In lieu of an abstract, here is a brief excerpt of the content:Convention for Protection of Human Rights and Dignity of the Human Being with Regard to the Application of Biology and Biomedicine: Convention on Human Rights and BiomedicineCouncil of EuropePreambleThe Member States of the Council of Europe, the other States and the European Community signatories hereto,Bearing in mind the Universal Declaration of Human Rights proclaimed by the General Assembly of the United Nations on 10 December 1948;Bearing in mind (...) the Convention for the Protection of Human Rights and Fundamental Freedoms of 4 November 1950;Bearing in mind the European Social Charter of 18 October 1961;Bearing in mind the International Covenant on Civil and Political Rights and the International Covenant on Economic, Social and Cultural Rights of 16 December 1966;Bearing in mind the Convention for the Protection of Individuals with Regard to Automatic Processing of Personal Data of 28 January 1981;Bearing also in mind the Convention on the Rights of the Child of 20 November 1989;Considering that the aim of the Council of Europe is the achievement of a greater unity between its members and that one of the methods by which that aim is to be pursued is the maintenance and further realisation of human rights and fundamental freedoms;Conscious of the accelerating developments in biology and medicine;Convinced of the need to respect the human being both as an individual and as a member of the human species and recognising the importance of ensuring the dignity of the human being; [End Page 277]Conscious that the misuse of biology and medicine may lead to acts endangering human dignity;Affirming that progress in biology and medicine should be used for the benefit of present and future generations;Stressing the need for international co-operation so that all humanity may enjoy the benefits of biology and medicine;Recognising the importance of promoting a public debate on the questions posed by the application of biology and medicine and the responses to be given thereto;Wishing to remind all members of society of their rights and responsibilities;Taking account of the work of the Parliamentary Assembly in this field, including Recommendation 1160 (1991) on the preparation of a Convention on bioethics;Resolving to take such measures as are necessary to safeguard human dignity and the fundamental rights and freedoms of the individual with regard to the application of biology and medicine;Have agreed as follows:Chapter IGeneral provisionsArticle 1. (Purpose and object)Parties to this Convention shall protect the dignity and identity of all human beings and guarantee everyone, without discrimination, respect for their integrity and other rights and fundamental freedoms with regard to the application of biology and medicine.Each Party shall take in its internal law the necessary measures to give effect to the provisions of this Convention.Article 2. (Primacy of the human being)The interests and welfare of the human being shall prevail over the sole interest of society or science.Article 3. (Equitable access to health care)Parties, taking into account health needs and available resources, shall take appropriate measures with a view to providing, within their jurisdiction, equitable access to health care of appropriate quality. [End Page 278]Article 4. (Professional standards)Any intervention in the health field, including research, must be carried out in accordance with relevant professional obligations and standards.Chapter IIConsentArticle 5. (General rule)An intervention in the health field may only be carried out after the person concerned has given free and informed consent to it.This person shall beforehand be given appropriate information as to the purpose and nature of the intervention as well as on its consequences and risks.The person concerned may freely withdraw consent at any time.Article 6. (Protection of persons not able to consent)1. Subject to Articles 17 and 20 below, an intervention may only be carried out on a person who does not have the capacity to consent, for his or her direct benefit.2. Where, according to law, a minor does not have the capacity to consent to an intervention, the intervention may only be carried out with the authorisation of his or her representative or an authority or a person or... (shrink)

PurposeThe purpose of this paper is to analyse incidents of personal information leakage in Japan based on Japanese socio‐cultural characteristics of information privacy and to consider how best to develop an effective personal information protection policy that conforms to Japanese situations as well as to the global requirement of personal information protection.Design/methodology/approachAfter describing recent incidents of personal information leakage in Japan, the paper examines the defects of the Act on (...) Protection of Personal Information that permit these incidents to continue. Subsequently, these incidents and the responses of the Japanese people in a manner that reflects the unique Japanese socio‐cultural characteristics of information privacy are analysed. Finally, the paper proposes a revision of APPI that conforms to these Japanese socio‐cultural characteristics as well as to the global requirement for personal information protection.FindingsPersonal information leakage cases and social responses in Japan reflect three Japanese socio‐cultural characteristics: Uchi/Soto awareness, insular collectivism and Hon'ne/Tatemae tradition. An effective law protecting personal information in Japan's cultural environment cannot be made simply by copying the privacy protection laws in western nations. Instead, legal protection of personal information should be drafted that reflects and takes into account these socio‐cultural characteristics.Originality/valueThis paper conducts analysis of incidents of personal information leakage in Japan based on Japanese socio‐cultural characteristics. A revision of APPI is proposed on the basis of the analysis. The paper's analysis and proposal would provide a good clue to develop effective measures to protect personal information and the right to information privacy in the global, multicultural information society. (shrink)

In Québec, the Act Respecting Access to Documents Held by Public Bodies and the Protection of Personal Information provides an exception to transparency to most public institutions where public health research is conducted by allowing them to not disclose their uses of personal data. This exceptionalism is ethically problematic due to important concerns and we argue that all those who conduct research should be transparent and accountable for the work they do in the public interest.

Broad consent is permitted by the South African National Department of Health Ethics Guidelines but appears to be prohibited by section 13(1) of the Protection of Personal Information Act 4 of 2013. Additionally, the Act mandates that all personal data (including biobank sample data) be collected for lawful, explicit, and clearly defined purposes. There is possibility for ambiguity in interpretation because of this discrepancy between the two instruments. Given the association between the transfer of samples and (...) data, the long-term nature of biobanking, which makes it impractical to provide too much or enough information because it is simply not available at the time of sample collection, and the various ways that the Protection of Personal Information Act 4 of 2013 have been interpreted, we aim to demonstrate that South Africa’s current regulatory framework should appropriately permit broad consent use for biobank research where the transfer of samples and their associated data are contemplated. In summary, the proposed amendments include removing regulatory ambiguity regarding broad consent use, ensuring adequate safeguards for research participants by specifying rules for data access and personal information processing, and incorporating consent form information requirements into the national Consent Template. (shrink)

