This article focuses on whether a certain form of consent used by biobanks – open consent – is compatible with the Proposed Data Protection Regulation. In an open consent procedure, the biobank requests consent once from the data subject for all future research uses of genetic material and data. However, as biobanks process personal data, they must comply with data protection law. Data protection law is currently undergoing reform. The Proposed (...) class='Hi'>Data Protection Regulation is the culmination of this reform and, if voted into law, will constitute a new legal framework for biobanking. The Regulation puts strict conditions on consent – in particular relating to information which must be given to the data subject. It seems clear that open consent cannot meet these requirements. 4 categories of information cannot be provided with adequate specificity: purpose, recipient, possible third country transfers, data collected. However, whilst open consent cannot meet the formal requirements laid out by the Regulation, this is not to say that these requirements are substantially undebateable. Two arguments could be put forward suggesting the applicable consent requirements should be rethought. First, from policy documents regarding the drafting process, it seems that the informational requirements in the Regulation are so strict in order to protect the data subject from risks inherent in the use of the consent mechanism in a certain context – exemplified by the online context. There are substantial differences between this context and the biobanking context. Arguably, a consent transaction in the biobanking does not present the same type of risk to the data subject. If the risks are different, then perhaps there are also grounds for a reconsideration of consent requirements? Second, an argument can be made that the legislator drafted the Regulation based on certain assumptions as to the nature of ‘data’. The authors argue that these assumptions are difficult to apply to genetic data and accordingly a different approach to consent might be preferable. Such an approach might be more open consent friendly. (shrink)

This book on privacy and data protection offers readers conceptual analysis as well as thoughtful discussion of issues, practices, and solutions. It features results of the seventh annual International Conference on Computers, Privacy, and Data Protection, CPDP 2014, held in Brussels January 2014. The book first examines profiling, a persistent core issue of data protection and privacy. It covers the emergence of profiling technologies, on-line behavioral tracking, and the impact of profiling on fundamental rights (...) and values. Next, the book looks at preventing privacy risks and harms through impact assessments. It contains discussions on the tools and methodologies for impact assessments as well as case studies. The book then goes on to cover the purported trade-off between privacy and security, ways to support privacy and data protection, and the controversial right to be forgotten, which offers individuals a means to oppose the often persistent digital memory of the web. Written during the process of the fundamental revision of the current EU data protection law by the Data Protection Package proposed by the European Commission, this interdisciplinary book presents both daring and prospective approaches. It will serve as an insightful resource for readers with an interest in privacy and data protection. (shrink)

Genetics is a biomedical science that investigates heredity, variability, occurrence of genetic diseases and their prevention. Genetic science has many fields of science, which deal with different genetic processes, methods, aspects and fields of application. The genetic research in Europe related to the individual as the main subject of the research is exposed to a wide range of ethical and legal issues. From the developments in genetic science other sciences have evolved, thanks to which the modern world is able to (...) protect the genetic information of data, and to receive the sanction while ignoring the laws of such data. However, many problems still persist in the field of protection of personal genetic information, such as regulatory standards, the inviolability of an individual, the assurance of freedom and privacy of information. This manuscript attempts to reveal the main aspects of genetic human data protection, to research conduct regulations, ethics and issues related to the protection of individuals, such as protection of privacy, discrimination, confidentiality, etc. The article mainly focuses on the Conventions and Protocols elaborated by the Council of Europe because of its role in bioethics and focus on human rights. The author examined the documents such as the Convention on Human Rights and Biomedicine, the Additional Protocol to the Convention on Human Rights and Biomedicine concerning Biomedical Research, Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and others. Genetic discrimination is strictly forbidden by international conventions and declarations, which means that discrimination on the grounds of personal genetic information (diseases, abnormalities) is not possible in all areas, including employment and insurance. However, individuals face some problems in getting a job due to the publicity and information disclosure to their employers, or in increasing the amount of insurance premiums. However, the disclosure of genetic information may have relevant, statutory consequences and the victims may apply to court for defending these rights. It is essential to protect genetic rights, as any form of discrimination against a person on the grounds of their genetic heritage is prohibited and intervention in the health field or disclosure of such information is only possible after the person concerned has given their free and informed consent. (shrink)

Concerns have been raised around the alleged commercialisation of South African genetic material by various research institutes nationally and abroad. We consider whether the Protection of Personal Information Act in South Africa will conflict with or complement existing protections in health law and research ethics. The Act is not applicable to de‐identified samples that cannot be re‐identified but we question whether genetic samples can ever be truly de‐identified. The research participants in this matter provided consent for use of their (...) samples for research but did not consent to commercialisation by global research institutions, and neither did the researchers. We suggest that consent models incorporating broad consent as an option should include explicit discussions around benefit sharing and commercialisation. Mistrust between researchers and participants impedes scientific research and can harm relationships built up over the years between South African researchers and local communities. (shrink)

Since the 1970s and more rigorously since the 1990s, many countries have regulated data protection and privacy laws in order to ensure the safety and privacy of personal data. First, a comparison is made of different acts regarding genetic information that are in force in the EU, the USA, and China. In Turkey, changes were adopted only recently following intense debates. This study aims to explore the experts’ opinions on the regulations of the health information systems, (...) class='Hi'>data security, privacy, and confidentiality in Turkey, with a particular focus on genetic data, which is more sensitive than other health data as it is a permanent identifier that is inherited to next of kin and shared with other family members. Two focus groups with 18 experts and stakeholders were conducted, discussing topics such as central data collection, legalized data sharing, and the management of genetic information in health information systems. The article concludes that the new Turkish personal data protection law is problematic as the frame of collectible data is wide-ranging, and the exceptions are extensive. Specific laws or articles dedicated to genetic data that also overlook the dimension of discrimination based on genetic differences in Turkey should be taken into consideration. In broader terms, it is intended to put up for discussion that in addition to ethical aspects, economic aspects and legal aspects of health should be included in the discussion to be carried out within the framework of socio-political analyses with culture-specific approaches and cross-culture boundaries simultaneously. (shrink)

