Research ethics. Certificates of confidentiality and compelled disclosure of data.

Certificates of Confidentiality have gained prominence in the context of efforts to build large-scale research platforms and new requirements for an unprecedented degree of data sharing. There is, however, a remarkable paucity of evidence upon which to base conclusions about the strength, applicability, and durability of the legal protections a Certificate affords. Here we describe a recent legal challenge in which a research participant’s data, collected under a Certificate, were subpoenaed as part of a criminal case that reached the North Carolina Court of Appeals. We show how, despite the legal protections ostensibly afforded by the Certificate and the vigorous objections of the Principal Investigator and institutional counsel, the research subject’s confidentiality was ultimately compromised in the course of the legal proceedings; further, we discuss the broader implications of this case for the research enterprise as a whole.