Ethics in Research: Beyond the NDA

Written by Teacup Lab.

This is the third article in our SkincAIr blog series. After introducing the project and highlighting the value of desk research in our first two posts, we now turn to a dimension often overlooked in UX projects: the role of ethical approval, and what it means to engage responsibly with human participants.

We knew when we started this project that involving human participants meant taking ethics seriously, but we were surprised by the number of requirements and cultural nuances that shaped our research. This experience has pushed us to reflect not only on the formalities of ethical approval, but also on what the UX field often overlooks when working with people.

When Ethics Means Only an NDA

When we talk about ethics in applied research within companies, the conversation often stops at a very specific checkpoint: the signature of a Non-Disclosure Agreement (NDA). 

The NDA is designed to protect the organisation, ensuring that sensitive business information is not leaked outside of the research context. It is a contractual safeguard, but one that speaks almost entirely to the needs of the company. What it does not do, however, is meaningfully address the wellbeing, dignity, or long-term interests of the human beings who agree to participate in the research process.

Ethical Approval in Academic and Ethnographic Research

By contrast, in disciplines such as ethnography, psychology, or medical research, the involvement of human participants requires a robust framework of ethical approval. These frameworks are not bureaucratic hurdles designed to slow down the work; they are reflections of a broader responsibility.

The Belmont Report (1979), written in response to several historical research abuses, established three core principles that now govern human subjects research:

1. Respect for persons: Acknowledging autonomy and protecting those with diminished autonomy
2. Beneficence: Maximizing benefits while minimizing harm
3. Justice: Fair distribution of research benefits and burdens

These principles translate into concrete practices. Institutional Review Boards (IRBs) evaluate not just whether participants consent, but whether:

• Consent is truly informed and voluntary
• Risks are minimized and reasonable
• Subject selection is equitable
• Potential benefits are maximized for participants and society
• Privacy and confidentiality are maintained beyond legal requirements
• Vulnerable populations receive additional protections

Beyond Compliance: The Reflective Practice

What distinguishes academic ethical review is its emphasis on reflection. Researchers must articulate:

• Potential cultural sensitivities and power dynamics
• Long-term implications of data collection and storage
• Unintended consequences for participant communities
• Plans for sharing benefits with research populations

Writing and submitting an ethical approval forces researchers to engage with questions that go beyond the immediate project, such as: “What cultural contexts are at play?”, “Could this research reinforce stereotypes or inadvertently cause harm?”, “How will the data be handled, stored, and shared responsibly?”, and to take responsibility for the answers.

Why UX Research Operates Differently

UX research tends to be focused on immediate deliverables: the next sprint, the next prototype, the next release. Ethical approvals, in contrast, are built on the principle of thinking ahead, not only about what will happen in the research session itself, but about how the data might be used years down the line, how participants might feel about their involvement in retrospect, and what social responsibilities the research carries.

These different time horizons are reinforced by another widespread belief: that UX research is inherently low risk. UX research has historically positioned itself as low-risk, focusing on:

• Interface evaluations
• Task completion studies
• Preference testing
• Journey mapping exercises
• Exploratory research into user needs and behaviors

This framing isn’t entirely wrong, most UX studies don’t probe deeply personal topics or expose participants to physical risks. However, the assumption of “low risk” has become a blanket justification for minimal ethical oversight.

Business Pressures and Structural Constraints

Several factors perpetuate this ethical gap:

• Speed to market:
  In environments where two-week sprints are standard, a multi-week ethical review process seems impossible.
• Cost considerations:
  Formal ethical review requires infrastructure, committees, training, documentation systems, that represent overhead many companies resist.
• Competitive pressure:
  When competitors move fast and break things, ethical deliberation can feel like a luxury.
  
• Regulatory vacuum:
  Unlike medical research (governed by FDA regulations) or academic research (governed by federal policy), UX research operates in a largely unregulated space. GDPR addresses data privacy but not research ethics per se.

The Cost of Ethical Shortcuts

Hidden Risks and Missed Reflections

What gets lost in this simplified approach is the opportunity for deeper ethical reflection. Even when studies appear harmless, they can carry subtle risks:

• A test that seems benign to the researcher might be stressful or intimidating for someone unfamiliar with digital tools.
• Participants who belong to marginalised groups may reveal information that has greater consequences than expected.
• Cross-cultural studies, increasingly common in global companies, risk ignoring or flattening local practices if not handled with sensitivity.

Without an explicit ethical framework, these risks remain invisible, not because they do not exist, but because no one is formally asking the questions that would bring them to light.

Erosion of Trust

Trust between participants and researchers is fragile and can be easily eroded when ethical considerations are poorly managed. If participants discover that their data has been used beyond the original scope of the study, a practice not uncommon in corporate settings, their confidence in the research process diminishes.

Yet, misuse of data is only one aspect; broader issues such as a lack of transparency, disregard for consent, or poorly designed and conducted studies can also compromise ethical standards and weaken relationships.

When participants no longer trust the process, they may respond less authentically, drop out more frequently, and become harder and more costly to recruit, with the added risk that entire demographic groups may disengage altogether, leaving critical gaps in research.

Towards an Actionable Middle Ground

Rather than adopting academic IRB processes in full, UX teams can implement lightweight yet meaningful ethical practices as a check list of action before engaging a research project with participants.

Inspired by the spirit of frameworks like the Belmont Report, we designed a simple, actionable checklist for UX teams, a tool that adapts ethical reflection to the realities of industry practice:

UX ETHICAL CHECKLIST
Evaluate risks beyond the interface:

• Could this research trigger stress or anxiety?
• Are we asking participants to reveal more than necessary?
• Might the research context create pressure to participate?

Think about power dynamics:

• What’s the economic relationship between researcher and participant?
• How might cultural or social factors affect consent?
• Are we inadvertently exploiting vulnerable populations?

Honor participant expertise:

• Compensate fairly (minimum: local living wage for time spent)
• Acknowledge participants as collaborators, not subjects
• Share findings when possible

Inform transparently:

• Explain data use in plain language
• Specify retention periods
• Clarify participant rights beyond legal minimums

Care for wellbeing:

• Provide clear withdrawal procedures
• Offer breaks and check-ins during sessions
• Follow up on any signs of distress

Store data responsibly:

• Define and communicate retention limits
• Implement purpose limitation (data used only for stated aims)
• Plan for data deletion, not indefinite retention

Implementation Strategies

• Start small: Begin with one team or project type. Document learnings and iterate.
• Create templates: Develop standardized consent forms that go beyond legal protection to address participant wellbeing.
• Build gradually: Add ethical considerations to existing processes rather than creating new ones.

Conclusion: Ethics as an Ongoing Practice

This is not to argue that UX should adopt the same heavy processes as academic or medical research. The contexts are different, and agility is often essential in industry. But between the NDA and the full ethical review lies a middle ground: a lightweight framework that prompts researchers to consider cultural sensitivities, acknowledge participant vulnerabilities, and anticipate broader impacts.

Ethics, in this sense, is not just a legal safeguard. It is an ongoing practice, a way of questioning how we engage with people, what we ask of them, and how our work may affect them beyond the immediate goals of a project.

Bringing this perspective into UX research does not mean slowing down or overcomplicating processes. It means adding responsibility and trust, and ultimately enriching the discipline itself.

You can read the original article here.

If you want to always stay updated about our project, follow us on  LinkedIn, Facebook, X and Bluesky!