As one of the most massive and successful business sectors, the pharmaceutical industry is a potent force for good in the community, yet its behaviour is frequently questioned: could it serve society at large better than it has done in the recent past? Its own internal ethics, both in business and science, may need a careful reappraisal, as may the extent to which the law - administrative, civil and criminal - succeeds in guiding (and where neccessary contraining) it. The rules (...) of behavior that may be considered to apply to today's pharmaceutical industry have emerged over a very long period and the process goes on. Even the immensely detailed standards for quality, safety and efficacy laid down in drug law and regulation during the second half of the twentieth century have their limitations as tools for ensuring that the public interest is well served. In particular, national and regional regulatory agencies are heavily dependent on industrial data for their decision-making, their standards and competence vary, and even the existing network of agencies does not cover the entire world. What is more there are many areas of law and regulation affecting the industry, concerning for example the pricing of medicines, the conduct of clinical studies, the health protection of workers and concern for the environment. In some fields it is indeed hardly possible to maintain standards through regulation. Professor N.M. Graham Dukes, a physician and lawyer with long term experience in industrial research management, academic study and international drug policy, provides here a powerfully documented analysis into the way this industry thinks, acts, and is viewed, and examines the current trends pointing to change. *Provides a balanced picture of the current role of the pharmaceutical industry in society *Includes indices of conventions, laws, and regulations; as well as judicial and disciplinary cases *This is the only book addressing the legal implications of big pharma activities and ethical standards. (shrink)

Since approval of the EU General Data Protection Regulation (GDPR) in 2016, it has been widely and repeatedly claimed that the GDPR will legally mandate a ‘right to explanation’ of all decisions made by automated or artificially intelligent algorithmic systems. This right to explanation is viewed as an ideal mechanism to enhance the accountability and transparency of automated decision-making. However, there are several reasons to doubt both the legal existence and the feasibility of such a right. In contrast (...) to the right to explanation of specific automated decisions claimed elsewhere, the GDPR only mandates that data subjects receive meaningful, but properly limited, information (Articles 13-15) about the logic involved, as well as the significance and the envisaged consequences of automated decision-making systems, what we term a ‘right to be informed’. Further, the ambiguity and limited scope of the ‘right not to be subject to automated decision-making’ contained in Article 22 (from which the alleged ‘right to explanation’ stems) raises questions over the protection actually afforded to data subjects. These problems show that the GDPR lacks precise language as well as explicit and well-defined rights and safeguards against automated decision-making, and therefore runs the risk of being toothless. We propose a number of legislative and policy steps that, if taken, may improve the transparency and accountability of automated decision-making when the GDPR comes into force in 2018. (shrink)

Susser and Cabrera (2024) assess the role of bespoke neuro-privacy regulations including the creation of a novel right to mental privacy. They argue that focusing on what distinguishes mental priva...

In the early 1970s, Congress considered enacting comprehensive privacy legislation, but it was unable to do so. In 1974, it passed the Privacy Act, applicable only to information in the possession of the federal government. In the intervening years, other information privacy laws enacted by Congress, such as the Health Insurance Portability and Accountability Act, have been weak and sector specific. With the explosion of information technology and the growing concerns about an absence of effective federal privacy laws, the legal (...) focus has shifted to the states. Signaling a new direction in state data privacy and consumer protection law, the California Consumer Privacy Act establishes important rights and protections for California residents with regard to the collection, use, disclosure, and sale of their personal information. The CCPA is certain to spur similar legislation and to affect national and international businesses that collect data from California's residents. Understanding the new law is important for all data‐driven industries, including health care. (shrink)

This paper addresses the question of delegation of morality to a machine, through a consideration of whether or not non-humans can be considered to be moral. The aspect of morality under consideration here is protection of privacy. The topic is introduced through two cases where there was a failure in sharing and retaining personal data protected by UK data protection law, with tragic consequences. In some sense this can be regarded as a failure in the process (...) of delegating morality to a computer database. In the UK, the issues that these cases raise have resulted in legislation designed to protect children which allows for the creation of a huge database for children. Paradoxically, we have the situation where we failed to use digital data in enforcing the law to protect children, yet we may now rely heavily on digital technologies to care for children. I draw on the work of Floridi, Sanders, Collins, Kusch, Latour and Akrich, a spectrum of work stretching from philosophy to sociology of technology and the “seamless web” or “actor–network” approach to studies of technology. Intentionality is considered, but not deemed necessary for meaningful moral behaviour. Floridi’s and Sanders’ concept of “distributed morality” accords with the network of agency characterized by actor–network approaches. The paper concludes that enfranchizing non-humans, in the shape of computer databases of personal data, as moral agents is not necessarily problematic but a balance of delegation of morality must be made between human and non-human actors. (shrink)

Answering important public health questions often requires collection of sensitive information about individuals. For example, our understanding of how HIV is transmitted and how to prevent it only came about with people's willingness to share information about their sexual and drug-using behaviors. Given the scientific need for sensitive, personal information, researchers have a corresponding ethical and legal obligation to maintain the confidentiality of data they collect and typically promise in consent forms to restrict access to it and not to (...) publish identifying data.The interests of others, however, can threaten researchers' promises of confidentiality when legal demands are made to access research data. In some cases, the subject of the litigation is tightly connected to the research questions, and litigants' interest in the data is not surprising. Researchers conducting studies on tobacco or occupational or other chemical exposures, for example, are relatively frequent targets of subpoenas. (shrink)