A complex network of ethico‐legal rules makes it difficult for health researchers in South Africa to lawfully recruit adolescents to the kinds of sensitive studies where it may be ethically appropriate to proceed without notifying parents or obtaining parental consent. This article responds to a recent proposal to amend the blanket requirement for mandatory parental consent presently contained in section 71 the South African National Health Act 61 of 2003 [NHA]. The proposed amendment is intended to bring the NHA into (...) alignment with South Africa's 2015 Department of Health Guidelines on Ethics in Health Research by permitting greater flexibility for a health research ethics committee to waive parental consent, and permit adolescents to consent independently. A lacuna in this proposal is highlighted with reference to the requirements of South Africa's Protection of Personal Information Act 4 of 2013 [POPIA]: Even if the NHA is amended as proposed, the goal of aligning South African law with prevailing ethics norms in South Africa would not necessarily be attained, as parental consent may still be required by POPIA. This article investigates whether this goal (of aligning the law with ethics) can be attained in a way that is compliant with POPIA. It is concluded that this is indeed possible in a number of ways, and that the best way to attain this goal is by requesting the South African Information Regulator to issue a guidance note to the effect that all health research projects that are approved by institutional health research ethics committees are to be regarded as being in the public interest, which would qualify such health research projects to be exempted from POPIA's consent requirements. (shrink)

This paper explores some key discrepancies between two sets of normative requirements applicable to the research use of personal data and human biological materials: the data protection regime which follows the application of the European Union General Data Protection Regulation, and the Declaration of Helsinki, CIOMS guidelines and other research ethics regulations. One source of this controversy is that the GDPR requires consent to process personal data to be clear, concise, specific and granular, freely given and (...) revocable and therefore has challenged the concept of ‘broad consent’, which has been widely applied in the context of biobanking. Another source of controversy is the interplay between regulations of research ethics and protection of personal data related to the secondary use of personal data and biological materials. In this case, the GDPR ‘research condition’ provides an alternative to re-consent for the use of previously collected personal data and biological materials. Although the mentioned controversies have been raised in the legal literature, they have not been explicitly addressed from the research ethics perspective. Should consent be regarded as a priority legal basis for personal data processing in health data research? Can broad consent still be a suitable legal ground for biobanking? What should be the role of research ethics provisions that differ from the GDPR standards, and what should be the role and function of research ethics committees in the changing environment of health data research? These are the ongoing controversies to be explored in the paper. (shrink)

As with many other countries, Malaysia is also developing and promoting biomedical research to increase the understanding of human diseases and possible interventions. To facilitate this development, there is a significant growth of biobanks in the country to ensure continuous collection of biological samples for future research, which contain extremely important personal information and health data of the participants involved. Given the vast amount of samples and data accumulated by biobanks, they can be considered as reservoirs of precious (...) biomedical big data. It is therefore imperative for biobanks to have in place regulatory measures to ensure ethical use of the biomedical big data. Malaysia has yet to introduce specific legislation for the field of biobanking. However, it can be argued that its existing Personal Data Protection Act 2010 has laid down legal principles that can be enforced to protect biomedical big data generated by the biobanks. Consent is a mechanism to enable data subjects to exercise their autonomy by determining how their data can be used and ensure compliance with legal principles. However, there are two main concerns surrounding the current practice of consent in biomedical big data in Malaysia. First, it is uncertain that the current practice would be able to respect the underlying notion of autonomy, and second, it is not in accordance with the legal principles of the PDPA. Scholars have deliberated on different strategies of informed consent, and a more interactive approach has recently been introduced: dynamic consent. It is argued that a dynamic consent approach would be able to address these concerns. (shrink)

Concerns have been raised around the alleged commercialisation of South African genetic material by various research institutes nationally and abroad. We consider whether the Protection of Personal Information Act in South Africa will conflict with or complement existing protections in health law and research ethics. The Act is not applicable to de‐identified samples that cannot be re‐identified but we question whether genetic samples can ever be truly de‐identified. The research participants in this matter provided consent for use (...) of their samples for research but did not consent to commercialisation by global research institutions, and neither did the researchers. We suggest that consent models incorporating broad consent as an option should include explicit discussions around benefit sharing and commercialisation. Mistrust between researchers and participants impedes scientific research and can harm relationships built up over the years between South African researchers and local communities. (shrink)

Many people who have reached the age of majority still qualify as financial dependents of their parents, and may be registered as dependents on their parents’ medical schemes. This poses a practical conundrum, because major persons enjoy complete autonomy over their bodies to choose healthcare services as they please, including informational determination. However, their sensitive health information may end up being disclosed in the accounts rendered to their parents, as main members of medical schemes, thereby breaching their informational privacy, (...) medical confidentiality and possibly also damaging personal relationships. On the other hand, medical schemes must ensure that they strictly manage the business of their hospitalisation to ensure that they can adhere to their contractual and legal medical insurance obligations. Both major but financially dependent patients and medical schemes have good legal grounds to defend their respective positions. In this article, we will analyse and clarify the applicable legal and ethical grounds by considering medical confidentiality, the Protection of Personal Information Act, the Consumer Protection Act and the Medical Schemes Act and rules. We shall conclude with recommendations to accommodate the interests of both parties. (shrink)

The draft Code of Conduct for Research is an important initiative towards assisting the scientific community in complying with the provisions of the Protection of Personal Information Act 4 of 2013 (POPIA). However, its approach towards cross-border data sharing should be reconsidered to clarify the ambiguities inherent in the legal requirements for the cross-border sharing of health data in the POPIA. These ambiguities include the concept of ‘transfer of information’, the application of adequacy as a legal (...) mechanism for transfer, the nature of consent for cross-border sharing and the scope of the recipient third party. We suggest that the draft Code of Conduct for Research can be improved by: Explaining or defining the concept of ‘transfer of information’ and when it applies to cross-border sharing in research Clarifying the application of adequacy as a legal mechanism for transfer vis-à-vis the other alternatives Expanding on the interpretation and application of consent as a legal mechanism for cross-border transfers Expanding the category of persons who may be recipients of personal information in a third country. (shrink)

