SlideShare a Scribd company logo

Privacy and Data Protection in Research

Download as PPTX, PDF
Marlon Domingus
Marlon Domingus

rights and responsibilities privacy by design strategies privacy principles privacy enhancing technologies (PETs) big data concerns private, shared and public - boundary transitions data protection impact assessment (DPIA) cross border data transfers derogations for research

Presentations & Public Speaking
1 of 26
Privacy & Data Protection in Research Summerschool 9-12 July 2017 Erasmus MC July 12 2017 Marlon Domingus
Itinerary •rights and responsibilities •privacy by design strategies •privacy principles •privacy enhancing technologies (PETs) •big data concerns •private, shared and public - boundary transitions •data protection impact assessment (DPIA) •cross border data transfers •derogations for research 2
The General Data Protection Regulation & (Big Data) Research July 12 2017 Marlon Domingus
Rights and Responsibilities 4 Source: http://www.privacy-regulation.eu/en/index.htm
Balancing the legitimate interests of the researcher and the privacy rights of the individual Source: Brendan Van Alsenoy (Belgian Privacy Commission), Balancing the interests of controllers and the rights of the data subject. Brussels Privacy Hub, VUB Brussel, June 30 2017. 5 “The right to the protection of personal data is not an absolute right; it must be considered in relation to its function in society and be balanced against other fundamental rights, in accordance with the principle of proportionality.” Recital (4) GDPR “processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject […]” Article 6(1)f GDPR
Balancing the legitimate interests of the researcher and the privacy rights of the individual Source: Charter of Fundamental Rights of the European Union (2012/C 326/02). Online: http://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:12012P/TXT&from=EN . 6 Article 8 - Protection of personal data 1. Everyone has the right to the protection of personal data concerning him or her. 2. Such data must be processed fairly for specified purposes and on the basis of the consent of the person concerned or some other legitimate basis laid down by law. Everyone has the right of access to data which has been collected concerning him or her, and the right to have it rectified. 3. Compliance with these rules shall be subject to control by an independent authority.
Balancing the legitimate interests of the researcher and the privacy rights of the individual Source: Prof. Dr. Gloria González Fuster: Recent jurisprudence of the European Court of Human Rights and the Court of Justice of the European Union. Brussels Privacy Hub, VUB Brussel, June 30 2017. 7 independent authority individual’s rights legitimate interests
Balancing. Four Steps. 8 1. Legitimate interests of controller or 3rd party • freedom of expression • direct marketing and other forms of advertisement • enforcement of legal claims • prevention of fraud, misuse of services, or money laundering • physical safety, security, IT and network security • whistle-blowing schemes 2. Impact on data subject Actual and potential repercussions • Nature of the data • How the data are processed • Reasonable expectations data subject • Nature of controller vis-à-vis data subject 3. Make provisional balance “Necessary” • Least intrusive means • Reasonably effective • Balance of interests 4. Safeguards Measures to ensure that the data cannot be used to take decisions or other actions with regard to individuals. • anonymisation techniques, aggregation of data • privacy-enhancing technologies, privacy by design • increased transparency • general and unconditional right to opt-out Source: Article 29 Data Protection Working Party. Opinion 06/2014 on the "Notion of legitimate interests of the data controller under Article 7 of Directive 95/46/EC". Adopted on 9 April 2014. Online: http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/files/2014/wp217_en.pdf
Privacy by Design Strategy (‘traditional’) 9 Source: ENISA report (2015): Privacy By Design In Big Data. Online: https://www.enisa.europa.eu/publications/big-data-protection/at_download/fullReport
Privacy by Design Strategy (Big Data) 10 Source: ENISA report (2015): Privacy By Design In Big Data. Online: https://www.enisa.europa.eu/publications/big-data-protection/at_download/fullReport
Privacy Principles 11 1. Consent and choice 2. Purpose legitimacy and specification 3. Collection limitation 4. Data minimisation 5. Use, retention and disclosure limitation 6. Accuracy and quality 7. Openness, transparency and notice 8. Individual participation and access 9. Accountability 10. Information security 11. Privacy compliance Source: Information technology — Security techniques — Privacy framework. ISO/IEC 29100:2011. Online: http://standards.iso.org/ittf/PubliclyAvailableStandards/c045123_ISO_IEC_29100_2011.zip Source: Information technology — Identification of privacy protection requirements pertaining to learning, education and training (LET) — Part 1: Framework and reference model. ISO/IEC 29187-1:2013 Online: http://standards.iso.org/ittf/PubliclyAvailableStandards/c045266_ISO_IEC_29187- 1_2013.zip
Privacy Enhancing Technologies in Big Data 12 Anonymization in big data (and beyond) Utility and privacy Attack models and disclosure risk Anonymization privacy models Anonymization privacy models and big data Anonymization methods Some current weaknesses of anonymization Centralized vs decentralized anonymization for big data Other specific challenges of anonymization in big data Challenges and future research for anonymization in big data Encryption techniques in big data Database encryption Encrypted search Security and accountability controls Granular access control Privacy policy enforcement Accountability and audit mechanisms Data provenance Transparency and access Consent, ownership and control Consent mechanisms Privacy preferences and sticky policies Personal data stores Source: ENISA report (2015): Privacy By Design In Big Data. Online: https://www.enisa.europa.eu/publications/big-data-protection/at_download/fullReport
WP Art 29: Big Data Concerns: 13 - the sheer scale of data collection, tracking and profiling, also taking into account the variety and detail of the data collected and the fact that data are often combined from many different sources; - the security of data, with levels of protection shown to be lagging behind the expansion in volume; - transparency: unless they are provided with sufficient information, individuals will be subject to decisions that they do not understand and have no control over; - inaccuracy, discrimination, exclusion and economic imbalance; - increased possibilities of government surveillance. Source: Article 29 Data Protection Working Party. Opinion 03/2013 on purpose limitation. Adopted on 2 April 2013. Online: http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/files/2013/wp203_en.pdf
Data Protection Impact Assessment Source: Dr. Paul Quinn and István Böröcz, How to do a PIA – practical session. Brussels Privacy Hub, VUB Brussel, June 27 2017. 14 Addresses: • societal concerns • technical concerns • ethical concerns • legal concerns
Our Research Assessment 1. Is the research project conducted in an international partnership? 2. Is this partnership a public-private collaboration? 3. Is personal data or confidential data used in the research? 4. Will the research project result in information and/or products that will become open access available, or commercially or both? 5. Is an infrastructure required for the processing / analysis / storage of the research data beyond which is available at the EUR workplace? 6. Will the data processing be a manual activity, or is it automated and executed by scripts? IPR, Applicable Law IPR, Valorisation Data Protection, Privacy IPR, Valorisation Research Infra, HPC IPR, Database Law 15
Data Driven Research
Private, Shared and Public - Boundary Transitions 17 Source: Personal website Andrew Treloar. Online: http://andrew.treloar.net/research/diagrams/index.shtml
Cross Border Data Transfers Source: Prof. Christopher Kuner, International Transfers of Personal Data Post-GDPR. Brussels Privacy Hub, VUB Brussel, June 29 2017. 18 Three methods to transfer data internationally: • Adequacy decisions adopted by EC (Art. 45 GDPR). • In the absence of an adequacy decision, appropriate safeguards (data transfer instruments, Art. 46 GDPR), meaning: BCRs; SCCs; approved codes of conduct and certification mechanisms with binding commitments; “ad hoc” contractual clauses authorized by DPAs. • In the absence of an adequacy decision or appropriate safeguards, derogations (Art. 49 GDPR), e.g. consent; performance of a contract; public interest under EU or Member State law; legitimate interests of a controller (with limitations).
Cross Border Data Transfers Source: Prof. Christopher Kuner, International Transfers of Personal Data Post-GDPR. Brussels Privacy Hub, VUB Brussel, June 29 2017. 19
Exemptions or Derogations for Research Source: General Data Protection Regulation. Online: http://ec.europa.eu/justice/data-protection/reform/files/regulation_oj_en.pdf 20
Questions? drs. Marlon Domingus Research Services coordinator Community Research Data Management T +31 10 4088006 E researchsupport@eur.nl W https://www.eur.nl/researchmatters/research_data_management/ (services and templates) Stay in touch via: https://www.linkedin.com/in/domingus/ 21
Case July 12 2017 Marlon Domingus
Take Aways July 12 2017 Marlon Domingus
Privacy: infographics Source: EUR Research Matters website. Online: https://www.eur.nl/researchmatters/research_data_management/services/rdm_legal_services/ 24
Privacy: Maturity Model Source:LCRDM.https://www1.edugroepen.nl/sites/RDM_platform/RDM_Blog/Lists/Posts/Post.aspx?ID=12
26 How to use the compass In the core, the four Denscombe principles, serve as a starting point. In the next layer, the aspects related to these principles are listed. In the outer layer, the actions for faculty and/or research support staff are listed. The arrow aligns the principles with the corresponding aspects and actions Thus four quadrants appear, with a focus on the distinct aspects of research integrity. Traditionally ethics committees look at the aspects of the lower left quadrant. How to address the aspects in the rest of the compass? Suggestion: work together with the Data Protection Officer and the Legal Department for a new governing approach to assessing proper academic practices.

