Research PII: Screenshots and GDPR

Updated for 2026 — GDPR enforcement against research groups has grown. This risk stays common in published work.

The Methodology Screenshot Problem

Many academic papers include screenshots of analysis tools. The goal is to show method. But those screenshots can reveal real personal records. Most researchers do not notice this risk.

Here are four common cases:

• A machine learning paper shows a pandas DataFrame. The first 10 rows have real patient names and IDs.
• A clinical study shows R output. Patient values are on screen. Patient IDs show in the margin.
• A social science paper shows SPSS tables. Survey responses from real people are visible.
• A journal tutorial shows a Jupyter notebook. Real user records serve as sample rows.

In each case, the author meant to show method. The personal records were not the point. They were just there to make the example feel real.

But "not the point" does not mean safe. GDPR Article 4(1) says personal records include any facts about an identified person. A patient record in a published paper is personal information. It does not matter if it is in a screenshot. Publishing it without consent or a lawful basis under Article 6 breaks GDPR.

See the GDPR conformance overview for more on publication rules.

Why This Creates Legal Risk

Research groups now face more GDPR enforcement. Publication failures are a key trigger. Four risks stand out.

Journal retraction. Article 17 gives people the right to erasure. This applies to published records too. If a person finds their details in a paper, they can ask for removal. For a journal, this often means retraction. Retraction hurts a researcher's career.

Ethics board findings. Ethics boards review published work. They check for GDPR alignment. They have started to flag papers that show personal records in screenshots. These flags affect a researcher's future work.

Data Access Agreement violations. Research datasets come with Data Access Agreements. These rules state what may be published. A screenshot with personal records can break the agreement. The result is often a loss of dataset access.

Article 89 limits. Article 89 allows use of personal information for science. It eases some rules. But only where proper safeguards exist. Showing personal records in a screenshot without de-identification is not a safeguard. It is a breach.

See our protection and safeguards page for the full breakdown.

How Often Does This Happen?

This problem is not rare. It affects published work across many fields.

A few factors drive it.

Reproducibility norms. Journals want method details. Researchers use screenshots to meet this need. They do not always check what is visible in each image.

Tight deadlines. Time pressure leads to fast screenshots. There is no time to review each image for exposed records.

Low visibility in images. A DataFrame can have 20 columns. Names and IDs may be in a column far to the right. The researcher looks at the key column, not the ID column.

No check at submission. Journal portals run format checks and plagiarism screens. None check images for personal entities. Nothing flags the problem before the paper goes live.

Screening Workflow for Research Groups

A pre-submission screening process can stop these issues. It has seven steps.

1. Researcher completes the manuscript draft with all figures.
2. Draft goes to an internal reviewer — the PI or a privacy contact.
3. Image PII detection runs on all image files in the manuscript.
4. The report flags images with readable text that matches personal entity patterns.
5. Researcher reviews flagged images.
6. For each flagged image: replace it with a clean screenshot. Swap patient ID 12847 for ID 00001. Replace real names with "Patient A."
7. Final manuscript goes to the journal with clean images.

Technical options:

• Manual: Export manuscript images. Run batch PII detection. Review the report.
• Semi-automated: Use a shared folder for drafts. Run batch processing each week on new files.
• Workflow-integrated: Add a screening step to the submission portal.

Screening is fast. For a 15-figure manuscript, image PII detection takes under two minutes. A retraction takes months.

Visit the FAQ or glossary for more on detection features.

Case Study: European University

One research group added image PII screening to its manuscript workflow. A near-miss triggered the change. A paper under review had patient names in a DataFrame screenshot.

What they did:

• All draft papers were processed for image PII before journal submission.
• Screening covered all PNG, JPG, and PDF figures in each draft.
• A privacy contact reviewed the results.

Results over six months:

• 23 manuscripts screened.
• 7 manuscripts (30%) had at least one image with personal entities.
• Types found: patient names in DataFrames (4 papers).
• User IDs matching patient formats (2 papers).
• Email addresses in screenshot margins (1 paper).
• All 7 fixed before submission.
• Zero retraction requests or ethics findings after submission.

The ethics board now cites this workflow as a model "appropriate safeguard" under Article 89. It supports the group's future research exemption applications.

Read the founder statement to learn why anonym.legal was built for this kind of problem.

Sources

• GDPR Article 89: Safeguards for Scientific Research.
• GDPR Article 17: Right to Erasure.
• ICO: Research, Public Interest and Scientific Purposes.