The paper extends previous accounts of informational privacy as a contextual notion. Where previous accounts have focused on interpretations of the privacy context itself as being contextual and open for negotiation and interpretation, this paper extends those analyses and shows that personal information itself is in fact best understood as contextual and situational—and as such open for interpretation. The paper reviews the notion of information as it has been applied in informational privacy and philosophy of information, (...) and suggests that personal information ought to be regarded as communicative acts. The paper suggests a reconceptualization of informational privacy from having its focus on controlling, limiting, and restricting access to material carriers of information to a focus on a regulation of the use, analysis, and interpretation of personal information. (shrink)

PurposeThe purpose of this paper is to reconsider the concept of the right to information privacy and to propose, from a Japanese perspective, a revised conception of this right that is suitable for the modern information society.Design/methodology/approachFirst, the concept of privacy and personal information protection in the information society is briefly explained. After that, confused situations in Japan caused by the enforcement of Act on the Protection of Personal Information are described (...) followed by the analysis of the Japanese socio‐cultural circumstances surrounding privacy. Based on these, the effectiveness of the concept of the right to information privacy in the Japanese socio‐cultural and economic context is examined and the need to rethink the concept of the right to information privacy discussed. Finally, a revised conception of the right is proposed.FindingsIn view of the circumstances in Japan, the concept of the right to information privacy, defined as “an individual's right to control the circulation of information relating to him/herself”, as well as the Organisation for Economic Co‐operation and Development's eight principles already become outdated in today's sophisticated information‐communication society. There is a need to control/restrict use of personal information so that individuals' autonomy and freedom is ensured in the current situation and to revise the concept of the right to information privacy based on this idea.Originality/valueThis paper proposes a revision of the concept of the right to information privacy focused on control of, not access to, use of personal information. The revised concept is defined so that individuals' autonomy and freedom is ensured even in the “informational transparent” society. (shrink)

The combination of decreased genotyping costs and prolific social media use is fueling a personal genetic testing industry in which consumers purchase and interact with genetic risk information online. Consumers and their genetic risk profiles are protected in some respects by the 2008 federal Genetic Information Nondiscrimination Act (GINA), which forbids the discriminatory use of genetic information by employers and health insurers; however, practical and technical limitations undermine its enforceability, given the everyday practices of online social (...) networking and its impact on the workplace. In the Web 2.0 era, employers in most states can legally search about job candidates and employees online, probing social networking sites for personal information that might bear on hiring and employment decisions. We examine GINA's protections for online sharing of genetic information as well as its limitations, and propose policy recommendations to address current gaps that leave employees? genetic information vulnerable in a Web-based world. (shrink)

Since the 1970s and more rigorously since the 1990s, many countries have regulated data protection and privacy laws in order to ensure the safety and privacy of personal data. First, a comparison is made of different acts regarding genetic information that are in force in the EU, the USA, and China. In Turkey, changes were adopted only recently following intense debates. This study aims to explore the experts’ opinions on the regulations of the health information systems, (...) data security, privacy, and confidentiality in Turkey, with a particular focus on genetic data, which is more sensitive than other health data as it is a permanent identifier that is inherited to next of kin and shared with other family members. Two focus groups with 18 experts and stakeholders were conducted, discussing topics such as central data collection, legalized data sharing, and the management of genetic information in health information systems. The article concludes that the new Turkish personal data protection law is problematic as the frame of collectible data is wide-ranging, and the exceptions are extensive. Specific laws or articles dedicated to genetic data that also overlook the dimension of discrimination based on genetic differences in Turkey should be taken into consideration. In broader terms, it is intended to put up for discussion that in addition to ethical aspects, economic aspects and legal aspects of health should be included in the discussion to be carried out within the framework of socio-political analyses with culture-specific approaches and cross-culture boundaries simultaneously. (shrink)

This book presents the latest research on the challenges and solutions affecting the equilibrium between freedom of speech, freedom of information, information security, and the right to informational privacy. Given the complexity of the topics addressed, the book shows how old legal and ethical frameworks may need to be not only updated, but also supplemented and complemented by new conceptual solutions. Neither a conservative attitude (“more of the same”) nor a revolutionary zeal (“never seen before”) is likely to (...) lead to satisfactory solutions. Instead, more reflection and better conceptual design are needed, not least to harmonise different perspectives and legal frameworks internationally. The focus of the book is on how we may reconcile high levels of information security with robust degrees of informational privacy, also in connection with recent challenges presented by phenomena such as “big data” and security scandals, as well as new legislation initiatives, such as those concerning “the right to be forgotten” and the use of personal data in biomedical research. The book seeks to offer analyses and solutions of the new tensions, in order to build a fair, shareable, and sustainable balance in this vital area of human interactions. (shrink)

In this research we apply the Theory of Planned Behavior (TPB) to study decisions related to information privacy protection. A TPB-based model was proposed to investigate whether organization-based self-esteem and perceived deindividuation can be employed to measure the strength of the perceived behavioral control construct. In addition, we examined if the addition of a causal path linking subjective norms to attitudes and another causal path linking organization-based self-esteem to subjective norms enhanced our research model's predicting power. Our study (...) shows that information systems (IS) professionals' intentions to protect personal information privacy are influenced by their attitudes, subjective norms, perceived deindividuation, and organization-based self-esteem. It further shows that attitudes are influenced by subjective norms, which, in turn, are influenced by organization-based self-esteem. (shrink)

A multitude of legislation impacts the use of samples and data for research in South Africa. With the coming into effect of the Protection of Personal Information Act No. 4 of 2013 in July 2021, recent attention has been given to safeguarding research participants’ personal information. The protection of participants’ privacy in research is essential, but it is not the only risk at stake in the use and sharing of personal information. Other (...) rights and interests that must also be considered and safeguarded include the right to non-discrimination, the right to dignity, and the right to enjoy the benefits of scientific progress. This can be achieved by ensuring that the ethical values and universal principles that underpin the research landscape, namely equity, reciprocity, justice and solidarity, are embedded in the regulatory framework for the management and use of personal information. This paper advocates an integrated bioethics approach to the use of personal information for research in SA. A key feature in embedding such an approach is a Data Transfer Agreement that appropriately integrates the safeguards and protections set out by our regulatory framework with bioethical rules and procedures when personal information is used and shared for research purposes. This paper thus calls for the development of a national DTA that is guided by key ethical principles when data are shared for research purposes. This paper will be followed by a webinar on 23 June 2022 hosted by the Department of Science and Innovation and the SA Medical Research Council, where the recommendations and suggestions set out herein will be unpacked, discussed and debated by relevant stakeholders. (shrink)