Recommended

250220 blockchain gdpr_blockchain_hillemann_presentation
250220 blockchain gdpr_blockchain_hillemann_presentation250220 blockchain gdpr_blockchain_hillemann_presentation
250220 blockchain gdpr_blockchain_hillemann_presentationDennisHillemann
 
Ubicomp challenges for privacy law
Ubicomp challenges for privacy lawUbicomp challenges for privacy law
Ubicomp challenges for privacy lawblogzilla
 
The Data Retention Directive: recent developments
The Data Retention Directive: recent developmentsThe Data Retention Directive: recent developments
The Data Retention Directive: recent developmentsblogzilla
 
Paperless Lab Academy 'legal aspects of big data analytics'
Paperless Lab Academy 'legal aspects of big data analytics' Paperless Lab Academy 'legal aspects of big data analytics'
Paperless Lab Academy 'legal aspects of big data analytics' Axon Lawyers
 
Key principles for data protection & lawful protection in GDPR
Key principles for data protection & lawful protection in GDPRKey principles for data protection & lawful protection in GDPR
Key principles for data protection & lawful protection in GDPRDr. Marinos Papadopoulos
 
TDM of National Libraries in the EU.pptx
TDM of National Libraries in the EU.pptxTDM of National Libraries in the EU.pptx
TDM of National Libraries in the EU.pptxDr. Marinos Papadopoulos
 
EU data protection issues in IoT
EU data protection issues in IoTEU data protection issues in IoT
EU data protection issues in IoTFrancesca Giannoni-Crystal
 
Right to be forgotten final paper
Right to be forgotten final paperRight to be forgotten final paper
Right to be forgotten final paperreporter1120
 

Recommended

250220 blockchain gdpr_blockchain_hillemann_presentation
250220 blockchain gdpr_blockchain_hillemann_presentation250220 blockchain gdpr_blockchain_hillemann_presentation
250220 blockchain gdpr_blockchain_hillemann_presentationDennisHillemann
 
Ubicomp challenges for privacy law
Ubicomp challenges for privacy lawUbicomp challenges for privacy law
Ubicomp challenges for privacy lawblogzilla
 
The Data Retention Directive: recent developments
The Data Retention Directive: recent developmentsThe Data Retention Directive: recent developments
The Data Retention Directive: recent developmentsblogzilla
 
Paperless Lab Academy 'legal aspects of big data analytics'
Paperless Lab Academy 'legal aspects of big data analytics' Paperless Lab Academy 'legal aspects of big data analytics'
Paperless Lab Academy 'legal aspects of big data analytics' Axon Lawyers
 
Key principles for data protection & lawful protection in GDPR
Key principles for data protection & lawful protection in GDPRKey principles for data protection & lawful protection in GDPR
Key principles for data protection & lawful protection in GDPRDr. Marinos Papadopoulos
 
TDM of National Libraries in the EU.pptx
TDM of National Libraries in the EU.pptxTDM of National Libraries in the EU.pptx
TDM of National Libraries in the EU.pptxDr. Marinos Papadopoulos
 
EU data protection issues in IoT
EU data protection issues in IoTEU data protection issues in IoT
EU data protection issues in IoTFrancesca Giannoni-Crystal
 
Right to be forgotten final paper
Right to be forgotten final paperRight to be forgotten final paper
Right to be forgotten final paperreporter1120
 
