Swedish Proposal for Research Data Act

Similar documents
EXIN Privacy and Data Protection Foundation. Preparation Guide. Edition

IAB Europe Guidance THE DEFINITION OF PERSONAL DATA. IAB Europe GDPR Implementation Working Group WHITE PAPER

The EFPIA Perspective on the GDPR. Brendan Barnes, EFPIA 2 nd Nordic Real World Data Conference , Helsinki

SEMINAR; RESEARCH IN THE ERA OF DIGITIZATION - DATA PROTECTION, RESEARCH AND ACCESS TO LIBRARIES

The General Data Protection Regulation and use of health data: challenges for pharmaceutical regulation

ISO/TR TECHNICAL REPORT. Intelligent transport systems System architecture Privacy aspects in ITS standards and systems

Interaction btw. the GDPR and Clinical Trials Regulation

Biometric Data, Deidentification. E. Kindt Cost1206 Training school 2017

The EU's new data protection regime Key implications for marketers and adtech service providers Nick Johnson and Stephen Groom 11 February 2016

Privacy Policy SOP-031

Ocean Energy Europe Privacy Policy

GDPR Awareness. Kevin Styles. Certified Information Privacy Professional - Europe Member of International Association of Privacy professionals

GDPR Implications for ediscovery from a legal and technical point of view

Robert Bond Partner, Commercial/IP/IT

Ministry of Justice: Call for Evidence on EU Data Protection Proposals

First Components Ltd, Savigny Oddie Ltd, & Datum Engineering Ltd. is pleased to provide the following

Justice Select Committee: Inquiry on EU Data Protection Framework Proposals

National approach to artificial intelligence

HBM4EU project. Information, Invitation and Informed Consent Lisbeth E. Knudsen, Berit A. Faber. Information and recruitment of participants

clarification to bring legal certainty to these issues have been voiced in various position papers and statements.

ISO/IEC INTERNATIONAL STANDARD. Information technology Security techniques Privacy framework

EU Research Integrity Initiative

BBMRI-ERIC WEBINAR SERIES #2

The General Data Protection Regulation

ARTICLE 29 Data Protection Working Party

CCTV Policy. Policy reviewed by Academy Transformation Trust on June This policy links to: Safeguarding Policy Data Protection Policy

Efese, ethics in research

Dr Nicholas J. Gervassis University of Plymouth THE EMERGING UK DATA PROTECTION FRAMEWORK AND BEYOND

EU-GDPR The General Data Protection Regulation

ICC POSITION ON LEGITIMATE INTERESTS

Global Alliance for Genomics & Health Data Sharing Lexicon

CCTV Policy. Policy reviewed by Academy Transformation Trust on June This policy links to: T:Drive. Safeguarding Policy Data Protection Policy

The Swedish Research Council s Guide to Research Infrastructure

Wireless Sensor Networks and Privacy

End-to-End Privacy Accountability

What does the revision of the OECD Privacy Guidelines mean for businesses?

Towards Code of Conduct on Processing of Personal Data for Purposes of Scientific Research in the Area of Health

PRIVACY ANALYTICS WHITE PAPER

European Union General Data Protection Regulation Effects on Research

Our position. ICDPPC declaration on ethics and data protection in artificial intelligence

Lund Revisited. Next steps in tackling Societal Challenges

As at: Draft Bill of the Federal Ministry for Economic Affairs and Energy. Fourth Law amending the Telecommunications Act

Details of the Proposal

Interest Balancing Test Assessment on the processing of the copies of data subjects driving licences for the MOL Limo service

European Law as an Instrument for Avoiding Harmful Interference 5-7 June Gerry Oberst, SES Sr. Vice President, Global Regulatory & Govt Strategy

EUROPEAN CENTRAL BANK

(Non-legislative acts) DECISIONS

European Charter for Access to Research Infrastructures - DRAFT

TechAmerica Europe comments for DAPIX on Pseudonymous Data and Profiling as per 19/12/2013 paper on Specific Issues of Chapters I-IV

Should privacy impact assessments be mandatory? David Wright Trilateral Research & Consulting 17 Sept 2009

The 45 Adopted Recommendations under the WIPO Development Agenda

EU data economy what have you done for me lately?