Once upon a time, they managed to bring Neverland into the bedrooms; they were seen as the heroes of a new era. However, as heroes always tend to walk a fine line between good and evil, it does not come as a surprise that a decade later the perception has dramatically changed; the fairy tale turned into a nightmare. Are Internet Service Providers (ISPs) no more than data-guzzling monsters that need to be tamed? In November, the European Commission published a (...) “Comprehensive approach on personal data protection in the European Union” which seems to nod approval. The approach seeks to strengthen the individual’s rights regarding the use of data by ISPs. The Commission notes that children deserve specific protection in this context due to the fact that their awareness of risks and consequences is usually underdeveloped. Both a general principle of transparent processing and specific obligations for data controllers regarding the type of information to be provided and the modalities for providing it had to be taken into account. Not only legal but also self-regulatory initiatives should contribute to a better enforcement of data protection rules. This approach is both applauded and heavily criticized by the European Data Protection Supervisor. In particular, he argues that children’s particular interests have not been sufficiently addressed presenting a long list of suggestions for improvement including specific provisions against behavioral advertising, the exclusion of some data categories, an age threshold or special requirements on the issue of informed consent and a reinforcement of data controllers’ accountability. Is there really a need for a new magic formula? This paper reviews the current options for addressing the challenges of the use of personal data of minors by ISPs. (shrink)

A predicate of personal taste occurring in a sentence in which the perspectival information is not linguistically articulated by an experiencer phrase may have two different readings. In case the speaker of a bare sentence formed with a predicate of personal taste uses the subjective predicate encoding perspectival information in one way and the hearer interprets it in another way, the agents’ acts are not coordinated. In this paper I offer an answer to the question of (...) how a hearer can strategically interact with a speaker on the intended perspectival information so that both agents can optimally solve their coordination problem. In this sense, I offer a game-theoretical account of the strategic communication with expressions referring to agents’ perspectives, communication which involves the interaction between a speaker who intends to convey some perspectival information and who chooses to utter a bare sentence formed with a predicate of personal taste, instead of a sentence in which the perspectival information is linguistically articulated by an experiencer phrase, and a hearer who has to choose between interpreting the uttered sentence in conformity with the speaker’s autocentric use of the predicate of personal taste or in conformity with the speaker’s exocentric use. (shrink)

Captured in narrative textual form through open-ended and tape-recorded interview conversations, visitor experience was interpreted to construct a description of visitors' relationships to place while at the same time providing insights for those who manage the national park. Humans are conceived of as meaning-makers, and outdoor recreation is viewed as emergent experience that can enrich peoples' lives rather than a predictable outcome of processing information encountered in the setting. This process-oriented approach positions subjective well-being and positive experience in the (...) ongoing processes and activities that comprise our life pursuits rather than in particular end states toward which behaviors might be directed as in the case of end state frameworks. Several themes emerged in the interpretation across narratives including a relationship of stewardship/sense of respectful mitigation, socially constructed dimensions of the wilderness concept, which both converged with and deviated from definitions in The Wilderness Act of 1964, humans positioned as both part of wilderness and separate from it, description of a process whereby people form a relationship to protected places, and an awareness among visitors of the overarching management dilemma of how to balance human visitation with protection. Management insights and general implications that emerged from the overall interpretation such as using narrative illustration to enhance visitor education were summarized. It is suggested that the particularities of the setting, in conjunction with the process-oriented creation of meaning via varying levels of physical and social interaction with the setting each play important roles, perhaps at different times, for visitors' relationships to places within the Park. The process of forming long-term relationships to places is highlighted as the common thread running through the interpretation. The value of the national park is seen to lie in these relationships, which are time and context dependent, not necessarily in the attributes of the park, many of which are generic to other protected areas in North America. The dissertation concluded with an evaluation of this interpretation based on these implications and insights and provided direction for further research to learn about the processes involved with forming relationships to protected places. (shrink)

Much biomedical research cannot be performed without recruiting human subjects. Increasingly, volunteer registries are being developed to assist researchers with this challenging task. Yet, volunteer registries raise confidentiality issues. Having recently developed a registry of volunteers, the authors searched for normative guidance on how to implement the principle of confidentiality. The authors found that the protection of confidentiality in registries are based on the 10 key elements which are elaborated in detail in the Canadian Standards Association Model Code. This (...) paper describes how these 10 detailed key principles can be used during the developmental stages of volunteer registries. (shrink)

The aim of the paper is that of investigating the concept of “person” in the context of Italian law on informed consent and advance healthcare directives. The following paper will first consider the importance of the concept of “person” within bioethics; secondly it will exhibit how there are different levels of bioethics, and that on the discussion level of laws and regulations, concepts worthy of metaphysical and value references cannot be used, because they must be shared by everyone in a (...) pluralistic society. I’ll then move on to discuss the law on informed consent and advance healthcare directives; first I’ll discuss the references to the Italian Constitution, showing that the implied concept of “person” is closely linked to the concepts of “equality” and “autonomy”, and finally I’ll discuss the particular case of minors and the protection that the law provides them. (shrink)

While open science gains prominence in South Africa with the encouragement of open data sharing for research purposes, there are stricter laws and regulations around privacy – and specifically the use, management and transfer of personal information – to consider. The Protection of Personal Information Act No. 4 of 2013 (POPIA), which came into effect in 2021, established stringent requirements for the processing of personal information and has changed the regulatory landscape for the (...) transfer of personal information across South African borders. At the same time, draft national policies on open science encourage wide accessibility to data and open data sharing in line with international best practice. As a result, the operation of research ethics committees (RECs) in South Africa is affected by the conflicting demands of the shift towards open science on the one hand, and the stricter laws protecting participants’ personal information and the transfer thereof, on the other. This article explores the continuing evolving role of RECs in the era of open data and recommends the development of a data transfer agreement (DTA) for the ethical management of personal health information, considering the challenges that RECs encounter, which centres predominantly on privacy, data sharing and access concerns following advances in genetic and genomic research and biobanking. (shrink)

