Information for staff

University | A to Z | Departments

• 
• Staff home
• Research
• Research governance
• Research policies and code of practice
• Accessing Restricted Materials

• Staff essentials
• Learning and teaching
• Research
  • About Research Innovation and Knowledge Exchange
  • Research Staff induction
  • Working with business and industry
  • External funding, grants and contracts
  • Internally-distributed funding (Staff access only)
  • Research impact
  • Publicising your research
  • Commercialising research
  • Knowledge exchange
  • Consultancy
  • Research governance
    • Research integrity and ethics
    • Research policies and code of practice
      • Code of practice on ethics
      • Code of Practice on Research Integrity
      • Policy for clinical research
      • Policy on work with outside bodies
      • Statement on Research Performance Expectations
      • Guidance on processes for allocation of internal funding:research and impact
      • ‌Social media guidelines for researchers
      • Policy for research evaluation using quantitative data
      • Guidance on conducting research outside the UK
      • Policy on staff groups seeking to engage with research activities
      • Trusted Research
      • Foreign Influence Registration Scheme
      • Guidance on Export Controls
      • Nagoya Protocol
      • Informal collaborations with colleagues based in Russia or Belarus
      • Research Ethics and Prevent
      • Research Publications and Open Access Policy
      • Research Data Management Policy
      • Research Reputation and Social Responsibility Framework
      • Payments Policy
      • Use of Artificial Intelligence (AI) in Research
      • Fair Attribution Guidance
      • Commercial costing and pricing policy
      • Policy and Procedure for the Investigation of an Allegation of Research Misconduct
      • Accessing Restricted Materials
    • Research Entities
    • Committees
  • Research Excellence Framework (REF)
  • PURE
  • Training and forums
  • Research Equipment
  • Internal Webpage for Continuing Professional Development
  • Sparks (Internal Only)
  • Open research at York
  • Responsible research and innovation
  • Research Culture & Researcher Development
  • Public Engagement with Research at York
  • HE-BCI
  • White Rose University Press
• Policies and strategies
• Community and culture
• What's happening

Access by staff and students to restricted material

1. Background and purpose

This document provides guidance on the safe access and management of security-sensitive or extremism-related material used for either research or teaching. It does not seek to restrict students or staff from carrying out research into any area, rather it is in place to safeguard academic freedom and freedom of speech in line with the University’s Code of Practice on Academic Freedom and Freedom of Speech), and protect staff and students who engage in or supervise sensitive or extremism-related teaching and/or research from the risk of investigation under counter-terrorism legislation. The term ‘material’ is taken to include material used for teaching related to security or extremism or accessed in relation to taught provision, as well as material used directly for research.

The University must comply with the Prevent duty, guidance for which states that “For further and higher education providers, there should be clear policies in place for students and staff using IT equipment and networks to research terrorism and counter-terrorism in the course of their learning.”

(Prevent Duty, 188, IT Policies)

The process outlined below ensures:

• Activity can be traced back to the authorised user should the University get any enquiries from authorities,
• Security-sensitive or restricted content does not cross-over with or end up on other systems,
• Should equipment be seized, the temporary loss would not hinder the operation of the University,
• Risky activity, for example accessing the dark web, is kept away from corporate systems and data.

The Code of Practice and Principles for Good Ethical Governance (paragraph 2.15) states that: Particular care needs to be taken with regard to research and other academic activities related to political extremism and terrorism. Any such activities must be reviewed by the local research ethics committee; in addition, the chair of the local research ethics committee should inform the Secretary of the Academic Ethics and Compliance Committee that a proposed activity of this nature has been submitted. Where necessary, advice should be sought from the University's Prevent Lead. 

Those who access potentially security-sensitive material must not share or disseminate such material, even if it is already publicly accessible elsewhere, and must ensure that appropriate systems are in place for the storage and handling of such material. Universities UK Guidance (see Further resources) must be followed: material should be stored on specially designated university servers, and personal computers or the VLE should not be used.

2. What is ‘security-sensitive or extremism-related’ material?

Material which could be classified as "security-sensitive or extremism-related" may include anything which could be interpreted as promoting, endorsing or planning terrorism, radicalisation, or extremism. 

• Terrorism e.g. material relating to actual or potential terrorist methods
• Radicalisation e.g. material obtained by liaising with groups which seek to persuade people to adopt extreme political, religious, or social views
• Extremism e.g. material that results from collecting information from websites of extremist organisations
• Government security measures in respect of extremism, terrorism or radicalisation (other than government sponsored research) e.g. an analysis of government techniques to combat terrorism, where such information would be of use to terrorists
• Materials that are covered by the Official Secrets Act (1989) and the Terrorism Act 2006

3. Arrangements for access to restricted material

The requirement to access restricted material must be included in an application to your local research ethics committee, and if required, the process regarding Research Ethics and Prevent should be followed in addition. This requirement applies whether the material is being used for research or teaching purposes.

You must also contact the cyber security team via itsupport@york.ac.uk. They can offer guidance about suitable controls, the aim will be to ensure the objectives in "background and purpose" are met. 

4. Monitoring

As per Regulation 11: Using University information, the University monitors and records the use of its IT services and may access data during investigations as described in the IT Investigations and Data Access Policy.

Breaches of this procedure may warrant disciplinary action under the disciplinary procedure.

5. Further resources

HM Government - Prevent duty guidance: for specified authorities in England and Wales

Official Secrets Act 1989

Terrorism Act 2006

UUK - Oversight of  security sensitive research material in UK universities

University of York - Code of Practice and Principles for Good Ethical Governance

Research Ethics and Prevent

Academic Ethics and Compliance Committee

List of Research Ethics Committees

Regulation 11: Using University information

IT Investigations and Data Access Policy

Status of this document 
Document owner: RIKE
Date of next review: 2028