with a thorough understanding of these challenges. Researchers are tasked with the delicate balance of advancing academic inquiry while upholding ethical standards and legal requirements. Only through such responsible research practices can the field progress in a manner that is both legally sound and ethically robust.

One of crucial ethical aspects to consider is obtaining informed consent, which as described by Reynolds (2012), is a significant ethical challenge in academic research on online radicalization. Traditionally, informed consent is essential in human subject research, but its application in online environments, especially in public chat rooms or dynamic social media groups, might be tricky and involve certain negative consequences.  

First, when dealing with online communities of extreme nature, by seeking consent we risk alerting the group members’ behavior, as well as potential deletion of certain posts. This could jeopardize the authenticity of the data’s naturalistic setting and the overall validity of the research, which would undermine the goals of the study.

Second, revealing the researcher’s presence might risk reprisals from the subjects against the researcher and the team. Internet research on radicalization, while digital, still encompasses the communication of real individuals and should be treated as fieldwork in potentially risky environments. The necessity of maintaining covertness under such circumstances has been previously addressed in the literature (Lee-Treweek & Linkogle, 2000).

Extreme online communities are vigilant about their security, often closely monitoring group interactions to identify and remove anyone deemed ‘unfriendly’ or suspicious. This vigilance is not just about maintaining group integrity but also about controlling the flow of information. In his article, Reynolds (Reynolds, 2012) mentions a specific online community, where the designated security officer successfully detected and exposed trolls or spies. More than twelve individuals identified in this manner were publicly named and subsequently expelled from the group.

This practice of strict surveillance and control extends to academic researchers as well. Hudson and Bruckman (2004)encountered this directly in their study. When attempting to obtain informed consent from participants, the researchers frequently faced resistance and exclusion. They were expelled from chat rooms 72% of the time when requesting participants to opt out of the study and 62% of the time when asking for opt-in consent. This high rate of sanction demonstrates the challenges researchers face when studying online environments. Consequently, Hudson and Bruckman suggest that waiving informed consent might be a more feasible approach in such settings, where the standard practice of obtaining consent is impractical due to the heightened sensitivity and guarded nature of these online communities. Nevertheless, the mentioned study was conducted prior to the introduction of General Data Protection Regulation (GDPR) that is our current legal norm.

These important regulations were considered in the 2021 report by Sold and Junk, titled Researching Extremist Content on Social Media Platforms: Data Protection and Research Ethics Challenges and Opportunities (Sold & Junk, 2021). The authors highlight that the legal regulations, particularly those outlined in the GDPR, play a crucial role in navigating the challenges of obtaining informed consent.

For instance, they mention Article 9(2)(e), which addresses a scenario in which researchers may utilize data if the data subject has consciously chosen to publish sensitive information. It lifts the data processing prohibition outlined in paragraph 1 of this article, signaling that the data subject, through conscious publication, acknowledges that their data may be used for research purposes. This waiver of the special protection under Article 9 suggests that the data subject may perceive the information as no longer requiring specific safeguards. However, it is essential to note that even when data is consciously published by the individual, it does not entirely forego the protections of the GDPR. Notably, Article 6 remains applicable, emphasizing that the processing of data, even when Article 9 protections are waived, still requires a legal basis. The lawful bases listed in Article 6 include:

  • The necessity of processing for the performance of a contract.
  • Compliance with a legal obligation.
  • Protection of vital interests.
  • Consent
  • The performance of a task carried out in the public interest or in the exercise of official authority.
  • Legitimate interests pursued by the data controller or a third party.

This underscores the GDPR’s commitment to ensuring that the processing of personal data, whether sensitive or not, is conducted within a robust legal and ethical framework. This requires a careful balance between research interests and the data subject’s legitimate interests. Notably, processing without consent is permissible only in limited circumstances, such as when the public interest in the research project outweighs the data subject’s interests.

Furthermore, Article 9(2)(j) of the GDPR provides specific rules for processing special categories of personal data for research purposes and these rules apply irrespective of whether researchers seek informed consent from participants. These special categories encompass sensitive information such as racial or ethnic origin, political opinions, religious or philosophical beliefs, and others. Processing personal data falling under these categories for research demands a meticulous approach. Researchers must demonstrate the specific research question, establish the impracticability of the project without the data, and conduct a careful balancing act to showcase that the research interest significantly outweighs the data subject’s interest in data protection. Adherence to principles of necessity, appropriateness, and proportionality in data processing, as well as the establishment of data access regulations, is necessary to ensure full compliance with data protection regulations. Including these legal considerations in online radicalization research is essential to ensure that studies are conducted with strong ethical foundations and in compliance with the law in this challenging field.


European Union. (2016). Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation). Retrieved from:

Hudson, J. M., & Bruckman, A. (2004). “Go away”: Participant objections to being studied and the ethics of chatroom research. The information society, 20(2), 127-139.

Lee-Treweek, G., & Linkogle, S. (2000). Danger in the field: Risk and ethics in social research. Psychology Press.

Reynolds, T. (2012). Ethical and legal issues surrounding academic research into online radicalisation: a UK experience. Critical Studies on Terrorism, 5(3), 499-513.

Sold, M., & Junk, J. (2021). Researching Extremist Content on Social Media Platforms: Data Protection and Research Ethics Challenges and Opportunities (Kings’s College ICSR London: GNET-Report., Issue.

Leave a Reply

Your email address will not be published. Required fields are marked *