Data Protection / EU Counter-Terrorism policy
Data Protection / EU Counter-Terrorism policyData Protection / EU Counter-Terrorism policy
Data Protection / EU Counter-Terrorism policyEuropean Economic and Social Committee - SOC Section
 
The Right To Be Forgotten in the Google Spain Case (case C-131/12): A Clear V...
The Right To Be Forgotten in the Google Spain Case (case C-131/12): A Clear V...The Right To Be Forgotten in the Google Spain Case (case C-131/12): A Clear V...
The Right To Be Forgotten in the Google Spain Case (case C-131/12): A Clear V...ioannis iglezakis
 
20150630_D6 1_Legal and EthicalFrameworkand Privacy and Security Principles
20150630_D6 1_Legal and EthicalFrameworkand Privacy and Security Principles20150630_D6 1_Legal and EthicalFrameworkand Privacy and Security Principles
20150630_D6 1_Legal and EthicalFrameworkand Privacy and Security PrinciplesLisa Catanzaro
 
The implementation of gdpr in greece (1)
The implementation of gdpr in greece (1)The implementation of gdpr in greece (1)
The implementation of gdpr in greece (1)FOTIOS ZYGOULIS
 
Investigating cybercrime at the United Nations
Investigating cybercrime at the United NationsInvestigating cybercrime at the United Nations
Investigating cybercrime at the United Nationsblogzilla
 
euregs
euregseuregs
euregsbwgoodman
 
"Legal tips and compliance requirements" - Anastasia Botsi, ICT Legal
"Legal tips and compliance requirements" - Anastasia Botsi, ICT Legal"Legal tips and compliance requirements" - Anastasia Botsi, ICT Legal
"Legal tips and compliance requirements" - Anastasia Botsi, ICT LegalCyber Watching
 
An itinerary for FAIR and privacy respecting data-driven innovation and research
An itinerary for FAIR and privacy respecting data-driven innovation and researchAn itinerary for FAIR and privacy respecting data-driven innovation and research
An itinerary for FAIR and privacy respecting data-driven innovation and researchMarlon Domingus
 
PLA Legal aspects of Big Data analytics final
PLA Legal aspects of Big Data analytics finalPLA Legal aspects of Big Data analytics final
PLA Legal aspects of Big Data analytics finalSofie van der Meulen
 
Digital Rights Management
Digital Rights ManagementDigital Rights Management
Digital Rights ManagementSabrina Kirrane
 
CINECA webinar slides: Ethical, legal and societal issues in international da...
CINECA webinar slides: Ethical, legal and societal issues in international da...CINECA webinar slides: Ethical, legal and societal issues in international da...
CINECA webinar slides: Ethical, legal and societal issues in international da...CINECAProject
 
IT Governance: Privacy and Intellectual Property
IT Governance: Privacy and Intellectual PropertyIT Governance: Privacy and Intellectual Property
IT Governance: Privacy and Intellectual PropertyCharles Mok
 
Cross Border Privacy : Intellectual Property Issues
Cross Border Privacy : Intellectual Property IssuesCross Border Privacy : Intellectual Property Issues
Cross Border Privacy : Intellectual Property IssuesKarl Larson
 
Data protection and data integrity
Data protection and data integrity Data protection and data integrity
Data protection and data integrityAxon Lawyers
 
Christopher Millard Legally Compliant Use Of Personal Data In E Social Science
Christopher Millard Legally Compliant Use Of Personal Data In E Social ScienceChristopher Millard Legally Compliant Use Of Personal Data In E Social Science
Christopher Millard Legally Compliant Use Of Personal Data In E Social ScienceChristopher Millard
 
Compatible use of personal data (개인정보 이용의 양립가능성)
Compatible use of personal data (개인정보 이용의 양립가능성)Compatible use of personal data (개인정보 이용의 양립가능성)
Compatible use of personal data (개인정보 이용의 양립가능성)David Lee
 
Legal and ethical considerations for sharing research data
Legal and ethical considerations for sharing research dataLegal and ethical considerations for sharing research data
Legal and ethical considerations for sharing research dataOpenAIRE
 
Data science and privacy regulation
Data science and privacy regulationData science and privacy regulation
Data science and privacy regulationblogzilla
 
Adjusting to the GDPR: The Impact on Data Scientists and Behavioral Researchers
Adjusting to the GDPR: The Impact on Data Scientists and Behavioral ResearchersAdjusting to the GDPR: The Impact on Data Scientists and Behavioral Researchers
Adjusting to the GDPR: The Impact on Data Scientists and Behavioral ResearchersTravis Greene
 
Secure access to biomedical data sources for legal data sharing-kuchinke
Secure access to biomedical data sources for legal data sharing-kuchinkeSecure access to biomedical data sources for legal data sharing-kuchinke
Secure access to biomedical data sources for legal data sharing-kuchinkeWolfgang Kuchinke
 
Digital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOsDigital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOsPriyanka Aash
 
Ethics and data protection .docx
Ethics and data protection .docxEthics and data protection .docx
Ethics and data protection .docxelbanglis
 

More Related Content

What's hot

The Right To Be Forgotten in the Google Spain Case (case C-131/12): A Clear V...
The Right To Be Forgotten in the Google Spain Case (case C-131/12): A Clear V...The Right To Be Forgotten in the Google Spain Case (case C-131/12): A Clear V...
The Right To Be Forgotten in the Google Spain Case (case C-131/12): A Clear V...ioannis iglezakis
 
20150630_D6 1_Legal and EthicalFrameworkand Privacy and Security Principles
20150630_D6 1_Legal and EthicalFrameworkand Privacy and Security Principles20150630_D6 1_Legal and EthicalFrameworkand Privacy and Security Principles
20150630_D6 1_Legal and EthicalFrameworkand Privacy and Security PrinciplesLisa Catanzaro
 
The implementation of gdpr in greece (1)
The implementation of gdpr in greece (1)The implementation of gdpr in greece (1)
The implementation of gdpr in greece (1)FOTIOS ZYGOULIS
 
Investigating cybercrime at the United Nations
Investigating cybercrime at the United NationsInvestigating cybercrime at the United Nations
Investigating cybercrime at the United Nationsblogzilla
 
"Legal tips and compliance requirements" - Anastasia Botsi, ICT Legal
"Legal tips and compliance requirements" - Anastasia Botsi, ICT Legal"Legal tips and compliance requirements" - Anastasia Botsi, ICT Legal
"Legal tips and compliance requirements" - Anastasia Botsi, ICT LegalCyber Watching
 

What's hot (7)

Data Protection / EU Counter-Terrorism policy
Data Protection / EU Counter-Terrorism policyData Protection / EU Counter-Terrorism policy
Data Protection / EU Counter-Terrorism policy
 
The Right To Be Forgotten in the Google Spain Case (case C-131/12): A Clear V...
The Right To Be Forgotten in the Google Spain Case (case C-131/12): A Clear V...The Right To Be Forgotten in the Google Spain Case (case C-131/12): A Clear V...
The Right To Be Forgotten in the Google Spain Case (case C-131/12): A Clear V...
 