Biobanks are proliferating rapidly worldwide because they are powerful tools and organisational structures for undertaking medical research. By linking samples to data on the health of individuals, it is anticipated that biobanks will be used to explore the relationship between genes, environment and lifestyle for many diseases, as well as the potential of individually-tailored drug treatments based on genetic predisposition. However, they also raise considerable challenges for existing legal frameworks and research governance structures. This book critically examines the current (...) governance structures in place for biobanks in England and Wales. It shows that the technologies, techniques and practices involved in biobanking do not always conform neatly to existing legal principles and frameworks that apply to other areas of medical research. Using a socio-legal approach, including interview data gathered from the scientific community, this book provides unique insights and makes recommendations about appropriate governance mechanisms for biobanking in the future. It also explores the issues around the secondary use of information, such as consent and how to protect privacy, when biobanks are accessed by a number of different third parties. These issues have relevance both within England and Wales and to a wide international audience, as well as for other areas where large datasets are used.--Back cover. (shrink)

The unprecedented public panic caused by COVID-19 will affect the recovery of tourism, especially the theme parks, which are generally crowded due to high visitor volume. The purpose of this study is to discuss the effect of the COVID-19 on the theme park industry. This study aims to predict recommendation intentions of theme park visitors by exploring the complicated mechanism derived from the fear of COVID-19. This study uses a quantitative research method, and SPSS 20.0 and AMOS 22.0 were used (...) for data analysis. An online survey was conducted with 420 Chinese respondents who visited Shanghai Disneyland after its reopening. The study explored the relationship between Fear of COVID-19, perceived risk, participation, service experience, and revisit intention. Results indicated the perceived risk of theme park visitors will not directly ruin their recommendation intention. Visitors’ fear of COVID-19 enhanced their perceived risk, reduced their desire for active participation and impaired their service experience, which consequently affected their recommendation intention. We provide theoretical and managerial implications. (shrink)

In previous works (Floridi 2018) I introduced the distinction between hard ethics (which may broadly be described as what is morally right and wrong independently of whether something is legal or illegal), and soft or post-compliance ethics (which focuses on what ought to be done over and above existing legislation). This paper analyses the applicability of soft ethics to the General Data Protection Regulation and advances the theory that soft ethics has a dual advantage—as both an opportunity strategy (...) and a risk management solution. (shrink)

Pharmaceutical companies have exploited health information technology to “mine” data from drug prescriptions and use the data to better target their sales pitches to physicians. This article considers the policy arguments and first amendment implications regarding state regulation of data mining. It concludes that the legislative provisions are desirable and should withstand constitutional challenge.

This edited collection brings together a series of interdisciplinary contributions in the field of Information Technology Law. The topics addressed in this book cover a wide range of theoretical and practical legal issues that have been created by cutting-edge Internet technologies, primarily Big Data, the Internet of Things, and Cloud computing. Consideration is also given to more recent technological breakthroughs that are now used to assist, and - at times - substitute for, human work, such as automation, robots, sensors, (...) and algorithms. The chapters presented in this edition address these issues from the perspective of different legal backgrounds. The first part of the book discusses some of the shortcomings that have prompted legislators to carry out reforms with regard to privacy, data protection, and data security. Notably, some of the complexities and salient points with regard to the new European General Data Protection Regulation (EU GDPR) and the new amendments to the Japan's Personal Information Protection Act (PIPA) have been scrutinized. The second part looks at the vital role of Internet intermediaries (or brokers) for the proper functioning of the globalized electronic market and innovation technologies in general. The third part examines an electronic approach to evidence with an evaluation of how these technologies affect civil and criminal investigations. The authors also explore issues that have emerged in e-commerce, such as Bitcoin and its blockchain network effects. The book aims to explain, systemize and solve some of the lingering legal questions created by the disruptive technological change that characterizes the early twenty-first century. (shrink)

Recent algorithmic technologies have challenged law’s anthropocentric assumptions. In this article, we develop a set of theoretical tools drawn from new materialisms and the philosophy of information to unravel the complex intra-actions between law and computer code. Accordingly, we first propose a framework for understanding the enmeshing of law and code based on a diffractive reading of Barad’s agential realism and Simondon’s theory of information. We argue that once law and code are understood as material entities that intra-act through in-formation, (...) the concept of transduction allows us to trace how they push each other towards change. After developing the theoretical tools, we deploy them to make sense of how law and code have changed in response to increasing automation of decision-making and the appearance of unexplainable artificial intelligence (AI) code. Thus, we employ a case study to trace transformations of the right to explanation under the European data protection regulations. This provides the backdrop for our account of how law transduces into code (and vice versa) and a proving ground for our framework. (shrink)

PurposeWithin a larger mandate of reviewing the key global trends concerning consumer protection in the electronic commerce (e-commerce) literature, this study aims to study the legal framework concerning e-commerce and consumer protection in the Sultanate of Oman and to analyse the current regulations concerning e-commerce and consumer protection.Design/methodology/approachThis study followed the normative legal research approach and resorted to the desk research process to facilitate content analysis of literature containing consumer protection legislation and regulatory provisions in Oman (...) in particular and the rest of the world in general.FindingsThe study reveals that consumer protection initiatives in Oman are well entrenched for offline transactions, but are relatively new and limited for e-commerce. In spite of the promulgation of consumer protection laws, electronic transaction law and cybercrime law, consumer protection measures for e-commerce in Oman do not address a large number of the global concerns necessary to build consumer confidence and trust in the online environment.Research limitations/implicationsThere is a dearth of information concerning Oman on this topic in the extant literature. The research also witnessed the lack of empirical data on the issue of consumer protection and e-commerce in Oman that offer a detailed database of consumer complaints and associated outcomes.Practical implicationsThe mechanism of consumer protection in electronic transactions is not robust in many countries. Because of the lack of comprehensive and robust legislation, consumers remain vulnerable in the online contractual purchase process. Moving beyond the fragmented legislation, many countries are currently mulling an all-comprehensive e-commerce law, implications of this paper will help the policymakers in identifying the focus areas.Social implicationsConsumer protection is a burning global issue in this era of consumerism. It is important to build consumer trust, transparency and integrity of transactions to reduce the risk and uncertainties of purchase.Originality/valueConsumer protection studies conducted in the context of Oman, hitherto, deal more with data protection and dispute resolution mechanisms, and less with legal provisions, regulations and consumer confidence. The study shares newer insights based on a systematic review of legal and business databases. It is the first study of its kind in the context of Oman and the Middle East in general. (shrink)