2

NOTIFICATION FOR PRIOR CHECKING INFORMATION TO BE GIVEN(2)

Convergence and Differentiation within the Framework of European Scientific and Technical Cooperation on HTA

D2. Results of the feasibility analysis

Latin-American non-state actor dialogue on Article 6 of the Paris Agreement

ISO/IEC INTERNATIONAL STANDARD. Information technology Security techniques Privacy framework

The GDPR and Upcoming mhealth Code of Conduct. Dr Etain Quigley Postdoctoral Research Fellow (ARCH, UCD)

Proposal for a COUNCIL REGULATION. on denominations and technical specifications of euro coins intended for circulation. (recast)

Ethics Review Data Sharing Bridging Legal Environments

ENTSO-E Draft Network Code on High Voltage Direct Current Connections and DCconnected

RECOMMENDATIONS. COMMISSION RECOMMENDATION (EU) 2018/790 of 25 April 2018 on access to and preservation of scientific information

User Privacy in Health Monitoring Wearables

Proposals to be firmed up, avenues for the future

B) Issues to be Prioritised within the Proposed Global Strategy and Plan of Action:

This policy sets out how Legacy Foresight and its Associates will seek to ensure compliance with the legislation.

COMMUNICATION FROM THE COMMISSION TO THE EUROPEAN PARLIAMENT. pursuant to Article 294(6) of the Treaty on the Functioning of the European Union

Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL

Common evaluation criteria for evaluating proposals

12 April Fifth World Congress for Freedom of Scientific research. Speech by. Giovanni Buttarelli

ETSI EN V1.2.1 ( ) Harmonized European Standard (Telecommunications series)

Having regard to the Treaty establishing the European Community, and in particular its Article 286,

Access to personal data within our research collections

Defence Export Controls Policy

Article The Transparency Challenge: Making children aware of their data protection rights and the risks online

Robotics, AI and the Law

Employees, contractors and other personnel of KKR should note that a separate privacy notice will be made available to them.

COMMISSION RECOMMENDATION. of on access to and preservation of scientific information. {SWD(2012) 221 final} {SWD(2012) 222 final}

State Archives of Florida Collection Development Policy

A/AC.105/C.1/2014/CRP.13

Having regard to the Treaty on the Functioning of the European Union, and in particular Article 16 thereof,

ETSI EN V1.1.1 ( )

Data Protection by Design and by Default. à la European General Data Protection Regulation

06/2015. Overview of the Minamata Convention on Mercury

At its meeting on 18 May 2016, the Permanent Representatives Committee noted the unanimous agreement on the above conclusions.

ETSI EN V1.3.1 ( )

Interoperable systems that are trusted and secure

The Alan Turing Institute, British Library, 96 Euston Rd, London, NW1 2DB, United Kingdom; 3

Rules of Usage for the BESSY II Electron Storage Ring and the BER II Neutron Source at the Helmholtz-Zentrum Berlin für Materialien and Energie GmbH

EL PASO COMMUNITY COLLEGE PROCEDURE

The Information Commissioner s response to the Draft AI Ethics Guidelines of the High-Level Expert Group on Artificial Intelligence

SCIENCE IN THE CENTRE STRATEGIC PLAN

Please send your responses by to: This consultation closes on Friday, 8 April 2016.

Part 7: Privacy aspects

Future of the Draft International Code of Conduct as the Linchpin of the Space Security and Safety

ISO INTERNATIONAL STANDARD. Nomenclature Specification for a nomenclature system for medical devices for the purpose of regulatory data exchange

CAMD Transition Sub Group FAQ IVDR Transitional provisions

The creation of the Emergency Preparedness and Response Expert Group (EPREG) which held its second meeting last month.

