We use knowledge security to protect our knowledge in various ways. The concept comprises three key aspects:

Undesirable transfer of knowledge and technology

Examples of this are:

• Research on AI, semiconductors needed to produce advanced chips, and quantum technology. These are technological innovations that can be used in such applications as extremely fast computers and long-distance data communication. 
• Transfer is undesirable if it can have negative implications for national security. Here you might think of dual-use technology, which can be used for both civilian and military purposes. 

Undesirable influencing of academic education and research

This influencing may lead to self-censorship and could jeopardise academic freedom. An example of this is:

• Researchers who are intimidated by the regime in their home country. This could, for example, cause them to change their research results or to keep silent about sensitive issues, such as human rights.

Ethical issues when collaborating with researchers

Ethical issues come into play in collaborations with individuals and institutions from countries where fundamental rights are not respected.

An example of this is:

• Researchers who are involved in developing knowledge and technology, such as mass surveillance technology, that is used to oppress the country’s own citizens.

Practical examples

Take a look at the government’s National Contact Point for Knowledge Security website for some practical examples. 

Knowledge security is important in all the university’s activities, such as research, education, valorisation, administration and management. Although the focus is currently on tackling knowledge security risks in research, you can contact the Knowledge Security Advice Desk for all kinds of questions about knowledge security. 

How much you encounter knowledge security, and what’s expected of you, depends on your role. If you work in research, then knowledge security is an integral part of your duties. Situations where you may have to deal with knowledge security include: 

• Entering into new international (or national) collaborations with individuals, knowledge institutions, companies, organisations and public authorities. You should go through the flowchart to assess whether a collaboration is permitted and desirable.
• Visits by foreign delegations to the university and visits of delegations from our university to other countries. See the UNL Quick Guide for International Cooperation for tips (page 6).
• Attending and participating in conferences and lectures arranged by organisations from countries outside the EU, or if you yourself give a lecture outside the EU. See the UNL Quick Guide for International Cooperation for tips (pages 6 and 28).

If you’re in doubt or need advice about a specific case, please contact your faculty’s knowledge security adviser or the Knowledge Security Advice Desk.

Your first point of contact is your faculty’s knowledge security adviser. If this adviser can’t answer your question, you should contact the Knowledge Security Advice Desk at adviespuntkv@bb.leidenuniv.nl.

If you don’t already know who your faculty’s knowledge security adviser is, please contact the Advice Desk and they will put you in contact with the relevant person.

As a manager and/or initiator of a collaboration, it is important to think carefully about the security of (international) researchers in your team, both those who already work there and those who will potentially be appointed. You should ask, for example, about the scholarship conditions under which someone is coming to do research. Ask who is involved in determining the research topic and who approves it. Are there other people that the researcher reports to, alongside the normal academic process within Leiden University?

If security is not guaranteed, researchers or their families can be put under pressure, for example to report to people outside the normal research process. If researchers have debts or obligations (scholarship, loan, guarantee) with conditions that limit their freedom, they may be vulnerable or may even be susceptible to blackmail. 

Researchers themselves can also be vigilant. If you’re working on a sensitive research topic, you should not take data carriers with you to high-risk countries, unless they have been explicitly prepared for this. You should also consider how widely accessible the research data in your project are, and discuss this with your colleagues and manager.
 
It is also important to think carefully about the unethical, undesirable or even prohibited transfer of research results to high-risk countries. These results could be misused through, for example, contributing to the violation of human rights (think of voice analytics surveillance technology, image manipulation and facial recognition). We also want to ensure that our research is not inadvertently used by foreign armed forces. 

The Knowledge Security Flowchart helps you to assess whether a collaboration with an institution or individual is permitted and desirable. If you’re in doubt, please ask your faculty’s knowledge security adviser or the Knowledge Security Advice Desk. 

This document describes the basic principles of Leiden University’s policy on knowledge security. The motto of the Knowledge Security Policy Framework is ‘Open where possible, protected where necessary’. The policy framework was adopted by the Executive Board in December 2024.

In the Administrative Agreement on Higher Education and Science 2022, research universities and universities of applied sciences committed themselves to implementing the National Knowledge Security Guidelines. This included conducting a risk analysis in the area of knowledge security, which Leiden University carried out for each faculty in 2022/2023.

The main conclusions were that the university, as an organisation, collects insufficient information to make adequate risk assessments, that the approach to organising the knowledge security policy is too ad hoc, and that the division of responsibilities within the university is not sufficiently clear. Partly on the basis of these conclusions, the Executive Board issued the instruction to draw up a Knowledge Security Policy Framework.

High-risk countries are those that constitute an increased risk to knowledge security, due to the government’s authoritarian character, the military threat they exert or the lack of academic freedom at universities. The Dutch security services have currently identified a number of countries (‘state actors’) that pose an increased threat to Dutch state security.

