Confidential Online Surveys

Potential Risks and Replacement of the Online Survey

In the last decade there has been an avalanche of software, tools, systems and services on the Internet to conduct online surveys, from companies like SurveyMonkey, QuestionPro and even Google itself, all of them have endeavored to bring about a change in the way survey data is collected and stored, offering Internet servers for thousands of users to start creating their surveys and uploading data to repositories hosted mostly in the United States. Although this change has been positive, especially because of the favorable impact on the price of quantitative surveys, the truth is that it has forced users to expose their data, which may be sensitive to the view of the networks, servers and employees of the same companies providing these online survey services. Although the online survey through a service contracted to a third party or SaAS (Software as a Service) has its space well justified, we want to know if there are safer ways to conduct surveys in those cases where we must ensure that the confidentiality of information and data is not violated. Considering the current state of information technology it is possible to find replacement options to traditional SaAS services to host our confidential online survey, however first let's clarify two fundamental concepts to prepare the ground, they are "Off-primesses" (Off-site) and "On-Premises" (On-site).


Off-premises means that when you use an online survey service (SaAS), such as QuestionPro, Google or SurveyMonkey, your data will be stored on the servers of the company you hire, so your data will be exposed to the view of the employees of these companies and may be subject to vulnerabilities in their systems, including hacking and possible theft of information. Keep in mind that by using these systems, you are handing over control of your data to these companies, you are handing over responsibility for storage, backups and security. On the contrary, an ON-Premises software means that when you use these systems, you have exclusive access to your data, which are being stored in their own servers, it will be your responsibility to control the security, storage and backups of the data. The advantage of on-premises systems is that your data is not being viewed by the survey software provider's employees.

It is possible that your company is interested in applying an online survey, but that the data is stored on its own servers, and not in the cloud of the provider company. So, instead of hiring a generic SaAS service such as SurveyMonkey, your company could have its own servers (Linux or Windows), whether these servers are physical machines located in your own offices, or virtual machines hired from a local or global third party. By storing the data on your own server (On Premises) you guarantee that there are fewer eyes seeing your data, especially if we can use a system that guarantees that what is stored on the server is not understandable by commercial software packages. Hence the need to encode, encrypt and not use commercial databases, or data structures understandable by commercial software packages.

Althostyle=" text-align: center;s a desktop application that allows you to create surveys on a Windows PC, when it comes to publish the questionnaire, our users have 3 options to select: 1) Publish on a server of your own property (your own Linux server, or on a hosting contracted by you to a third party. ) 2) Publish to a private server, but administered by our company, which means that you can purchase with our company a server for your exclusive use, and 3) Publish to any of Rotator's cloud servers, which is equivalent to process your survey as SurveyMonkey or QuestionPro does, that is. Your survey would be hosted on a server owned by Rotator Software. Typically our servers are located in Canada and USA, contracted to high quality global providers. Let's look at the definitions below:


As the name implies, an "OWN" server is a physical, virtual machine or hosting contracted to a third party by you. In this case, ROTATOR SOFTWARE has no technical or administrative interference and all administration, configuration, monitoring and backup tasks are the responsibility of the end user. By adding an own server to the Study Modeler, the communication is done unidirectionally MODELER <-> OWN SERVER and at no time data or questionnaires are sent to servers owned by Rotator Software. Thus, the benefit of installing your own server is the total centralized control and confidentiality of your data. In addition to these benefits, the user can use their own hardware and scale it according to their needs, as well as apply corporate policies of use, security and backups.


A PRIVATE server is a server managed by Rotator Software, but which is intended exclusively for a particular user, when buying a private server an average configuration is offered (2 GB RAM, 2 CPU and SSD disks), which can be scaled to the extent of the customer's need. The advantage of the private server is that it is guaranteed that there are no other surveys by other users, and that its use is exclusive to the contracting company. Although the "private" server is used solely and exclusively by the end client, its administration is the responsibility of Rotator Software, and, likewise, although Rotator Software constantly monitors the private servers to guarantee their availability, it is up to our suppliers to act and take responsibility when hardware or software failures occur.