Biobanking in Europe has made major steps towards harmonization and shared standards for the collection and processing of data and samples stored in biobanks. Still, biobanks and researchers face substantial legal difficulties in the field of data protection and sample management. Data protection law was harmonized almost 15 years ago while rights in samples fall under the competence of the Member States of the EU. Despite the Data Protection Directive the field of (...) class='Hi'>data protection shows a substantial degree of deviation as public health was excluded from the harmonization. Biobanks seem to have substantially fewer difficulties to cope with in terms of the legal requirements in the field of sample management. This paper discusses the legal framework, experiences of different biobanks in Europe and potential ways forward. It also highlights the need for a health economic analysis of the costs and benefits of privacy protection in Europe. At the moment, policymakers seem to build their decisions on an insufficient evidence base which underestimates the potential value of biobanks for European public health. Within the past few years little progress has been achieved with regards to the development of a unified legal framework in Europe, The diversity in the legal system is also reflected in the different approaches of ethics committees towards biobanking. To secure the responsible and effective use of data and samples, more efforts are needed to come up with pathways for a solution. (shrink)

Biobanking in Europe has made major steps towards harmonization and shared standards for the collection and processing of data and samples stored in biobanks. Still, biobanks and researchers face substantial legal difficulties in the field of data protection and sample management. Data protection law was harmonized almost 15 years ago while rights in samples fall under the competence of the Member States of the EU. Despite the Data Protection Directive the field of (...) class='Hi'>data protection shows a substantial degree of deviation as public health was excluded from the harmonization. Biobanks seem to have substantially fewer difficulties to cope with in terms of the legal requirements in the field of sample management. This paper discusses the legal framework, experiences of different biobanks in Europe and potential ways forward. It also highlights the need for a health economic analysis of the costs and benefits of privacy protection in Europe. At the moment, policymakers seem to build their decisions on an insufficient evidence base which underestimates the potential value of biobanks for European public health. Within the past few years little progress has been achieved with regards to the development of a unified legal framework in Europe, The diversity in the legal system is also reflected in the different approaches of ethics committees towards biobanking. To secure the responsible and effective use of data and samples, more efforts are needed to come up with pathways for a solution. (shrink)

The paper examines the connection between online security and the protection of civil rights from a legal viewpoint, that is, considering the different types of rights and interests that are at stake in national and international law and whether, and to what extent, they concern matters of balancing. Over the past years, the purpose of several laws, and legislative drafts such as ACTA, has been to impose “zero-sum games”. In light of current statutes, such as HADOPI in France, or (...) Digital Economy Act in UK, the paper intends to illustrate how more satisfactory solutions are feasible in the field of online security, such as the new “Police and Criminal Justice Data Protection Directive” that the European Commission presented in January 2012. At least in Western legal systems, it should be clear that either civil rights prevail over security (no balancing), or such balance has to satisfactorily protect individual rights (proportionality). (shrink)

This volume brings together papers that offer conceptual analyses, highlight issues, propose solutions, and discuss practices regarding privacy and data protection. The first section of the book provides an overview of developments in data protection in different parts of the world. The second section focuses on one of the most captivating innovations of the data protection package: how to forget, and the right to be forgotten in a digital world. The third section presents studies (...) on a recurring, and still important and much disputed, theme of the Computers, Privacy and Data Protection (CPDP) conferences : the surveillance, control and steering of individuals and groups of people and the increasing number of performing tools (data mining, profiling, convergence) to achieve those objectives. This part is illustrated by examples from the domain of law enforcement and smart surveillance. The book concludes with five chapters that advance our understanding of the changing nature of privacy (concerns) and data protection. (shrink)

In Canada, the Assisted Human Reproduction Act received royal assent on 29 March 2004. The approach proposed by the federal government responds to Canadians’ strong desire for an enforceable legislative framework in the field of reproduction technologies through criminal law. As a result of the widening gap between the rapid pace of technological change and governing legislation, a distinct need was perceived to create a regulatory framework to guide decisions regarding reproductive technologies.In this article the three main topics covered in (...) the new legislation are commented on: cloning, germline therapy, and purchase of gametes and embryos. Some important issues also covered in the new legislation, such as privacy and access to information, data protection, identity of donors, and inspection, will not be addressed. (shrink)