20150630_D6 1_Legal and EthicalFrameworkand Privacy and Security Principles
20150630_D6 1_Legal and EthicalFrameworkand Privacy and Security Principles20150630_D6 1_Legal and EthicalFrameworkand Privacy and Security Principles
20150630_D6 1_Legal and EthicalFrameworkand Privacy and Security Principles
 
The implementation of gdpr in greece (1)
The implementation of gdpr in greece (1)The implementation of gdpr in greece (1)
The implementation of gdpr in greece (1)
 
Investigating cybercrime at the United Nations
Investigating cybercrime at the United NationsInvestigating cybercrime at the United Nations
Investigating cybercrime at the United Nations
 
euregs
euregseuregs
euregs
 
"Legal tips and compliance requirements" - Anastasia Botsi, ICT Legal
"Legal tips and compliance requirements" - Anastasia Botsi, ICT Legal"Legal tips and compliance requirements" - Anastasia Botsi, ICT Legal
"Legal tips and compliance requirements" - Anastasia Botsi, ICT Legal
 

Similar to Privacy and Data Protection in Research

An itinerary for FAIR and privacy respecting data-driven innovation and research
An itinerary for FAIR and privacy respecting data-driven innovation and researchAn itinerary for FAIR and privacy respecting data-driven innovation and research
An itinerary for FAIR and privacy respecting data-driven innovation and researchMarlon Domingus
 
PLA Legal aspects of Big Data analytics final
PLA Legal aspects of Big Data analytics finalPLA Legal aspects of Big Data analytics final
PLA Legal aspects of Big Data analytics finalSofie van der Meulen
 
Digital Rights Management
Digital Rights ManagementDigital Rights Management
Digital Rights ManagementSabrina Kirrane
 
CINECA webinar slides: Ethical, legal and societal issues in international da...
CINECA webinar slides: Ethical, legal and societal issues in international da...CINECA webinar slides: Ethical, legal and societal issues in international da...
CINECA webinar slides: Ethical, legal and societal issues in international da...CINECAProject
 
IT Governance: Privacy and Intellectual Property
IT Governance: Privacy and Intellectual PropertyIT Governance: Privacy and Intellectual Property
IT Governance: Privacy and Intellectual PropertyCharles Mok
 
Cross Border Privacy : Intellectual Property Issues
Cross Border Privacy : Intellectual Property IssuesCross Border Privacy : Intellectual Property Issues
Cross Border Privacy : Intellectual Property IssuesKarl Larson
 
Data protection and data integrity
Data protection and data integrity Data protection and data integrity
Data protection and data integrityAxon Lawyers
 
Christopher Millard Legally Compliant Use Of Personal Data In E Social Science
Christopher Millard Legally Compliant Use Of Personal Data In E Social ScienceChristopher Millard Legally Compliant Use Of Personal Data In E Social Science
Christopher Millard Legally Compliant Use Of Personal Data In E Social ScienceChristopher Millard
 
Compatible use of personal data (개인정보 이용의 양립가능성)
Compatible use of personal data (개인정보 이용의 양립가능성)Compatible use of personal data (개인정보 이용의 양립가능성)
Compatible use of personal data (개인정보 이용의 양립가능성)David Lee
 
Legal and ethical considerations for sharing research data
Legal and ethical considerations for sharing research dataLegal and ethical considerations for sharing research data
Legal and ethical considerations for sharing research dataOpenAIRE
 
Data science and privacy regulation
Data science and privacy regulationData science and privacy regulation
Data science and privacy regulationblogzilla
 
Adjusting to the GDPR: The Impact on Data Scientists and Behavioral Researchers
Adjusting to the GDPR: The Impact on Data Scientists and Behavioral ResearchersAdjusting to the GDPR: The Impact on Data Scientists and Behavioral Researchers
Adjusting to the GDPR: The Impact on Data Scientists and Behavioral ResearchersTravis Greene
 
Secure access to biomedical data sources for legal data sharing-kuchinke
Secure access to biomedical data sources for legal data sharing-kuchinkeSecure access to biomedical data sources for legal data sharing-kuchinke
Secure access to biomedical data sources for legal data sharing-kuchinkeWolfgang Kuchinke
 
Digital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOsDigital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOsPriyanka Aash
 
Ethics and data protection .docx
Ethics and data protection .docxEthics and data protection .docx
Ethics and data protection .docxelbanglis
 
The Privacy Advantage 2016 - Wojciech Wiewiorowski
The Privacy Advantage 2016 - Wojciech WiewiorowskiThe Privacy Advantage 2016 - Wojciech Wiewiorowski
The Privacy Advantage 2016 - Wojciech WiewiorowskiKrowdthink
 
GDPR - Thoughts on the EU Data Protection Regulation, Research and Libraries
GDPR - Thoughts on the EU Data Protection Regulation, Research and LibrariesGDPR - Thoughts on the EU Data Protection Regulation, Research and Libraries
GDPR - Thoughts on the EU Data Protection Regulation, Research and LibrariesLIBER Europe
 
The Policy Framework: GDPR and all that
The Policy Framework: GDPR and all thatThe Policy Framework: GDPR and all that
The Policy Framework: GDPR and all thatEUDAT
 
Introduction privacy and drones130902.pptx (alleen lezen)
Introduction privacy and drones130902.pptx (alleen lezen)Introduction privacy and drones130902.pptx (alleen lezen)
Introduction privacy and drones130902.pptx (alleen lezen)schermerbw
 
Towards Privacy by Design in Personal e-Health Systems
Towards Privacy by Design in Personal e-Health SystemsTowards Privacy by Design in Personal e-Health Systems
Towards Privacy by Design in Personal e-Health SystemsCARRE project
 