This Article takes the perspective of law and philosophy, integrating insights from computer science. First, I will argue that in the era of big data analytics we need an understanding of privacy that is capable of protecting what is uncountable, incalculable or incomputable about individual persons. To instigate this new dimension of the right to privacy, I expand previous work on the relational nature of privacy, and the productive indeterminacy of human identity it implies, into an ecological understanding of privacy, (...) taking into account the technological environment that mediates the constitution of human identity. Second, I will investigate how machine learning actually works, detecting a series of design choices that inform the accuracy of the outcome, each entailing trade-offs that determine the relevance, validity and reliability of the algorithm’s accuracy for real life problems. I argue that incomputability does not call for a rejection of machine learning per se but calls for a research design that enables those who will be affected by the algorithms to become involved and to learn how machines learn — resulting in a better understanding of their potential and limitations. A better understanding of the limitations that are inherent in machine learning will deflate some of the eschatological expectations, and provide for better decision-making about whether and if so how to implement machine learning in specific domains or contexts. I will highlight how a reliable research design aligns with purpose limitation as core to its methodological integrity. This Article, then, advocates a practice of “agonistic machine learning” that will contribute to responsible decisions about the integration of data-driven applications into our environments while simultaneously bringing them under the Rule of Law. This should also provide the best means to achieve effective protection against overdetermination of individuals by machine inferences. (shrink)

The purpose of this paper is to show how certain uses of search-engine technology raise concerns for personal privacy. In particular, we examine some privacy implications involving the use of search engines to acquire information about persons. We consider both a hypothetical scenario and an actual case in which one or more search engines are used to find information about an individual. In analyzing these two cases, we note that both illustrate an existing problem that has been (...) exacerbated by the use of search engines and the Internet – viz., the problem of articulating key distinctions involving the public vs. private aspects of personal information. We then draw a distinction between “public personal information” and “nonpublic personal information” to see how this scheme can be applied to a problem of protecting some forms of personal information that are now easily manipulated by computers and search engines – a concern that, following Helen Nissenbaum , we describe as the problem of privacy in public. (shrink)

Conceptualisations of vulnerability of research participants in the international standards of ethics of research involving humans underwent a shift from a group-membership (categorical) to an individual-oriented (analytic) approach to vulnerability. However, the categorical view has not been jettisoned completely, and so its role needs to be examined or explained. It is argued in this chapter that a restricted use of the categorical approach can be justified if protection of vulnerable research participants is seen against the background of the dynamics (...) of study design, review and implementation, and if recognition and protection of participants with vulnerabilities is construed as a process in which researchers and ethics review bodies are involved rather than as a labelling device. From this perspective, the suitability of approach to conceptualisation of vulnerability depends on the kind and scope of the available information on participants. The process of study design, ethics review, and implementation involves different users of the ethics standards at different stages in the lifetime of a project: researchers and members of ethics review bodies. The concepts of individual vulnerability (in the analytic approach) and that of group-membership vulnerability (in the categorical approach) can play their protective roles complementarily in the process of identification of vulnerabilities of participants and protection of participants with vulnerabilities. (shrink)

The recent confirmation of the constitutionality of the Obama administration’s Patient Protection and Affordable Care Act (PPACA) by the US Supreme Court has brought to the fore long-standing debates over individual liberty and religious freedom. Advocates of personal liberty are often critical, particularly in the USA, of public health measures which they deem to be overly restrictive of personal choice. In addition to the alleged restrictions of individual freedom of choice when it comes to the question of (...) whether or not to purchase health insurance, opponents to the PPACA also argue that certain requirements of the Act violate the right to freedom of conscience by mandating support for services deemed immoral by religious groups. These issues continue the long running debate surrounding the demands of religious groups for special consideration in the realm of health care provision. In this paper I examine the requirements of the PPACA, and the impacts that religious, and other ideological, exemptions can have on public health, and argue that the exemptions provided for by the PPACA do not in fact impose unreasonable restrictions on religious freedom, but rather concede too much and in so doing endanger public health and some important individual liberties. (shrink)

The article presents the results of the analysis of international legal regulation of the protection of freedom of speech, the right to freedom of expression within the UN and the Council of Europe. A comparative analysis of the definition of the right to express views and beliefs in various international legal acts was made. The case law of the European Court of Human Rights in cases related to the exercise of the right to express one's views and beliefs on (...) the Internet was considered. The analysis of the legislation of foreign countries regulating the right to express views and beliefs online was carried out. The materials of the article are of practical value for scientists and practitioners dealing with the issues of legal regulation of freedom of speech, the right to express views and beliefs, for forecasting and planning scientific research, improving legislation, for higher education teachers in educational activities, as well as for all interested persons. (shrink)

The never ending growth of digital information and the availability of low-cost storage facilities and networks capacity is leading users towards moving their data to remote storage resources. Since users’ data often holds identity-related information, several privacy issues arise when data can be stored in untrusted domains. In addition digital identity management is becoming extremely complicated due to the identity replicas proliferation necessary to get authentication in different domains. GMail and Amazon Web Services, for instance, are two examples (...) of online services adopted by million of users throughout the world which hold huge amounts of sensitive users data. State-of-the-art encryption tools for large-scale distributed infrastructures allow users to encrypt content locally before storing it on a remote untrusted repository. This approach can experience performance drawbacks, when very large data-sets must be encrypted/decrypted on a single machine. The proposed approach extends the existing solutions by providing two additional features: (1) the encryption can also be delegated to a pool of remote trusted computing resources, and (2) the definition of the encryption context which drives the tool to select the best strategy to process the data. The performance benchmarks are based on the results of tests carried out both on a local workstation and on the Grid INFN Laboratory for Dissemination Activities (GILDA) testbed. (shrink)

This book is about power and freedoms in our technological world and has two main objectives. The first is to demonstrate that a theoretical exploration of the algorithmic governmentality hypothesis combined with the capability approach is useful for a better understanding of power and freedoms in Ambient Intelligence, a world where information and communication technologies are invisible, interconnected, context aware, personalized, adaptive to humans and act autonomously. The second is to argue that these theories are useful for a better (...) comprehension of privacy and data protection concepts and the evolution of their regulation. Having these objectives in mind, the book outlines a number of theses based on two threads: first, the elimination of the social effects of uncertainty and the risks to freedoms and, second, the vindication of rights. Inspired by and building on the outcomes of different philosophical and legal approaches, this book embodies an effort to better understand the challenges posed by Ambient Intelligence technologies, opening paths for more effective realization of rights and rooting legal norms in the preservation of the potentiality of human capabilities. (shrink)