A "cloud server" is a shared server where different clients can store their surveys. Rotator's cloud servers are high-performance servers, allowing about 50 medium-sized surveys to run in parallel. As our company grows in clients and surveys, we will add new servers to the cloud. To differentiate the cloud servers we have named them after Greek gods, e.g. ARES, ARTEMIS, ADONIS, HERMES, EROS, POSEIDON, HADES, CHRONOS, ZEUS, APOLLO, etc. All of them operating under the domain "ROTATORSERVER.COM", for example: "HTPS://ZEUS.ROTATORSERVER.COM". When a user publishes a questionnaire in the cloud, the system checks which server is the most unoccupied and publishes the questionnaire there. The disadvantage of using the Rotator cloud is its performance, especially for users who need to publish many studies concurrently, or when the studies to be published are very large, either in terms of questions, participant base, cases or number of concurrent respondents (or CATI operators). In these cases we recommend opting for a "PRIVATE" server or an "OWN" server.

Private surveys

Ultra confidential Surveys. Could you use an online survey SaAS service, such as SurveyMonkey or QuestionPro?

Recently a user from Colombia contacted us because his organization (anonymous) wanted to conduct a survey of victims of kidnappings by Colombian paramilitary groups to analyze the frequency of these events and the types of mistreatment the victims received, the location of the events where they occurred, among other aspects related to the violence and criminality of these armed groups. The problem was that the organization executing the survey wanted to remain anonymous to avoid retaliation and subsequent problems, in case the information collected in the surveys was divulged by any means before being delivered to its final client, which was an international organization, and they also wanted to remain anonymous.

Another case that came to our office was that of a user from Brazil, who was conducting a survey on a procedural investigation that was being followed to a renowned politician in that country, and wanted to measure various aspects related to acts of corruption, both real and perceived, in which that character was involved. The problem was that the respondents of the survey were high ranking social and political personalities in Brazil, so many of the participants of the Study refused to answer self-applied online surveys answered on their computers, on their mobile devices, or on third party equipment connected through the internet.

These two cases of surveys with highly confidential data make us think, not only about the correct methodology to use in these studies, but also about the most appropriate software technologies to collect and analyze the data, in order to guarantee 100% that the collected data will not be disclosed, stolen, extracted, viewed, or hacked by a hacker, or by the same employees who support the technological infrastructure of the company providing the online survey service.

How can data from an online survey be stolen?

There are several ways in which the extraction of confidential survey information can be done, here we mention some of the methods that can be used by hackers, pirates or malicious people who want to steal the data to use them in acts of extortion, black-mailing or to publish them in mass media such as newspapers, online tabloid websites like Wikileaks, etc.


Employees of companies such as SurveyMonkey, QuestionPro that cater to the mass market of online surveys and collect thousands of surveys of all types annually, from surveys on new product launches and presidential surveys, to highly confidential surveys such as those mentioned in this paper. How likely is it that these highly confidential surveys, such as those mentioned here, could be seen, or worse, extracted or stolen by an employee who is disgruntled with the company? On the other hand, we truly know the data security, information confidentiality and statistical secrecy policies that these companies handle. If you believe that because your survey is hosted on servers located in the United States, and that the provider company is American, which in theory is governed by strict laws, know well that Wikileaks emerged precisely in the United States and that this organization stole all kinds of information including secret documents from the White House and the Pentagon.


The second possibility of your online survey being breached may be due to an anonymous hacker accessing the servers where your survey is hosted, penetrating the database and copying your data and transferring it to their own computer. Although servers are getting smarter and less difficult to invade, new methods of hacking and credential theft are emerging, so we can't rule out this scenario. Many companies like Rotator Software prefer not to use commercial databases or easy-to-understand data structures and apply encryption mechanisms to their data, such as HASH, MD5, and other algorithms.

Data Security Policies of some Online Survey Providers

Most of the companies that provide survey software under the SaAS (Software as a Service) modality maintain rigorous policies for the treatment of their clients' information, especially in relation to the employees, whether direct or indirect, who have access to the survey data. In the case of Rotator Software, our employees sign a contract that is renewed annually to protect the confidentiality and security of the data collected by our clients. Below are the privacy and data security statements and policies of some of the service providers, tools, systems and survey software we have found on the Internet.