Countries with a liberal democracy based on Western values, where academic freedom is respected at universities, are usually not classed as high-risk. When a country is designated as high-risk, it does not necessarily mean that collaboration poses an unacceptable risk. This will need to be assessed in combination with other factors.

Sensitive research areas constitute an increased risk to knowledge security, particularly because they relate to knowledge and technology that may be used in other countries for undesirable purposes. 

An important concept here is ‘sensitive technology’, which is often mentioned in relation to the technology readiness level (TRL). A technology that will soon be ready to use is more risk-sensitive than fundamental research. Sensitive technologies play a less significant role in the social sciences and humanities, but it is still advisable to be vigilant, for example in research areas that use large amounts of personal data. This also applies when security or security services themselves are the research topic.

A sensitive research area does not necessarily mean an unacceptable risk. This will need to be assessed in combination with other factors, such as the TRL.

One of the guiding principles when assessing the opportunities/interests and risks of an international collaboration is that we want to avoid prejudice, exclusion and discrimination. We will therefore never judge people personally, or solely on their nationality, origin or other personal characteristics. Origin may be a factor, but always in combination with the research area and other risk factors. To minimise the risk of prejudice, we use standardised tools as far as possible when making assessments, such as the flowchart, government data and other generally accepted external sources. 

The National Knowledge Security Guidelines have been drawn up as guidance for administrators of knowledge institutions who are involved with international cooperation and have to weigh its opportunities against its security (and other) risks. The guidelines provide knowledge institutions with suggestions for their approach to knowledge security.

Developments are also taking place in relation to collaborations with the fossil fuel industry and their ethical aspects. It is important to the university that staff members should know clearly where to turn if they have a question or a specific case, and that the procedures for the three themes are not entirely different.

In 2025 the temporary Committee for Assessing Ethical Aspects of Partnerships will issue advice on an overarching Sensitive Collaborations Committee, which will include the Knowledge Security Committee and the Fossil Fuel Collaborations Committee, and the procedure for this.

The Advice Desk supports staff members with expertise relating to knowledge security. Its tasks include handling specific cases and helping to raise awareness of knowledge security risks. The Advice Desk also develops policy and maintains a network within and outside the university. In addition, it serves as the contact point for the Knowledge Security Committee.

The Advice Desk assists all Leiden University staff members who have questions about knowledge security. 

You should contact the Advice Desk if you have any questions about internationally oriented collaboration initiatives and/or general and substantive questions about knowledge security, or if you want to report knowledge security incidents and you’re wondering what to do next. You can also contact the Advice Desk to request workshops or presentations on knowledge security.

The Advice Desk works with a mailbox and in principle will start to process questions and/or requests within two weeks. The processing time will then depend on various factors, such as the complexity of the question or case, and the extent to which the necessary information has been supplied. For example, the assessment of a specific case will often require the CV and project proposal. The Advice Desk may also ask you for additional information. 

The Advice Desk consists of: Head of Security Affairs, Chief Information Security Officer, Head of Internationalisation and Head of Research (Strategy and Academic Affairs directorate), Team Leader of LURIS, Knowledge Security Coordinator and two project support professionals. The Knowledge Security Coordinator is also the coordinator of the Advice Desk and the first point of contact, together with the secretariat. 

The Knowledge Security Committee plays a central role in the decision-making and organisation relating to knowledge security within the university. The committee will start its work on 1 March 2025.

Internationally oriented collaboration initiatives can be submitted to this committee (via the Knowledge Security Advice Desk) with a request to assess them. This request will be made by the initiators of a collaboration and the scientific director of the relevant institute. Before doing this, the initiators will have first made their own assessment of the opportunities (interests) and risks. In case of doubt about whether the risks are acceptable, they are obliged to submit a request for assessment to the committee.

Want to know more?

See chapters 5 and 6 of the Knowledge Security Policy Framework. The university has also established Regulations on Knowledge Security, setting out the structure and organisation of the committee. The Knowledge Security Committee consists of members of the Knowledge Security Advice Desk and experts in areas such as human rights, countries and sensitive technology.

1. The initiator of a collaboration initiative and the scientific director of the relevant institute together make an assessment of the opportunities and risks, using the Knowledge Security Flowchart. In case of doubt, the initiative is sent to the Knowledge Security Advice Desk.
2. The Knowledge Security Advice Desk prepares the assessment, which the Knowledge Security Committee will then conduct.
3. The Knowledge Security Committee issues a binding decision within four weeks. This time limit is six weeks if external advice is requested, for example from additional experts or the National Contact Point for Knowledge Security.
4. Depending on the decision, the collaboration initiative is started (the risk is acceptable), postponed (more information is needed), started but with measures applied to reduce the risks, or not started (the risk is unacceptable). If the committee’s assessment is that an initiative must not be started due to unacceptable risks, the initiator can submit an objection against this (within four weeks) to the Faculty Board.

See the Knowledge Security Flowchart for the steps in weighing opportunities (interests) against risks in international collaborations.

See the procedure of the Knowledge Security Committee for a visual representation of the committee’s procedure.