In this paper, I will investigate the possible impact of weak artificial intelligence (more specifically, I will concentrate on deep learning) on human capability of action. For this goal, I will first address Arendt’s philosophy of action, which seeks to emphasize the distinguishing elements of action that set it apart from other forms of human activity. According to Arendt, action should be conceived as _praxis_, an activity that has its goal in its own very performance. The authentic meaning of action (...) includes the “passion” for articulation of one’s own individuality; I can only manifest myself as a distinct personality insofar as I introduce myself as a novel beginning to the web of human interactions demonstrating both my relevance and distinction from others. From this Arendtian standpoint, I will analyse the impact of deep learning in modern AI from two possible angles. First, I will argue that _the direct interaction_ between AI and action is impossible. Since AI operates on the principle of efficiency, it can neither suggest certain goals for action for us nor overtake their implementation because action is not guided by the instrumental need to be efficient but by the existential desire to be someone. Second, I will also analyse the possibility of _the indirect impact_ of AI on action. More specifically, I analyse neural network’s ability to circulate actions among individuals based on mathematical calculation. As I will argue, the efficiency of this circulation that surpasses human cognitive capacities can potentially organize a broader network of interaction among individuals and serve as a catalyst for the ability to act. (shrink)

Introduction Understanding the views of the public is essential if generally acceptable policies are to be devised that balance research access to general practice patient records with protection of patients' privacy. However, few large studies have been conducted about public attitudes to research access to personal health information. Methods A mixed methods study was performed. Informed by focus groups and literature review, a questionnaire was designed which assessed attitudes to research access to personal health information (...) and factors that influence these. A postal survey was conducted of an electoral roll-based sample of the adult population of Ireland. Results Completed questionnaires were returned by 1575 (40.6%). Among the respondents, 67.5% were unwilling to allow GPs to decide when researchers could access identifiable personal health information. However, 89.5% said they would agree to ongoing consent arrangements, allowing the sharing by GPs of anonymous personal health information with researchers without the need for consent on a study-by-study basis. Increasing age (by each 10-year increment), being retired and primary level education only were significantly associated with an increased likelihood of agreeing that any personal health information could be shared on an ongoing basis: OR 1.39 (95% CI 1.18 to 1.63), 2.00 (95% CI 1.22 to 3.29) and 3.91 (95% CI 1.95 to 7.85), respectively. Conclusions Although survey data can be prone to response biases, this study suggests that prior consent agreements allowing the supply by GPs of anonymous personal health information to researchers may be widely supported, and that populations willing to opt in to such arrangements may be sufficiently representative to facilitate valid and robust consent-dependent observational research. (shrink)

The prevalence of technology-embedded products, services, and cities, described colloquially as ‘smart’ technologies and ‘smart’ cities, has seen a spate of unprecedented growth in recent years. South Africa (SA) has not been left behind, with smartphones, smart watches, and smart voice-controlled virtual personal assistants such as Amazon’s Alexa now frequently used. But while these technologies hold great promise to revolutionise homes, offices and cities, their adoption poses challenges to individual and collective interests and wellbeing. After demonstrating the legal and (...) ethical difficulties brought about by the introduction of these technologies, this article explores whether SA legislation is sufficiently robust to address these challenges. While the current legislative landscape addresses certain crucial difficulties – such as the safeguarding of personal data by the Protection of Personal Information Act No. 4 of 2013 (‘POPIA’) – it is suggested that the position regulating other aspects of smart technology adoption is, in large part, fragmented and ill-equipped to deal with some of the more pressing legal and ethical questions. Our contention is that, not dissimilar to the issues arising from artificial intelligence-based technological adoption, the extant legislative and regulatory frameworks do not go far enough in addressing the many concerns emerging from recent novel technological design, development, and deployment. Not only do smart technologies give rise to unique challenges, so does their deployment within the Global South and in South Africa, in particular. We suggest that appropriate and effective regulatory reform measures be undertaken in SA to provide better ethical guidance and policy prescriptions buttressed by rigorous regulatory oversight. (shrink)

ABSTRACT: One important criticism of algorithmic systems is that they lack transparency. Such systems can be opaque because they are complex, protected by patent or trade secret, or deliberately obscure. In the EU, there is a debate about whether the General Data Protection Regulation (GDPR) contains a “right to explanation,” and if so what such a right entails. Our task in this chapter is to address this informational component of algorithmic systems. We argue that information access is integral (...) for respecting autonomy, and transparency policies should be tailored to advance autonomy. -/- To make this argument we distinguish two facets of agency (i.e., capacity to act). The first is practical agency, or the ability to act effectively according to one’s values. The second is what we call cognitive agency, which is the ability to exercise what Pamela Hieronymi calls “evaluative control” (i.e., the ability to control our affective states, such as beliefs, desires, and attitudes). We argue that respecting autonomy requires providing persons sufficient information to exercise evaluative control and properly interpret the world and one’s place in it. We draw this distinction out by considering algorithmic systems used in background checks, and we apply the view to key cases involving risk assessment in criminal justice decisions and K-12 teacher evaluation. -/- The link below is to an open access version of the chapter. (shrink)