As with many other countries, Malaysia is also developing and promoting biomedical research to increase the understanding of human diseases and possible interventions. To facilitate this development, there is a significant growth of biobanks in the country to ensure continuous collection of biological samples for future research, which contain extremely important personal information and health data of the participants involved. Given the vast amount of samples and data accumulated by biobanks, they can be considered as reservoirs of precious (...) biomedical big data. It is therefore imperative for biobanks to have in place regulatory measures to ensure ethical use of the biomedical big data. Malaysia has yet to introduce specific legislation for the field of biobanking. However, it can be argued that its existing Personal Data Protection Act 2010 has laid down legal principles that can be enforced to protect biomedical big data generated by the biobanks. Consent is a mechanism to enable data subjects to exercise their autonomy by determining how their data can be used and ensure compliance with legal principles. However, there are two main concerns surrounding the current practice of consent in biomedical big data in Malaysia. First, it is uncertain that the current practice would be able to respect the underlying notion of autonomy, and second, it is not in accordance with the legal principles of the PDPA. Scholars have deliberated on different strategies of informed consent, and a more interactive approach has recently been introduced: dynamic consent. It is argued that a dynamic consent approach would be able to address these concerns. (shrink)

Informed consent bears significant relevance as a legal basis for the processing of personal data and health data in the current privacy, data protection and confidentiality legislations. The consent requirements find their basis in an ideal of personal autonomy. Yet, with the recent advent of the global pandemic and the increased use of eHealth applications in its wake, a more differentiated perspective with regards to this normative approach might soon gain momentum. This paper discusses the compatibility (...) of a moral duty to share data for the sake of the improvement of healthcare, research, and public health with autonomy in the field of data protection, privacy and medical confidentiality. It explores several ethical-theoretical justifications for a duty of data sharing, and then reflects on how existing privacy, data protection, and confidentiality legislations could obstruct such a duty. Consent, as currently defined in the General Data Protection Regulation – a key legislative framework providing rules on the processing of personal data and data concerning health – and in the recommendation of the Council of Europe on the protection of health-related data – explored here as soft-law – turns out not to be indispensable from various ethical perspectives, while the requirement of consent in the General Data Protection Regulation and the recommendation nonetheless curtails the full potential of a duty to share medical data. Also other legal grounds as possible alternatives for consent seem to constitute an impediment. (shrink)

This book considers the efficacy of the common regulatory model of the licensing regime as a means of regulating animal use in England, with a particular focus on wild animals and the regime’s ability to ensure animal welfare needs are met. Using information gleaned from over 550 inspection reports relating to the period 2008 through 2019, obtained using FOI Act requests, the book analyses the extent to which animals used by these industries are protected by law. Tyson analyses the limitations (...) present in the practical application of English legislation responsible for creating a number of relevant licensing regimes.The regimes discussed include: The Zoo Licensing Act 1981, the now repealed Welfare of Wild Animals in Travelling Circuses Regulations 2012, and the Animal Welfare Regulations 2018, introduced under the Animal Welfare Act 2006. Exploring the weakness in the use of this type of regulatory model, Tyson proposes compelling recommendations for change in future policy development. Making an important contribution to the question of enforcement of animal welfare laws, this book provides useful and original insights into the implementation of licensing regimes, and will be of particular interest to scholars of animal welfare law, animal ethics, and critical animal studies. (shrink)

Both the European Union and the Council of Europe have a bearing on privacy in genomic databases and biobanking. In terms of legislation, the processing of personal data as it relates to the right to privacy is currently largely regulated in Europe by Directive 95/46/EC, which requires that processing be “fair and lawful” and follow a set of principles, meaning that the data be processed only for stated purposes, be sufficient for the purposes of the processing, be kept (...) only for so long as is necessary to achieve those purposes, and be kept securely and only in an identifiable state for such time as is necessary for the processing. The European privacy regime does not require the de-identification of personal data used in genomic databases or biobanks, and alongside this practice informed consent as well as governance and oversight mechanisms provide for the protection of genomic data. (shrink)

Data sharing – broadly defined as the exchange of health-related data among multiple controllers and processors – has gained increased relevance in the health sciences over recent years as the need and demand for collaboration has increased. This includes data obtained through healthcare provisions, clinical trials, observational studies, public health surveillance programs, and other data collection methods. The practice of data sharing presents several notable challenges, however. Compliance with a complex and dynamic regulatory framework is (...) essential, with the General Data Protection Regulation being a prominent example in a European context. Recent regulatory developments related to clinical trial transparency, trade secrecy, data access, AI training data, and health data spaces further contribute to the difficulties. Simultaneously, government initiatives often encourage scientists to embrace principles of “open data” and “open innovation.” The variety of regulations in this domain has the potential to impede widespread data sharing and hinder innovation. This edited volume, therefore, compiles comparative case studies authored by leading scholars from diverse disciplines and jurisdictions. The book aims to outline the legal complexities of data sharing. By examining real-world scenarios from diverse disciplines and a global perspective, it explores the normative, policy, and ethical dilemmas that surround data sharing in the health sciences today. Chapter Patient Perspectives on Data Sharing, Chapter Supplementary Measures and Appropriate Safeguards for International Transfers of Health Data after Schrems II are available open access under a Creative Commons Attribution 4.0 International License via link.springer.com. (shrink)

The aim of the article is to explain the relationship between the ethical evaluation of scientific research involving personal data and the assessment of compliance with data protection law. The article presents the mutual relationship between the protection of personal data and scientific activity from a dogmatic perspective, the legal regulation of the processing of personal data in scientific research, and the so-called research exceptions that apply when data are processed for scientific research. (...) It also covers the importance of meeting the ethical requirements of scientific research in order to profit from the indicated exceptions. Finally, it provides a comparison between the ethical and the legal systems of personal data protection in research (objectives, criteria, authorities, and procedures). (shrink)

A vast amount of empirical research has been compiled on labor laws yet more is called for in view of the rapid changes occurring in this field. This article discusses the attempts to individualize the relationship, as well as make labor markets more flexible. A sociological perspective on the post-war situation viewed the industrial system as stable and self-adjusting. The article emphasizes the emergence of new data sources and methods and considers the role of theory in shaping the empirical (...) research agenda. Labor legislations only provide the structure within which collective bargaining would occur, while abstaining from directly influencing the outcome. This article reviews the state of the art on a number of substantive issues: the law governing collective labor relations; minimum wage laws; employment protection legislation; the operation of labor courts and alternative dispute resolution mechanisms; and the relationship between labor law and corporate governance systems. (shrink)

