Computer Laboratory

Cambridge Cybercrime Centre: Legal framework

This page explains the basics of our legal framework for sharing cybercrime datasets and links to material that is specifically aimed at researchers or data suppliers.

A separate page discusses the overall process for working with our data, but you will need to read this page as a part of that process.

Data for researchers

If you wish to do research using our cybercrime datasets you will need to enter into a formal legal agreement with us. This agreement -- we call it the "outgoing agreement" sets out what you are allowed to do with our data (and what you must not do). It sets out further obligations; for example, any resultant papers must be "open access".

We have written a guide for data recipients which links to the agreement itself and explains the reasons for its provisions. If you have further questions about the agreement then please just ask -- and we can expand or clarify the Guide accordingly.

We cannot be very flexible about what the terms in the "outgoing agreement" because it has to match up with all the "incoming agreements" we have signed with data suppliers. Nevertheless, our aim is to ensure as much research as possible will occur and so we will try our best to overcome any problems you may have in coming to an agreement with us.

Guide: https://www.cambridgecybercrime.uk/outGuide.html

Data from suppliers

If you would like to supply data to us, so that we can then make it available to cybercrime researchers, we would be delighted to talk to you. We might distribute your data "as is", or combine it with other data we hold, or "enrich" it (for example by fetching website contents rather than just listing URLs).

We have already created a suitable "incoming agreement" for data suppliers that we would use (adapting as necessary). Of course you may want to use your own agreement and that could be the best way forward -- but because it is essential that whatever we sign with data suppliers completely matches up with the "outgoing agreements" then this risks being a slower and more painful negotiation than otherwise. That said, the "outgoing agreement" does have provision for dataset specific conditions, so if something special must happen with a particular dataset we believe that will often be the best way of dealing with bespoke requirements.

We've written a guide for data suppliers that links to the agreement and explains the reasons for its provisions. If you have further questions about the agreement then please just ask -- and we can expand or clarify the Guide accordingly.

Guide: https://www.cambridgecybercrime.uk/inGuide.html

Next steps

Once you have read the legal agreement(s) and the accompanying FAQs then the next step is to get in touch with us.

If you are a data supplier then write to use at <director AT cambridgecybercrime.uk> and we'll promptly get back to you.

If you are a researcher who would like access to our data then the next place to visit is our "Process for working with our data" page: https://www.cambridgecybercrime.uk/process.html

Back to main page.