The world famous Eltroxin saga of 2009–2011, which ignited heated public debates in Europe, Canada, and Australia, reveals the problematic nature of standalone autonomy protection cases. Eltroxin is a life-sustaining thyroid hormone replacement medicine used by millions worldwide; it was reformulated in 2008, and around 10% of patients were badly affected. Poor communication and lack of professional information triggered public hysteria as a global wave of complaints about harmful side effects, including hair loss, weight gain, extreme fatigue, headaches, (...) diarrhoea, and heightened heart rates, flooded the media. Israeli Eltroxin users (around 250 thousand people) were similarly unaware. Following many media reports and ministerial regulations, a high-profile consumer class action was launched against Perrigo, the distributor. Ten years of court proceedings culminated in a compensation settlement of approximately US$ 14 million. This relatively low sum covered the injuries of those patients who were physically affected; compensation for standalone autonomy injuries to all patients (who were denied information about changes to their life-sustaining medicine) was refused. The monetary settlement and court decision were hugely disappointing to the class plaintiffs, and a negative signal was sent to the proponents of consumers' and patients' personal autonomy. However, the class action still marked a positive change in pharmaceutical protocols for relations between health authorities, commercial pharmacy entities, and patients/consumers as seen by the proactive communication around a subsequent Eltroxin reformulation in 2020 in Israel, Europe, and South Africa (Aspen Pharmacare, 2020).1 This paper highlights the vast potential value of consumer class action proceedings, and pharmaceutical consumer (patient) class actions in particular, for public welfare and private autonomy. The paper will explain leading Israeli case law related to consumer autonomy protection in tort law and will argue that this law still holds the unique protection of autonomy as a basic human right and accordingly recognises harm to autonomy as a viable form of damage. Additionally, it illustrates why and how consumer protection class actions are an important tool for protection of human rights in general and of patients' rights in particular. (shrink)

Federal guidelines require that informed consent be obtained from participants when they are enrolled in a research study. When conducting research with children, the guidelines utilize the term permission to describe parents' agreement to enroll their children in a study. The basic components of consent and permission are well described and identical, with the exception of the person for whom the decision to participate is being made. Beyond permission, when enrolling minor participants in research, affirmative agreement to participate in research (...) or assent must be obtained from the child participants themselves. The concept of children's assent to research, however, is poorly defined, resulting in inconsistency in its pursuit and, consequently, in its utility. The interface between cognitive development, emotional, and social development must be examined as it pertains to this special situation of decision making. For this process to meaningfully protect minors, the assent process must be clarified, decisions regarding parental veto power must be more convincingly justified, and researchers must be better educated and held accountable for the valid execution of this process. Strategies for implementing the assent process more effectively are presented. (shrink)

Contemporary privacy theories and European discussions about data protection employ the notion of ‘personal information’ to designate their areas of concern. The notion of personal information is demarcated from non-personal information—or just information—indicating that we are dealing with a specific kind of information. However, within privacy scholarship the notion of personal information appears undertheorized, rendering the concept somewhat unclear. We argue that in an age of datafication, protection of (...) personal information and privacy is crucial, making the understanding of what is meant by ‘personal information’ more important than ever. To contribute to this aim, we analyse the conception of personal information and its nature, including the distinction between personal and non-personal information from a philosophy of language perspective. Through analyses of aboutness and relative aboutness we point to challenges related to the demarcation between personal and non-personal information, which may in practice lead to all information being personal. (shrink)

Pregnant adolescents have a higher risk of poor maternal and fetal outcomes, particularly in the setting of concomitant maternal alcohol and other drug (AOD) use. Despite numerous programmes aimed at reducing overall teen pregnancy rates and the recognition of AOD use as a risk factor for unintended pregnancy in adolescents, interventions targeting this specific group have been sparse. In adult drug-using women, financial incentives for contraception have been provided but are ethically controversial. This article explores whether a trial could ethically (...) employ monetary incentives in adolescents with AOD use to promote the use of long-acting reversible contraception (LARC), with special attention to the relevant distinctions between adults and adolescents. We conclude that a trial of incentives to promote LARC in this patient population is ethically permissible if the incentives are small, are tied to completion of an educational activity to minimise the quick fix temptation and potential for non-attendance to the risks and benefits of LARC and are provided only to the adolescent after an assessment of her reasoning to rule out coercion (eg, by guardians) as motivation. Information about treatment for AOD use and follow-up care in case of problems with the contraceptive or desire for removal should also be provided. Before implementing such a trial, qualitative research with input from providers, potential patients and their parents should be conducted to inform the programme's specific structure. (shrink)

Computer abuse by employees is a critical concern for managers. Misuse of an organization’s information assets leads to costly damage to an organization’s reputation, decreases in sales, and impositions of fines. We use this opportunity to introduce and expand the theoretic framework proffered by Thong and Yap to better understand the factors that lead individuals to commit CA in organizations. The study uses a survey of 449 respondents from the banking, financial, and insurance industries. Our results indicate that individuals (...) who adhere to a formalist ethical perspective are significantly less likely to engage in CA activities than those following a utilitarian ethical framework. In addition, the results provide evidence that employees with individualistic natures are linked to increased CA incidents, whereas collectivist tendencies are associated with decreases in CA behaviors. Our results also show that collectivism acts as a strong moderator that further decreases the relationships between formalism and CA, and utilitarianism and CA. Finally, we offer detailed suggestions on how organizations and researchers can leverage our findings to decrease CA occurrences. (shrink)

There is significant research value in the secondary use of surplus human tissue which has been removed during clinical care and is stored in diagnostic archives. However, this value is limited without access to information about the person from whom the tissue was removed. As the research value of surplus tissue is often not realised until after the patient’s episode of care, it is often the case that no consent has been given for any surplus tissue to be used (...) for research purposes. The Human Tissue Act 2004 does permit research use of surplus tissue without consent, but the researcher must not be in possession of information which could identify the person from whom the tissue was removed. Due to the commonly applied ‘consent or anonymise’ approach, linking tissue and data is challenging and full anonymisation would likely render much research on surplus tissue ineffectual. This article suggests that in recognising the value in surplus tissue linked with information about the person, a ‘share and protect’ approach which considers safeguards other than anonymisation, where obtaining consent for research use would not be feasible, would better balance the public benefit of health research with the protection of individual rights and interests than a requirement for either consent or anonymisation. (shrink)

The Republic of Poland is one of the European Union countries that have not yet implemented Directive (EU) 2019/1937 of the European Parliament and of the Council of 23 October 2019 on the protection of persons reporting breaches of EU law (Journal of Laws EC L 305/17 of November 26, 2019). Even though signalling illegal acts is a more and more common occurrence and the social perception of such behaviours is also changing, the “whistleblowers” are not under any legal (...) protection in Poland. In the Sejm of the 9th Term of office, legislative work is underway to pass the act on the protection of persons reporting violations of the law. This will be a legal act containing comprehensive legal protection of whistleblowers. In hereby publication the author focuses on presenting the role of whistleblowers in preventing law violations by employers in the current legal state. In the next part, the above-mentioned draft act is analyzed in terms of provisions ensuring the protection of persons who disclose irregularities. Numerous tragic incidents which could have been avoided if people that were aware of irregularities could safely reveal the information are evidence of how needed an act on whistleblower protection is. The author cites examples of the sinking of the MF Herald of Free Enterprise ferry and the Deepwater Horizon platform as well as the methane explosion in the Halemba mine in Ruda Śląska. (shrink)