Similar to Privacy and Data Protection in Research (20)

An itinerary for FAIR and privacy respecting data-driven innovation and research
An itinerary for FAIR and privacy respecting data-driven innovation and researchAn itinerary for FAIR and privacy respecting data-driven innovation and research
An itinerary for FAIR and privacy respecting data-driven innovation and research
 
PLA Legal aspects of Big Data analytics final
PLA Legal aspects of Big Data analytics finalPLA Legal aspects of Big Data analytics final
PLA Legal aspects of Big Data analytics final
 
Digital Rights Management
Digital Rights ManagementDigital Rights Management
Digital Rights Management
 
CINECA webinar slides: Ethical, legal and societal issues in international da...
CINECA webinar slides: Ethical, legal and societal issues in international da...CINECA webinar slides: Ethical, legal and societal issues in international da...
CINECA webinar slides: Ethical, legal and societal issues in international da...
 
IT Governance: Privacy and Intellectual Property
IT Governance: Privacy and Intellectual PropertyIT Governance: Privacy and Intellectual Property
IT Governance: Privacy and Intellectual Property
 
Cross Border Privacy : Intellectual Property Issues
Cross Border Privacy : Intellectual Property IssuesCross Border Privacy : Intellectual Property Issues
Cross Border Privacy : Intellectual Property Issues
 
Data protection and data integrity
Data protection and data integrity Data protection and data integrity
Data protection and data integrity
 
Christopher Millard Legally Compliant Use Of Personal Data In E Social Science
Christopher Millard Legally Compliant Use Of Personal Data In E Social ScienceChristopher Millard Legally Compliant Use Of Personal Data In E Social Science
Christopher Millard Legally Compliant Use Of Personal Data In E Social Science
 
Compatible use of personal data (개인정보 이용의 양립가능성)
Compatible use of personal data (개인정보 이용의 양립가능성)Compatible use of personal data (개인정보 이용의 양립가능성)
Compatible use of personal data (개인정보 이용의 양립가능성)
 
Legal and ethical considerations for sharing research data
Legal and ethical considerations for sharing research dataLegal and ethical considerations for sharing research data
Legal and ethical considerations for sharing research data
 
Data science and privacy regulation
Data science and privacy regulationData science and privacy regulation
Data science and privacy regulation
 
Adjusting to the GDPR: The Impact on Data Scientists and Behavioral Researchers
Adjusting to the GDPR: The Impact on Data Scientists and Behavioral ResearchersAdjusting to the GDPR: The Impact on Data Scientists and Behavioral Researchers
Adjusting to the GDPR: The Impact on Data Scientists and Behavioral Researchers
 
Secure access to biomedical data sources for legal data sharing-kuchinke
Secure access to biomedical data sources for legal data sharing-kuchinkeSecure access to biomedical data sources for legal data sharing-kuchinke
Secure access to biomedical data sources for legal data sharing-kuchinke
 
Digital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOsDigital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOs
 
Ethics and data protection .docx
Ethics and data protection .docxEthics and data protection .docx
Ethics and data protection .docx
 
The Privacy Advantage 2016 - Wojciech Wiewiorowski
The Privacy Advantage 2016 - Wojciech WiewiorowskiThe Privacy Advantage 2016 - Wojciech Wiewiorowski
The Privacy Advantage 2016 - Wojciech Wiewiorowski
 
GDPR - Thoughts on the EU Data Protection Regulation, Research and Libraries
GDPR - Thoughts on the EU Data Protection Regulation, Research and LibrariesGDPR - Thoughts on the EU Data Protection Regulation, Research and Libraries
GDPR - Thoughts on the EU Data Protection Regulation, Research and Libraries
 
The Policy Framework: GDPR and all that
The Policy Framework: GDPR and all thatThe Policy Framework: GDPR and all that
The Policy Framework: GDPR and all that
 
Introduction privacy and drones130902.pptx (alleen lezen)
Introduction privacy and drones130902.pptx (alleen lezen)Introduction privacy and drones130902.pptx (alleen lezen)
Introduction privacy and drones130902.pptx (alleen lezen)
 
Towards Privacy by Design in Personal e-Health Systems
Towards Privacy by Design in Personal e-Health SystemsTowards Privacy by Design in Personal e-Health Systems
Towards Privacy by Design in Personal e-Health Systems
 

More from Marlon Domingus

Safeguarding privacy in research design
Safeguarding privacy in research designSafeguarding privacy in research design
Safeguarding privacy in research designMarlon Domingus
 
The GDPR perspectives: Philosophy
The GDPR perspectives: PhilosophyThe GDPR perspectives: Philosophy
The GDPR perspectives: PhilosophyMarlon Domingus
 
Open Science in Research Libraries: Research, Research Integrity and Legal As...
Open Science in Research Libraries: Research, Research Integrity and Legal As...Open Science in Research Libraries: Research, Research Integrity and Legal As...
Open Science in Research Libraries: Research, Research Integrity and Legal As...Marlon Domingus
 
VSNU gedragscode voor gebruik van persoonsgegevens in wetenschappelijk onderzoek
VSNU gedragscode voor gebruik van persoonsgegevens in wetenschappelijk onderzoekVSNU gedragscode voor gebruik van persoonsgegevens in wetenschappelijk onderzoek
VSNU gedragscode voor gebruik van persoonsgegevens in wetenschappelijk onderzoekMarlon Domingus
 
Research Support @ Erasmus University Rotterdam
Research Support @ Erasmus University RotterdamResearch Support @ Erasmus University Rotterdam
Research Support @ Erasmus University RotterdamMarlon Domingus
 
Towards Privacy by Design. Key issues to unlock science.
Towards Privacy by Design. Key issues to unlock science.Towards Privacy by Design. Key issues to unlock science.
Towards Privacy by Design. Key issues to unlock science.Marlon Domingus
 
Responsible research: professionalism and integrity. The practical, legal and...
Responsible research: professionalism and integrity. The practical, legal and...Responsible research: professionalism and integrity. The practical, legal and...
Responsible research: professionalism and integrity. The practical, legal and...Marlon Domingus
 
Masterclass Research Support
Masterclass Research SupportMasterclass Research Support
Masterclass Research SupportMarlon Domingus
 
Finding the Law for Sharing Data in Academia
Finding the Law for Sharing Data in AcademiaFinding the Law for Sharing Data in Academia
Finding the Law for Sharing Data in AcademiaMarlon Domingus
 

More from Marlon Domingus (9)

Safeguarding privacy in research design
Safeguarding privacy in research designSafeguarding privacy in research design
Safeguarding privacy in research design
 
The GDPR perspectives: Philosophy
The GDPR perspectives: PhilosophyThe GDPR perspectives: Philosophy
The GDPR perspectives: Philosophy
 
Open Science in Research Libraries: Research, Research Integrity and Legal As...
Open Science in Research Libraries: Research, Research Integrity and Legal As...Open Science in Research Libraries: Research, Research Integrity and Legal As...
Open Science in Research Libraries: Research, Research Integrity and Legal As...
 