Changes in government policy over the last two decades have seen the traditional goals of criminal justice, namely prosecution and punishment, being replaced by an emphasis on prevention, fear reduction, security and harm reduction. During this time domestic abuse has gained a place on the political agenda, which has resulted in legislative initiatives in the form of civil protection orders across the U.K. which primarily focus on prevention but have also more recently begun to rely on the traditional criminal (...) justice responses should they fail to prevent further abuse. Drawing on international evaluations and a recent study conducted in Scotland (the Scottish study), the article examines whether legislation in the form of civil protection orders has the effect of curtailing the actions of abusers and if not, what occurs when the traditional criminal justice response comes into play. The strengths of civil protection orders and some explanations for the weaknesses of these orders are considered alongside the question of whether there is any value in women continuing to engage with the law in response to domestic abuse. (shrink)

For the average person, genetic testing has two very different faces. The rise of genetic testing is often promoted as the democratization of genetics by enabling individuals to gain insights into their unique makeup. At the same time, many have raised concerns that genetic testing and sequencing reveal intensely personal and private information. As these technologies become increasingly available as consumer products, the ethical, legal, and regulatory challenges presented by genomics are ever looming. Assembling multidisciplinary experts, this volume evaluates the (...) different models used to deliver consumer genetics and considers a number of key questions: How should we mediate privacy and other ethical concerns around genetic databases? Does aggregating data from genetic testing turn people into products by commercializing their data? How might this data reduce or exacerbate existing healthcare disparities? Contributing authors also provide guidance on protecting consumer privacy and safety while promoting innovation. (shrink)

This book presents the latest research on the challenges and solutions affecting the equilibrium between freedom of speech, freedom of information, information security, and the right to informational privacy. Given the complexity of the topics addressed, the book shows how old legal and ethical frameworks may need to be not only updated, but also supplemented and complemented by new conceptual solutions. Neither a conservative attitude (“more of the same”) nor a revolutionary zeal (“never seen before”) is likely to lead to (...) satisfactory solutions. Instead, more reflection and better conceptual design are needed, not least to harmonise different perspectives and legal frameworks internationally. The focus of the book is on how we may reconcile high levels of information security with robust degrees of informational privacy, also in connection with recent challenges presented by phenomena such as “big data” and security scandals, as well as new legislation initiatives, such as those concerning “the right to be forgotten” and the use of personal data in biomedical research. The book seeks to offer analyses and solutions of the new tensions, in order to build a fair, shareable, and sustainable balance in this vital area of human interactions. (shrink)

The application of the latest technologies in biology and medicine has brought them to a qualitatively new level of possibilities. Worldwide, biobanking is actively developing through the creation of biobanks of various types and purposes, whose resources are used to solve therapeutic or scientific problems. Legal science remains an open question concerning the boundary that runs between the right to data protection and the scope of disclosure of data needed for medical purposes. In this article, the author (...) considers peculiarities of data processing in the context of biobanking activity on the example of Austria and its national legislation. In addition, the article reveals features of the approaches of the European Court of Human Rights (ECtHR) and the Council of Europe to the issue of biobanking in general, its characteristics in the context of data, and legal regulation of this phenomenon in the national law of states. The author devoted an important part of the study to the role of Austria’s experience in the context of data processing for scientific purposes and the development of biobanking for a number of other European states. The aim of the article is to analyze the Austrian legislation on data processing for scientific research and biobanking, the attitude of the Council of Europe to this phenomenon, and the practice of the ECtHR, as well as to consider the impact of the current world situation on these activities. The leading method of research used in the article is the formal-legal method. The article analyzes the Austrian law in the context of data processing in medical research, the relationship of the specifics of personal data protection, and the need to disclose them for scientific purposes. The author pays special attention to the influence of Austrian law on the legislation of other countries, which is reflected in the conclusions to the article. In addition, based on an analysis of the application of the Austrian experience to the legislation of Poland and Ukraine, the author points out the necessary changes that should be made in the laws of these countries. (shrink)

In May 2021, the UK National Health Service (NHS) proposed a scheme—called General Practice Data for Planning Research (GPDPR)—for sharing patients’ data. Under that system, a patient who does not wish to participate must actively opt out of their data being shared with third parties for research and other purposes. In this paper, we analyse the lessons that can be learned for the responsible and ethical governance of health data from the NHS’ new scheme. More specifically, (...) we explore the extent to which the opt-out within the planned scheme complies with the requirements stemming from the General Data Protection Regulation (GDPR), particularly in relation to the principles of lawfulness and transparency. We then evaluate, from an ethical perspective, this opt-out ‘nudge’ and whether it is sufficiently resistible, reversible, and has appropriate goals. In light of the above, we then propose improvements for the scheme’s legal and ethical acceptability. (shrink)

Privacy, Due process and the Computational Turn: The Philosophy of Law Meets the Philosophy of Technology engages with the rapidly developing computational aspects of our world including data mining, behavioural advertising, iGovernment, profiling for intelligence, customer relationship management, smart search engines, personalized news feeds, and so on in order to consider their implications for the assumptions on which our legal framework has been built. The contributions to this volume focus on the issue of privacy, which is often equated with (...) data privacy and data security, location privacy, anonymity, pseudonymity, unobservability, and unlinkability. Here, however, the extent to which predictive and other types of data analytics operate in ways that may or may not violate privacy is rigorously taken up, both technologically and legally, in order to open up new possibilities for considering, and contesting, how we are increasingly being correlated and categorizedin relationship with due process – the right to contest how the profiling systems are categorizing and deciding about us. (shrink)