Simonet, Emanuel Nicolas Cortes Victoria's new Powers of Attorney Act 2014 came into operation on 1 September 2015. Following recommendations by the Victorian Parliament Law Reform Committee, changes have been introduced in the new Act to simplify the process of making an enduring power of attorney. Reforms include the addition of a section on capacity, the introduction of a supportive attorney role distinct from the enduring power of attorney role, and the enhancement of safeguards. This article analyses how the new (...) Powers of Attorney Act 2014 empowers persons with impaired decision-making capacity and also strengthens the mechanisms which protect them from abuse. (shrink)

PurposeThe purpose of this paper is to discuss the UK National DNA Database and some of the controversies surrounding it with reference to legal and ethical issues, focusing particularly on privacy and human rights. Governance of this database involves specific exemptions from the Data Protection Act, and this gives a rise to concerns regarding both the extent of surveillance on the UK population and the possibility for harm to all citizens. This is of wider importance since every current citizen, (...) and everybody who visits the UK, could become a record in the DNA database. Principally, the paper seeks to explore whether these exemptions would also imply exemptions for software developers from codes of practice and ethics of their professional societies as relate to constructing or maintaining such data and the database.Design/methodology/approachThe paper makes a comparison between the principles of the DPA, as would need to be followed by all other organizations handling personal data, professional responsibilities‐based codes of ethics of professional societies, and the current reality as reported in relation to the NDNAD and the exemptions offered through the DPA.FindingsPrimarily, if NDNAD was not exempted from certain provisions in the DPA, the potential for the kinds of data leakages and other mishandlings could largely be avoided without the need for further considerations over so‐called “data minimization”. It can be seen how the lack of afforded protection allows for a wide range of issues as relate at least to privacy.Originality/valueThe paper provides the first evaluation of the combination of law, codes of ethics, and activities in the real world as related to NDNAD, with concomitant considerations for privacy, liberty, and human rights. Originality is demonstrated through consideration of the implications of certain exemptions in the DPA in relation to crime and taxation and national security and in relating the expected protections for personal data to widely reported evidence that such protections may be variously lacking. In addition, the paper provides a broad overview of controversies over certain newer kinds of DNA analysis, and other relatively recent findings, that seem generally absent from the vast majority of debates over this kind of analysis. (shrink)

This is the first study of business ethics to take into consideration the plethora of issues raised by the Information Age. The first study of business ethics to take into consideration the plethora of issues raised by the Information Age. Explores a wide range of topics including marketing, privacy, and the protection of personal information; employees and communication privacy; intellectual property issues; the ethical issues of e-business; Internet-related business ethics problems; and the ethical dimension of (...) information technology on society. Uncovers previous ignored ethical issues. Underlines the need for public discussion of the issues. Argues that computers and information technology have not necessarily developed in the most ethical manner possible. (shrink)

The paper has three parts. First, a survey and analysis is given ofthe structure of individual rights in the recent EU Directive ondata protection. It is argued that at the core of this structure isan unexplicated notion of what the data subject can `reasonablyexpect' concerning the further processing of information about himor herself. In the second part of the paper it is argued thattheories of privacy popular among philosophers are not able to shed much light on the issues (...) treated in the Directive, whichare, arguably, among the central problems pertaining to theprotection of individual rights in the information society. Inthe third part of the paper, some suggestions are made for a richerphilosophical theory of data protection and privacy. It is arguedthat this account is better suited to the task of characterizingthe central issues raised by the Directive. (shrink)

In medical research, the ethical principle of respect for persons is operationalized into the process of informed consent. The consent tools should be contextualized and adapted to the different socio-cultural environment, especially when research crosses the traditional boundaries and reaches poor communities. We look at the challenges experienced in the malaria Quinact trial, conducted in the Democratic Republic of Congo, and describe some lessons learned, related to the definition of acceptable representative, the role of independent witness and the impact of (...) socio-economic vulnerability. To ensure children's protection, consent is required by the parents or, in their absence, by a legally mandated representative. In our setting, children's responsibility is often entrusted permanently or temporarily to relatives or friends without a tribunal mandate. Hence, a notion of ‘culturally acceptable representative’ under supervision of the local Ethics Committee may be more suitable. To ensure protection of illiterate subjects, an independent witness is required to confirm that the consent was freely given. However, in low-literacy contexts, potential witnesses often don't have any previous relationship with patient and there may be power-unbalance in their relationship, rather than genuine dialogue. In poor communities, trial participation may be seen as an opportunity to secure access to healthcare. Poverty may also lead to ‘competition’ to access the research-related benefits, with a risk of disturbance at societal or household level. Adjusting consent procedures to sociocultural and socioeconomic realities is essential for fulfilling the underlying ethical principles. This requires a collaborative dialogue between researchers, regulators and ethics committees. (shrink)

Following Alder Hey and the earlier and much more extreme practices at Nuremberg, legislation has been developed governing the practice of medical ethics and research involving human participants more generally. In the medical context, relevant legislation includes GMC guidance, which states that disclosure of identifiable patient information without consent, for research purposes, is not acceptable unless it is justified in the public interest. There is a presumption, in other words, in favour of the view that patient consent ought to (...) be obtained before any piece of research is conducted. The Data Protection Act, furthermore, requires informed consent to be given before any use of identifiable personal data is made for any purpose. Moreover, ensuring that the informed consent of participants is gained is common practice on most research ethics committees. I argue, in this paper, that applying the principle of ‘informed consent’ too mechanistically in the research ethics context risks undermining the very principle it is designed to support – the principle of autonomy. This issue has been much discussed in medical ethics but not so much, so far, in the research ethics context. It will be argued that a more discerning and a less rigid and mechanistic approach, applied by research ethics committees, may help ensure that ethical issues are properly considered. (shrink)