VSNU gedragscode voor gebruik van persoonsgegevens in wetenschappelijk onderzoek
VSNU gedragscode voor gebruik van persoonsgegevens in wetenschappelijk onderzoekVSNU gedragscode voor gebruik van persoonsgegevens in wetenschappelijk onderzoek
VSNU gedragscode voor gebruik van persoonsgegevens in wetenschappelijk onderzoek
 
Research Support @ Erasmus University Rotterdam
Research Support @ Erasmus University RotterdamResearch Support @ Erasmus University Rotterdam
Research Support @ Erasmus University Rotterdam
 
Towards Privacy by Design. Key issues to unlock science.
Towards Privacy by Design. Key issues to unlock science.Towards Privacy by Design. Key issues to unlock science.
Towards Privacy by Design. Key issues to unlock science.
 
Responsible research: professionalism and integrity. The practical, legal and...
Responsible research: professionalism and integrity. The practical, legal and...Responsible research: professionalism and integrity. The practical, legal and...
Responsible research: professionalism and integrity. The practical, legal and...
 
Masterclass Research Support
Masterclass Research SupportMasterclass Research Support
Masterclass Research Support
 
Finding the Law for Sharing Data in Academia
Finding the Law for Sharing Data in AcademiaFinding the Law for Sharing Data in Academia
Finding the Law for Sharing Data in Academia
 

Recently uploaded

SaaStr Workshop Wednesday w: Jason Lemkin, SaaStr
SaaStr Workshop Wednesday w: Jason Lemkin, SaaStrSaaStr Workshop Wednesday w: Jason Lemkin, SaaStr
SaaStr Workshop Wednesday w: Jason Lemkin, SaaStrsaastr
 
Open Source Strategy in Logistics 2015_Henrik Hankedvz-d-nl-log-conference.pdf
Open Source Strategy in Logistics 2015_Henrik Hankedvz-d-nl-log-conference.pdfOpen Source Strategy in Logistics 2015_Henrik Hankedvz-d-nl-log-conference.pdf
Open Source Strategy in Logistics 2015_Henrik Hankedvz-d-nl-log-conference.pdfhenrik385807
 
Philippine History cavite Mutiny Report.ppt
Philippine History cavite Mutiny Report.pptPhilippine History cavite Mutiny Report.ppt
Philippine History cavite Mutiny Report.pptssuser319dad
 
call girls in delhi malviya nagar @9811711561@
call girls in delhi malviya nagar @9811711561@call girls in delhi malviya nagar @9811711561@
call girls in delhi malviya nagar @9811711561@vikas rana
 
Russian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
Night 7k Call Girls Noida Sector 128 Call Me: 8448380779
Night 7k Call Girls Noida Sector 128 Call Me: 8448380779Night 7k Call Girls Noida Sector 128 Call Me: 8448380779
Night 7k Call Girls Noida Sector 128 Call Me: 8448380779Delhi Call girls
 
Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...
Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...
Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...NETWAYS
 
Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...
Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...
Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...Salam Al-Karadaghi
 
LANDMARKS AND MONUMENTS IN NIGERIA.pptx
LANDMARKS AND MONUMENTS IN NIGERIA.pptxLANDMARKS AND MONUMENTS IN NIGERIA.pptx
LANDMARKS AND MONUMENTS IN NIGERIA.pptxBasil Achie
 
WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )
WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )
WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )Pooja Nehwal
 
Navi Mumbai Call Girls Service Pooja 9892124323 Real Russian Girls Looking Mo...
Navi Mumbai Call Girls Service Pooja 9892124323 Real Russian Girls Looking Mo...Navi Mumbai Call Girls Service Pooja 9892124323 Real Russian Girls Looking Mo...
Navi Mumbai Call Girls Service Pooja 9892124323 Real Russian Girls Looking Mo...Pooja Nehwal
 
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...NETWAYS
 
Genesis part 2 Isaiah Scudder 04-24-2024.pptx
Genesis part 2 Isaiah Scudder 04-24-2024.pptxGenesis part 2 Isaiah Scudder 04-24-2024.pptx
Genesis part 2 Isaiah Scudder 04-24-2024.pptxFamilyWorshipCenterD
 
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...Krijn Poppe
 
Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...
Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...
Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...Kayode Fayemi
 
Open Source Camp Kubernetes 2024 | Running WebAssembly on Kubernetes by Alex ...
Open Source Camp Kubernetes 2024 | Running WebAssembly on Kubernetes by Alex ...Open Source Camp Kubernetes 2024 | Running WebAssembly on Kubernetes by Alex ...
Open Source Camp Kubernetes 2024 | Running WebAssembly on Kubernetes by Alex ...NETWAYS
 
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...Hasting Chen
 
OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...
OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...
OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...NETWAYS
 
Motivation and Theory Maslow and Murray pdf
Motivation and Theory Maslow and Murray pdfMotivation and Theory Maslow and Murray pdf
Motivation and Theory Maslow and Murray pdfakankshagupta7348026
 
OSCamp Kubernetes 2024 | Zero-Touch OS-Infrastruktur für Container und Kubern...
OSCamp Kubernetes 2024 | Zero-Touch OS-Infrastruktur für Container und Kubern...OSCamp Kubernetes 2024 | Zero-Touch OS-Infrastruktur für Container und Kubern...
OSCamp Kubernetes 2024 | Zero-Touch OS-Infrastruktur für Container und Kubern...NETWAYS
 

Recently uploaded (20)

