Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Christopher Millard Legally Compliant Use Of Personal Data In E Social Science
1. Legally Compliant Use of
Personal Data in e-Social Science
NCeSS 5th International Conference, Cologne
Workshop on Law and Ethics in e-Social Science, 24 June 2009
Professor Christopher Millard
Senior Research Fellow, Oxford Internet Institute
christopher.millard@oii.ox.ac.uk
2. Why are we looking at ‘personal data’?
Much work remains to be done on the ethical and legal implications of the
use of the Internet and related technologies in e-Social Science
Specifically, there are unresolved concerns about the status of various
rapidly evolving techniques and processes for collecting, analysing,
manipulating, storing, sharing, anonymising (or not), disclosing
(voluntarily or not), outsourcing and otherwise handling personal data
and sensitive personal data
Personal data has become a hot topic with (often sensational) headlines
about the ‘surveillance state’, DNA retention policy, large scale data
losses, the impact of social networking, etc
There appears to be significant disquiet, and some confusion, regarding
the risks associated with large databases and identity issues in the public
sector - this makes it all the more important that appropriate safeguards
can be articulated and demonstrated in relation to e-science research
3. Back to basics: what rules govern ‘personal data’?
The main source in the EU is the Data Protection Directive 1995
Does this mean that the rules are now basically harmonised, i.e.
standardised, across Europe, and clear?
Sadly … NO! … for two reasons
1. The Directive is addressed to the EU Member States for
them to implement in their national laws. All 27 have now
done so but they have done so inconsistently, even at the
definitional level.
2. Local regulators and courts have, in various cases, applied
divergent interpretations to the Member State laws.
4. What is ‘personal data’ supposed to cover?
“‘Personal data’ shall mean any information relating to an identified or
identifiable natural person (‘data subject’); an identifiable person is one
who can be identified, directly or indirectly, in particular by reference to
an identification number or to one or more factors specific to his
physical, physiological, mental, economic, cultural or social identity”.
Data Protection Directive, Article 2 (a)
Complex rules apply to the processing of so-called “special categories of
data” [also known as “sensitive personal data”] defined as: “personal
data revealing racial or ethnic origin, political opinions, religious or
philosophical beliefs, trade-union membership, and the processing of
data concerning health or sex life” as well as “the processing of data
relating to offences, criminal convictions or security measures” and
“processing of data relating to administrative sanctions or judgements in
civil cases” Data Protection Directive, Article 8 (1), (5).
5. ‘Personal data’: the concept in practice
according to the EU privacy regulators
Article 29 Data Protection Working Party: Opinion on the concept of personal data
Step 1: Is it information?
Objectively or subjectively, eg. creditworthiness / competence
Broad range of formats, including audio, video, biometrics, etc
Step 2: Does it relate to a person?
Content (eg. medical records) or
Purpose (eg. evaluating / influencing a person) or
Result (eg. decision that may affect someone’s bonus)
6. ‘Personal data’: the concept in practice
according to the EU privacy regulators (cont.)
Article 29 Data Protection Working Party: Opinion on the concept of personal data
Step 3: Is that person identified or identifiable?
Directly (eg. name) or indirectly (eg. phone no. or combination
of distinguishing criteria)
Cookies
Potentially identifiable individuals (eg. graffiti tags)
Pseudonymised, key-coded and anonymous data (reversibility)
Step 4: Is the person a living natural person?
Unborn children and frozen embryos
Dead people may still be relevant!
Legal persons (see DP laws of Italy, Austria & Luxembourg)
7. National courts may take a different view…
Eg. the UK Court of Appeal’s ruling in Durant vs. Financial
Services Authority [2003]
For information to be ‘personal data’ depends on relevance
or proximity to the data subject. Need to consider whether:
the information is biographical in a significant sense
it has the data subject as its focus, and
it affects the privacy of the putative data subject, whether in his
personal, business or professional capacity.
Highly controversial decision: probably the main driver for
the European Commission’s infraction proceedings vs. UK
UK Information Commissioner has attempted to rationalise
Durant with collective EU approach with limited success
8. Moving forward: towards effective and
compliant use of personal data in e-science
Key compliance issues relating to personal data
Treatment of anonymous and pseudonymous information
Fairness and lawfulness issues (including confidentiality)
Consent issues, especially in relation to sensitive personal data
Scope of specific exemptions for research activities
Collaboration and Cross-Border Projects
Relationships between ‘data controllers’ and ‘data processors’
Specific data security obligations
Compliance obligations arising under international research and
other arrangements involving transfers of data outside the EEA
9. Possible directions for a practical governance
framework for use of personal data in e-Science
Privacy Impact Assessments and / or Data Protection Audits for
e-Science projects
Development of online best practice, which might include layered
privacy notices and use of Privacy Enhancing Technologies
(PETs) such as “privacy-friendly default settings” (see Article 29
Working Party’s June 2009 opinion on social networks)
Guidance on managing risks associated with processing
personal data in the Cloud
Use of privacy and data protection eLearning tools in e-Science
10. Legally Compliant Use of
Personal Data in e-Social Science
NCeSS 5th International Conference, Cologne
Workshop on Law and Ethics in e-Social Science, 24 June 2009
Professor Christopher Millard
Senior Research Fellow, Oxford Internet Institute
christopher.millard@oii.ox.ac.uk