As detailed in Research and Scholarship Category, the Research and Scholarship Entity Category is used to facilitate the exchange of information between IdPs and SPs in support of activities related to research and scholarship. Institutions that operate Service Providers (SPs) state compliance with a set of operational and technical practices to protect identity information, and institutions operating Identity Providers (IdPs) state agree to release low-risk attributes to those SPs. InCommon reviews these statements and assigns the Research and Scholarship Entity Category to those IdPs and SPs.
Certification for the Research and Scholarship (R&S) Category is a straightforward process involving you, your institution, and InCommon.
It should be noted that exchange between IdPs and SPs within InCommon is subject to Section 9 of the InCommon Federation Participation Agreement, which states "Participant agrees to respect the privacy of and any other constraints placed on identity information that it might receive from other InCommon Participants as agreed upon between Participant and the InCommon Participant(s). In particular, Participant understands that it may not permanently store nor share or disclose or use for any purpose other than its intended purpose any identity information that it receives from another InCommon Participant without express written permission of the other InCommon Participant. Participant understands that the storing and sharing of resources is between the Participant and the InCommon Participant(s) and is not the responsibility of InCommon." This is a requirement for your IdPs and SPs, independent of whether they are certified for the R&S entity category.
Also, the information transmitted from IdPs to SPs under the R&S entity category is designed to comply with the minimal disclosure principle, and legal review in Europe has determined that it satisfies GDRP requirements for privacy of identity information.