SaaStr Workshop Wednesday w: Jason Lemkin, SaaStr
SaaStr Workshop Wednesday w: Jason Lemkin, SaaStrSaaStr Workshop Wednesday w: Jason Lemkin, SaaStr
SaaStr Workshop Wednesday w: Jason Lemkin, SaaStr
 
Open Source Strategy in Logistics 2015_Henrik Hankedvz-d-nl-log-conference.pdf
Open Source Strategy in Logistics 2015_Henrik Hankedvz-d-nl-log-conference.pdfOpen Source Strategy in Logistics 2015_Henrik Hankedvz-d-nl-log-conference.pdf
Open Source Strategy in Logistics 2015_Henrik Hankedvz-d-nl-log-conference.pdf
 
Philippine History cavite Mutiny Report.ppt
Philippine History cavite Mutiny Report.pptPhilippine History cavite Mutiny Report.ppt
Philippine History cavite Mutiny Report.ppt
 
call girls in delhi malviya nagar @9811711561@
call girls in delhi malviya nagar @9811711561@call girls in delhi malviya nagar @9811711561@
call girls in delhi malviya nagar @9811711561@
 
Russian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Vaishnavi 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
Night 7k Call Girls Noida Sector 128 Call Me: 8448380779
Night 7k Call Girls Noida Sector 128 Call Me: 8448380779Night 7k Call Girls Noida Sector 128 Call Me: 8448380779
Night 7k Call Girls Noida Sector 128 Call Me: 8448380779
 
Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...
Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...
Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...
 
Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...
Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...
Exploring protein-protein interactions by Weak Affinity Chromatography (WAC) ...
 
LANDMARKS AND MONUMENTS IN NIGERIA.pptx
LANDMARKS AND MONUMENTS IN NIGERIA.pptxLANDMARKS AND MONUMENTS IN NIGERIA.pptx
LANDMARKS AND MONUMENTS IN NIGERIA.pptx
 
WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )
WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )
WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )
 
Navi Mumbai Call Girls Service Pooja 9892124323 Real Russian Girls Looking Mo...
Navi Mumbai Call Girls Service Pooja 9892124323 Real Russian Girls Looking Mo...Navi Mumbai Call Girls Service Pooja 9892124323 Real Russian Girls Looking Mo...
Navi Mumbai Call Girls Service Pooja 9892124323 Real Russian Girls Looking Mo...
 
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...
 
Genesis part 2 Isaiah Scudder 04-24-2024.pptx
Genesis part 2 Isaiah Scudder 04-24-2024.pptxGenesis part 2 Isaiah Scudder 04-24-2024.pptx
Genesis part 2 Isaiah Scudder 04-24-2024.pptx
 
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...
 
Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...
Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...
Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...
 
Open Source Camp Kubernetes 2024 | Running WebAssembly on Kubernetes by Alex ...
Open Source Camp Kubernetes 2024 | Running WebAssembly on Kubernetes by Alex ...Open Source Camp Kubernetes 2024 | Running WebAssembly on Kubernetes by Alex ...
Open Source Camp Kubernetes 2024 | Running WebAssembly on Kubernetes by Alex ...
 
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...
 
OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...
OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...
OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...
 
Motivation and Theory Maslow and Murray pdf
Motivation and Theory Maslow and Murray pdfMotivation and Theory Maslow and Murray pdf
Motivation and Theory Maslow and Murray pdf
 
OSCamp Kubernetes 2024 | Zero-Touch OS-Infrastruktur für Container und Kubern...
OSCamp Kubernetes 2024 | Zero-Touch OS-Infrastruktur für Container und Kubern...OSCamp Kubernetes 2024 | Zero-Touch OS-Infrastruktur für Container und Kubern...
OSCamp Kubernetes 2024 | Zero-Touch OS-Infrastruktur für Container und Kubern...
 