The corona pandemic altered many traditional and historical norms of society and law. COVID-19 created a humanitarian crisis in some parts of globe, while pandemic privacy and civil liberties were under threat all over world. To combat the deadly virus, individual liberty and equality were compromised. This paper focuses on how India’s health problem has compromised people’s right to privacy. It will highlight how strict executive policies led to the creation of a massive surveillance system in the name of combating (...) the COVID-19 pandemic, as well as how the absence of any policy or legal framework led to the exclusion of individuals and their families who were suspected of having the virus or caring for those who were infected with the deadly virus. The paper uses case studies and data collected from primary as well as secondary sources. The authors will also point out how the absence of privacy regulation puts millions of citizens’ private information at risk of being compromised or exploited against their will. (shrink)

Restricting a person’s liberty presents society with many inherent ethical challenges. The historical purposes of confinement have included punishment, penitence, containment, rehabilitation, and habilitation. While the purposes are indeed complex, multifaceted, and at times ambiguous or contradictory, the fact of incarceration intrinsically creates many ethical challenges for psychiatrists working in correctional settings. Role definition of a psychiatrist may be ambiguous, with potential tensions between forensic and therapeutic demands. Privacy may be limited or absent and confidentiality may be compromised. Patient autonomy (...) may be threatened to address real or perceived security concerns. Care delivery may actually have harmful consequences in court cases for pretrial detainees or lethal consequences for those under a death sentence. An absence of data and targeted research hampers the development of evidence-based care delivery for the disenfranchised, understudied, and disproportionately ill prisoner population. In this review paper, I discuss a few of the challenges and dilemmas routinely faced and present a series of questions. Where feasible, proposed resolutions are offered. (shrink)

Vietnam is home to a prospering technology community and numerous enterprises that range from small start-ups to development giants. Virtually all public services are offered online. In fact, the country even has a system for e-residency and “data embassies.” This achievement derives in part from the nation’s transparent and enduring political preferences, but more importantly from Vietnamese law and its regulatory system regarding information, the digital general public, and intellectual property rights (IPR) protection. In this examination of the (...) most pertinent aspects of Vietnam’s digital economy legislation, this study explores the nation’s regulatory structure regarding copyright and patents within the context of digital transformation. The study discusses the relationship between foreign and national regulations in terms of IPR protection and the advancement of digitalization. Research on Vietnamese regulations and the practical application of major patent and copyright regulations has revealed that in many respects, the nation is highly reliant on the effective operation of a broader foreign institutional and legal framework. Thus, in the near future, technological advancement will necessitate the establishment of additional transnational regulatory systems. (shrink)

Clicks, comments, transactions, and physical movements are being increasingly recorded and analyzed by Big Data processors who use this information to trace the sentiment and activities of markets and voters. While the benefits of Big Data have received considerable attention, it is the potential social costs of practices associated with Big Data that are of interest to us in this paper. Prior research has investigated the impact of Big Data on individual privacy rights, however, there is (...) also growing recognition of its capacity to be mobilized for surveillance purposes. Our paper delineates the underlying issues of privacy and surveillance and presents them as in tension with one another. We postulate that efforts at controlling Big Data may create a trade-off of risks rather than an overall improvement in data protection. We explore this idea in relation to the principles of the European Union’s General Data Protection Regulation as it arguably embodies the new ‘gold standard’ of cyber-laws. We posit that safeguards advocated by the law, anonymization and pseudonymization, while representing effective counter measures to privacy concerns, also incentivize the use, collection, and trade of behavioral and other forms of de-identified data. We consider the legal status of these ownerless forms of data, arguing that data protection techniques such as anonymization and pseudonymization raise significant concerns over the ownership of behavioral data and its potential use in the large-scale modification of activities and choices made both on and offline. (shrink)

This article explores the trend of increasing automation in law enforcement and criminal justice settings through three use cases: predictive policing, machine evidence and recidivism algorithms. The focus lies on artificial-intelligence-driven tools and technologies employed, whether at pre-investigation stages or within criminal proceedings, in order to decode human behaviour and facilitate decision-making as to whom to investigate, arrest, prosecute, and eventually punish. In this context, this article first underlines the existence of a persistent dilemma between the goal of increasing the (...) operational efficiency of police and judicial authorities and that of safeguarding fundamental rights of the affected individuals. Subsequently, it shifts the focus onto key principles of criminal procedure and the presumption of innocence in particular. Using Article 6 ECHR and the Directive (EU) 2016/343 as a starting point, it discusses challenges relating to the protective scope of presumption of innocence, the burden of proof rule and the _in dubio pro reo_ principle as core elements of it. Given the transformations law enforcement and criminal proceedings go through in the era of algorithms, big data and artificial intelligence, this article advocates the adoption of specific procedural safeguards that will uphold rule of law requirements, and particularly transparency, fairness and explainability. In doing so, it also takes into account EU legislative initiatives, including the reform of the EU data protection _acquis_, the E-evidence Proposal, and the Proposal for an EU AI Act. Additionally, it argues in favour of revisiting the protective scope of key fundamental rights, considering, _inter alia_, the new dimensions suspicion has acquired. (shrink)

The concept of privacy as a basic human right which has to be protected by law is a recently adopted concept in Thailand, as the protection of human rights was only legally recognized by the National Human Rights Act in 1999. Moreover, along with other drafted legislation on computer crime, the law on privacy protection has not yet been enacted. The political reform and the influences of globalization have speeded up the process of westernization of the urban, educated (...) middle-class professionals. However, the strength of traditional Thai culture means that a mass awareness of the concept of privacy rights remains scarce. This paper explicates the Thai cultural perspective on privacy and discusses the influence of Buddhism on privacy rights, including the impacts of globalization and the influence of Western values on the country’s political and legal developments. The paper also discusses the legal provisions regarding privacy protection, and the debates on the smart ID cards policy and SIM cards registration for national security. (shrink)

