B1.3 Repository has mechanisms to authenticate the source of all materials.
The repository’s written standard operating procedures and actual practices must ensure the digital objects are obtained from the expected source, that the appropriate provenance has been maintained, and that the objects are the expected objects. Confirmation can use various means including, but not limited to, digital processing and data verification and validation, and through exchange of appropriate instrument of ownership (e.g., submission agreements/deposit agreement/deed of gift).
Evidence: Submission agreements/deposit agreements/deeds of gift; workflow documents; evidence of appropriate technological measures; logs from procedures and authentications.
ICPSR's Deposit Form is the mechanism that ensures proper documentation and workflow for deposited materials. It ensures that we have a signature from the data depositor, and keeps track of what was deposited, who did it, and when it was done.
One feature of the Deposit Form is that it auto-emails the depositor with a list of the files it thinks have been deposited, and each file includes a one-line description regarding the file format (e.g., SPSS Portable File, PDF document, version 1.6, or Microsoft Word). If the deposited file is a Zip package or a tarball, we pull apart the bundle first, and then examine the individual files before generating this report.
The person who signs the deposit must have a valid MyData account, and we use this to track and record identity. Of course, this same information is also helpful during the data management process if ICPSR needs to contact the data producer or researcher.