Privacy and Data Protection in Research

  • 1. Privacy & Data Protection in Research Summerschool 9-12 July 2017 Erasmus MC July 12 2017 Marlon Domingus
  • 2. Itinerary •rights and responsibilities •privacy by design strategies •privacy principles •privacy enhancing technologies (PETs) •big data concerns •private, shared and public - boundary transitions •data protection impact assessment (DPIA) •cross border data transfers •derogations for research 2
  • 3. The General Data Protection Regulation & (Big Data) Research July 12 2017 Marlon Domingus
  • 4. Rights and Responsibilities 4 Source: http://www.privacy-regulation.eu/en/index.htm
  • 5. Balancing the legitimate interests of the researcher and the privacy rights of the individual Source: Brendan Van Alsenoy (Belgian Privacy Commission), Balancing the interests of controllers and the rights of the data subject. Brussels Privacy Hub, VUB Brussel, June 30 2017. 5 “The right to the protection of personal data is not an absolute right; it must be considered in relation to its function in society and be balanced against other fundamental rights, in accordance with the principle of proportionality.” Recital (4) GDPR “processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject […]” Article 6(1)f GDPR
  • 6. Balancing the legitimate interests of the researcher and the privacy rights of the individual Source: Charter of Fundamental Rights of the European Union (2012/C 326/02). Online: http://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:12012P/TXT&from=EN . 6 Article 8 - Protection of personal data 1. Everyone has the right to the protection of personal data concerning him or her. 2. Such data must be processed fairly for specified purposes and on the basis of the consent of the person concerned or some other legitimate basis laid down by law. Everyone has the right of access to data which has been collected concerning him or her, and the right to have it rectified. 3. Compliance with these rules shall be subject to control by an independent authority.
  • 7. Balancing the legitimate interests of the researcher and the privacy rights of the individual Source: Prof. Dr. Gloria González Fuster: Recent jurisprudence of the European Court of Human Rights and the Court of Justice of the European Union. Brussels Privacy Hub, VUB Brussel, June 30 2017. 7 independent authority individual’s rights legitimate interests
  • 8. Balancing. Four Steps. 8 1. Legitimate interests of controller or 3rd party • freedom of expression • direct marketing and other forms of advertisement • enforcement of legal claims • prevention of fraud, misuse of services, or money laundering • physical safety, security, IT and network security • whistle-blowing schemes 2. Impact on data subject Actual and potential repercussions • Nature of the data • How the data are processed • Reasonable expectations data subject • Nature of controller vis-à-vis data subject 3. Make provisional balance “Necessary” • Least intrusive means • Reasonably effective • Balance of interests 4. Safeguards Measures to ensure that the data cannot be used to take decisions or other actions with regard to individuals. • anonymisation techniques, aggregation of data • privacy-enhancing technologies, privacy by design • increased transparency • general and unconditional right to opt-out Source: Article 29 Data Protection Working Party. Opinion 06/2014 on the "Notion of legitimate interests of the data controller under Article 7 of Directive 95/46/EC". Adopted on 9 April 2014. Online: http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/files/2014/wp217_en.pdf
  • 9. Privacy by Design Strategy (‘traditional’) 9 Source: ENISA report (2015): Privacy By Design In Big Data. Online: https://www.enisa.europa.eu/publications/big-data-protection/at_download/fullReport
  • 10. Privacy by Design Strategy (Big Data) 10 Source: ENISA report (2015): Privacy By Design In Big Data. Online: https://www.enisa.europa.eu/publications/big-data-protection/at_download/fullReport
  • 11. Privacy Principles 11 1. Consent and choice 2. Purpose legitimacy and specification 3. Collection limitation 4. Data minimisation 5. Use, retention and disclosure limitation 6. Accuracy and quality 7. Openness, transparency and notice 8. Individual participation and access 9. Accountability 10. Information security 11. Privacy compliance Source: Information technology — Security techniques — Privacy framework. ISO/IEC 29100:2011. Online: http://standards.iso.org/ittf/PubliclyAvailableStandards/c045123_ISO_IEC_29100_2011.zip Source: Information technology — Identification of privacy protection requirements pertaining to learning, education and training (LET) — Part 1: Framework and reference model. ISO/IEC 29187-1:2013 Online: http://standards.iso.org/ittf/PubliclyAvailableStandards/c045266_ISO_IEC_29187- 1_2013.zip
  • 12. Privacy Enhancing Technologies in Big Data 12 Anonymization in big data (and beyond) Utility and privacy Attack models and disclosure risk Anonymization privacy models Anonymization privacy models and big data Anonymization methods Some current weaknesses of anonymization Centralized vs decentralized anonymization for big data Other specific challenges of anonymization in big data Challenges and future research for anonymization in big data Encryption techniques in big data Database encryption Encrypted search Security and accountability controls Granular access control Privacy policy enforcement Accountability and audit mechanisms Data provenance Transparency and access Consent, ownership and control Consent mechanisms Privacy preferences and sticky policies Personal data stores Source: ENISA report (2015): Privacy By Design In Big Data. Online: https://www.enisa.europa.eu/publications/big-data-protection/at_download/fullReport
  • 13. WP Art 29: Big Data Concerns: 13 - the sheer scale of data collection, tracking and profiling, also taking into account the variety and detail of the data collected and the fact that data are often combined from many different sources; - the security of data, with levels of protection shown to be lagging behind the expansion in volume; - transparency: unless they are provided with sufficient information, individuals will be subject to decisions that they do not understand and have no control over; - inaccuracy, discrimination, exclusion and economic imbalance; - increased possibilities of government surveillance. Source: Article 29 Data Protection Working Party. Opinion 03/2013 on purpose limitation. Adopted on 2 April 2013. Online: http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/files/2013/wp203_en.pdf
  • 14. Data Protection Impact Assessment Source: Dr. Paul Quinn and István Böröcz, How to do a PIA – practical session. Brussels Privacy Hub, VUB Brussel, June 27 2017. 14 Addresses: • societal concerns • technical concerns • ethical concerns • legal concerns
  • 15. Our Research Assessment 1. Is the research project conducted in an international partnership? 2. Is this partnership a public-private collaboration? 3. Is personal data or confidential data used in the research? 4. Will the research project result in information and/or products that will become open access available, or commercially or both? 5. Is an infrastructure required for the processing / analysis / storage of the research data beyond which is available at the EUR workplace? 6. Will the data processing be a manual activity, or is it automated and executed by scripts? IPR, Applicable Law IPR, Valorisation Data Protection, Privacy IPR, Valorisation Research Infra, HPC IPR, Database Law 15
  • 17. Private, Shared and Public - Boundary Transitions 17 Source: Personal website Andrew Treloar. Online: http://andrew.treloar.net/research/diagrams/index.shtml
  • 18. Cross Border Data Transfers Source: Prof. Christopher Kuner, International Transfers of Personal Data Post-GDPR. Brussels Privacy Hub, VUB Brussel, June 29 2017. 18 Three methods to transfer data internationally: • Adequacy decisions adopted by EC (Art. 45 GDPR). • In the absence of an adequacy decision, appropriate safeguards (data transfer instruments, Art. 46 GDPR), meaning: BCRs; SCCs; approved codes of conduct and certification mechanisms with binding commitments; “ad hoc” contractual clauses authorized by DPAs. • In the absence of an adequacy decision or appropriate safeguards, derogations (Art. 49 GDPR), e.g. consent; performance of a contract; public interest under EU or Member State law; legitimate interests of a controller (with limitations).
  • 19. Cross Border Data Transfers Source: Prof. Christopher Kuner, International Transfers of Personal Data Post-GDPR. Brussels Privacy Hub, VUB Brussel, June 29 2017. 19
  • 20. Exemptions or Derogations for Research Source: General Data Protection Regulation. Online: http://ec.europa.eu/justice/data-protection/reform/files/regulation_oj_en.pdf 20
  • 21. Questions? drs. Marlon Domingus Research Services coordinator Community Research Data Management T +31 10 4088006 E researchsupport@eur.nl W https://www.eur.nl/researchmatters/research_data_management/ (services and templates) Stay in touch via: https://www.linkedin.com/in/domingus/ 21
  • 23. Take Aways July 12 2017 Marlon Domingus
  • 24. Privacy: infographics Source: EUR Research Matters website. Online: https://www.eur.nl/researchmatters/research_data_management/services/rdm_legal_services/ 24
  • 26. 26 How to use the compass In the core, the four Denscombe principles, serve as a starting point. In the next layer, the aspects related to these principles are listed. In the outer layer, the actions for faculty and/or research support staff are listed. The arrow aligns the principles with the corresponding aspects and actions Thus four quadrants appear, with a focus on the distinct aspects of research integrity. Traditionally ethics committees look at the aspects of the lower left quadrant. How to address the aspects in the rest of the compass? Suggestion: work together with the Data Protection Officer and the Legal Department for a new governing approach to assessing proper academic practices.