The Data Protection Act 1998 presents a number of significant challenges to data controllers in the health sector. To assist data controllers in understanding their obligations under the act, the Information Commissioner has published guidance, The Use and Disclosure of Health Data, which is reproduced here. The guidance deals, among other things, with the steps that must be taken to obtain patient data fairly, the implied requirements of the act to use anonymised or psuedonymised (...) data where possible, an exemption applicable principally to records based research, the right of patients to object to the processing of their data, and the interface of the act and the common law duty of confidence. (shrink)

Risk management is a well-known method to face technological challenges through a win–win combination of protective and proactive approaches, fostering the collaboration of operators, researchers, regulators, and industries for the exploitation of new markets. In the field of autonomous and unmanned aerial systems, or UAS, a considerable amount of work has been devoted to risk analysis, the generation of ground risk maps, and ground risk assessment by estimating the fatality rate. The paper aims to expand this approach with a tool (...) for managing data protection risks raised by drones through the design of flight maps. The tool should allow UAS operators choosing the best air corridor for their drones based on the so-called privacy by design principle pursuant to Article 25 of the EU data protection regulation, the GDPR. Among the manifold applications of this approach, the design of fly zones for drones can be tailored for public authorities in the phase of authorization of new operations, much as for national Data Protection authorities that have to control the lawfulness of personal data processing by UAS operations. The overall aim is to present the first win–win approach to data protection issues, aerospace engineering challenges, and risk management methods for the threats posed by this technology. (shrink)

Risk management is a well-known method to face technological challenges through a win–win combination of protective and proactive approaches, fostering the collaboration of operators, researchers, regulators, and industries for the exploitation of new markets. In the field of autonomous and unmanned aerial systems, or UAS, a considerable amount of work has been devoted to risk analysis, the generation of ground risk maps, and ground risk assessment by estimating the fatality rate. The paper aims to expand this approach with a tool (...) for managing data protection risks raised by drones through the design of flight maps. The tool should allow UAS operators choosing the best air corridor for their drones based on the so-called privacy by design principle pursuant to Article 25 of the EU data protection regulation, the GDPR. Among the manifold applications of this approach, the design of fly zones for drones can be tailored for public authorities in the phase of authorization of new operations, much as for national Data Protection authorities that have to control the lawfulness of personal data processing by UAS operations. The overall aim is to present the first win–win approach to data protection issues, aerospace engineering challenges, and risk management methods for the threats posed by this technology. (shrink)

Risk management is a well-known method to face technological challenges through a win–win combination of protective and proactive approaches, fostering the collaboration of operators, researchers, regulators, and industries for the exploitation of new markets. In the field of autonomous and unmanned aerial systems, or UAS, a considerable amount of work has been devoted to risk analysis, the generation of ground risk maps, and ground risk assessment by estimating the fatality rate. The paper aims to expand this approach with a tool (...) for managing data protection risks raised by drones through the design of flight maps. The tool should allow UAS operators choosing the best air corridor for their drones based on the so-called privacy by design principle pursuant to Article 25 of the EU data protection regulation, the GDPR. Among the manifold applications of this approach, the design of fly zones for drones can be tailored for public authorities in the phase of authorization of new operations, much as for national Data Protection authorities that have to control the lawfulness of personal data processing by UAS operations. The overall aim is to present the first win–win approach to data protection issues, aerospace engineering challenges, and risk management methods for the threats posed by this technology. (shrink)

This book is about power and freedoms in our technological world and has two main objectives. The first is to demonstrate that a theoretical exploration of the algorithmic governmentality hypothesis combined with the capability approach is useful for a better understanding of power and freedoms in Ambient Intelligence, a world where information and communication technologies are invisible, interconnected, context aware, personalized, adaptive to humans and act autonomously. The second is to argue that these theories are useful for a better comprehension (...) of privacy and data protection concepts and the evolution of their regulation. Having these objectives in mind, the book outlines a number of theses based on two threads: first, the elimination of the social effects of uncertainty and the risks to freedoms and, second, the vindication of rights. Inspired by and building on the outcomes of different philosophical and legal approaches, this book embodies an effort to better understand the challenges posed by Ambient Intelligence technologies, opening paths for more effective realization of rights and rooting legal norms in the preservation of the potentiality of human capabilities. (shrink)

Open science has recently gained traction as establishment institutions have come on-side and thrown their weight behind the movement and initiatives aimed at creation of information commons. At the same time, the movement's traditional insistence on unrestricted dissemination and reuse of all information of scientific value has been challenged by the movement to strengthen protection of personal data. This article assesses tensions between open science and data protection, with a focus on the GDPR.

This paper develops three arguments for increasing the strength of database protection under U.S. law. First, stronger protections would encourage private investment in database development, and private databases have many potential benefits for science and industry. Second, stronger protections would discourage extensive use of private licenses to protect databases and would allow for greater public control over database laws and policies. Third, stronger database protections in the U.S. would harmonize U.S. and E.U. laws and would thus enhance international trade, (...) commerce, and research. The U.S. should therefore follow the European example and develop two tiers of protection for databases: 1) protection for creative databases under copyright law; 2) protection for non-creative databases through a special type of sui generis protection. In order to balance private control of data and public access to data, sui generis protections should define a “fair use” exemption that permits some unauthorized extraction of data for private, educational, and research purposes, provided that such extraction does not adversely impact the economic value of the database. (shrink)