As open as possible, as restricted as necessary
The fundamental principle for Open Science is that results, publications, and associated data from publicly funded research should be made openly accessible from 2026, unless there are legal or ethical reasons preventing this. Ideally, open access means that data are available for direct download; in practice, it is about making access to research data as open as possible, as restricted as necessary.
Although research data can often be made freely and openly accessible, some data are more sensitive. This may include research data containing personal information, classified data, data produced by other organizations, copyrighted material, or patent-pending material.
Data that cannot be fully shared openly can, in many cases, still be made accessible in a way that meets the FAIR principles by making metadata openly accessible and publishing the data in a repository that supports restricted access. Restricted access means that there is openly accessible information on how to obtain the data, but that the data are sensitive in some way, so access to them must be requested. Each request for access is reviewed, and a confidentiality assessment may be conducted before granting access to the data.
If you intend to make research data available with restricted access, you should use a certified repository or another reliable catalogue service with which your organization collaborates. Data that cannot be made openly accessible likely cannot be legally shared through an independent catalogue service (even if the service does not make data freely downloadable).
You can always contact your local research data support service if you need help determining how and where to make your research data accessible.
Common reasons for making research data accessible with restricted access:
Personal data
Personal data is any information that can be directly or indirectly linked to a living, identifiable individual. This applies to both direct and indirect personal data as well as pseudonymized data.
If you have collected personal data as part of your research, anonymization is rarely possible. This is because the Swedish Archives Act (1990:782) states that original data, as well as key codes, must be retained. If these exist, they could enable identification of individuals within the dataset. However, even if the full dataset cannot be made accessible, it may still be possible to share data that do not qualify as personal data, such as statistical calculations.
It is generally prohibited to make research data containing personal information freely downloadable. However, there is still value in describing and making such research data visible, as other researchers may find them useful for other scientific purposes. If ethical approval was required to collect and use the data in the original research project, a similar ethical review will be necessary if another researcher wishes to reuse the data. Access to sensitive personal data or protected information can only be granted if the proposed use has received approved ethical reviewOpens in a new tab.
For more information on personal data in research and the required safeguards before making data accessible, see SND's handbook on data containing personal informationOpens in a new tab.
Confidentiality
When data are subject to confidentialityOpens in a new tab, a confidentiality review must be conducted each time someone requests access. Confidentiality does not mean that data can never be shared; rather, access is assessed on a case-by-case basis.
If you make confidential data available with restricted access, it is important to include information about the confidentiality conditions so that the organization hosting the data can correctly handle access requests. By specifying where, how, and under what conditions protected data can be accessed, you fulfil the FAIR principles' requirements for accessibility.
Copyright
Sometimes, material collected for analysis in a research project may be protected by copyright. Such material can generally be made available with restricted access and reused for research purposes. The restrictions on data accessibility depend on agreements with the copyright holder and the licence applied to the material. This is also the case for copyrighted material collected from open sources.
Materials published under Creative Commons licences can usually be made openly accessible.
Collaborative research
If research data are generated within a collaboration with a private company or another public authority, the data may need to be made available with restricted access – or it may not be possible to share them at all.
Collaborative research should be regulated by a research agreementOpens in a new tab. To ensure that project data and research results can be made accessible after the project concludes, data access considerations must be included in the agreement. Who will own which research data? Are there any restrictions on how and by whom they can be used? Is there a risk that you or your institution will not have access to the data once the project ends? Plan early for data access by incorporating a data management plan into the agreement.
Closed review
During the peer review of a research article, datasets may need to be accessible for review, even if the researcher does not wish to share them openly before the article is accepted. In such cases, the data can be shared exclusively with the article's reviewers in a process known as closed review. Reviewers are granted access to the dataset via a temporary link.
Once the article is accepted and published, the researcher can inform the repository hosting the dataset that the data can be made openly accessible.
Embargo
In publishing, an embargo refers to the period between the publication of an article in a journal and when a version of the article can be made accessible in a repository. This generally applies to preprints or other early versions of the article but may also include publisher-created PDF versions.
For research data, an embargo refers to the period between the end of a project, or the publication of research results, and the earliest point at which the research data can be made accessible for reuse. Embargoes in research are uncommon but do occur – for example, if data constitute a business secret for a company for a certain period. An example might be interviews with developers at a video game company that could reveal information about an upcoming game, even if the research findings themselves do not disclose such details. In this case, the data would remain sensitive until the game is released. Normally, a contract between the institution and the company should regulate such matters, such as a Non-Disclosure Agreement (NDA).
Embargoes are not recommended, especially for publicly funded research data. An embargo should only be applied if it is an absolute requirement for obtaining access to certain data. The core principle is that access to data from publicly funded research should be as open as possible and as restricted as necessary.