LOGICAL FRAMEWORK MATRIX LFM

Transcription:

Swedish Proposal for Research Data Act XXXII Nordic Conference on Legal Informatics November 13-15 2017 Cecilia Magnusson Sjöberg, Professor Faculty of Law Stockholm University Today s presentation about personal data processing for research purposes Background Approach Proposal Remaining work Challenges

REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL OF 27 APRIL 2016ON THE PROTECTION OF NATURAL PERSONS WITH REGARD TO THE PROCESSING OF PERSONAL DATA AND ON THE FREE MOVEMENT OF SUCH DATA, AND REPEALING DIRECTIVE 95/46/EC (GENERAL DATA PROTECTION REGULATION) Swedish regulative response General Data Protection Regulation (2016/679), GDPR National general supplementary legislation SOU 2017:39 National specific rules and regulations The Research Data Inquiry (U 2016:04)

SOU 2017:50 Interim report presented on June 9, 2017 to the minister for Higher Education and Research Helene Hellmark Knutsson The consultation process 143 consultative organs listed Responses were due by September 15, 2017 An official referral to the Council of Legislation is being prepared by the Ministry of Education Secretariat Cecilia Magnusson Sjöberg, special investigator Maria Jacobsson, Head Secretary Cecilia Arrgård Staffan Malmgren Margareta Sandén Magnus Stenbeck

The notion of research and the Ethical Review Act (2003:460) Definitions Section 2 In this statute, the terms listed below shall be construed as follows: Research: Scientifically experimental or theoretical work intended to result in new knowledge and development outcomes on a scientific basis, excluding work that is performed within the framework of higher education on the basic or advanced level. Responsible research body: A government authority or a physical or legal entity under whose auspices the research is conducted Research subject: A living person who is the subject of research. The Commission Dir. 2016:65 Processing of personal data for research purposes Part 1 was presented on June 9, 2017 Part 2 due by May 25, 2018 Dir. 2017:29 Processing of personal data in the Royal Library Completed November 9, 2017 Dir. 2017:61 Legal prerequisites for providing data to the Luxembourg Income Study (LIS) Due by May 25, 2018 Dir. 2017:87 Processing of personal data in research libraries Completed November 9, 2017

Major research library activities Personal data processing: Data about borrowers Digitalisation of analogue collections Digitalisation of remote access or upon visitors request Data base searches Publishing activities Hosting publication data bases Management of identifiers Text- and data mining (TDM), as a service Also: Open science partner Open education partner SOU 2017:50 General considerations in view of the General Data Protection Regulation (GDPR) and the proposal by the Data Protection Inquiry (SOU 2017:39) Establish the legal ground for lawful processing research as a task carried out in the public interest enable processing of personal data for research purposes while maintaining privacy protection Equate researchers in public and private organisations

About consent The prerequisites for valid consent are made explicit in GDPR Private research actors Consent can be a legal ground Processing of sensitive personal data (special categories) or personal data on criminal convictions and offences must be subject to ethical review regarding research conducted in Sweden Public research actors Limited possibilities to use consent as a legal ground Research is primarily conducted as a task carried out in the public interest The data protection principles in Article 5 and the principles of proper research practices apply to all actors SOU 2017:50 cont. On ethical review Can constitute a safeguard in accordance with GDPR Ethical review according to the same principles as today Sensitive personal data and personal data on criminal convictions and offenses applies to all actors regardless of which legal ground It is not reasonable to require ethical review for processing of all categories of personal data There is a need to differentiate the ethical review procedure

SOU 2017:50 cont. General safeguards Pertains to all processing of personal data for research purposes New Pseudonymisation or equally strong protection Conditional right to opt out Transferred from the Personal Data Act To take action with respect to the data subject SOU 2017:50 cont. Rights of the data subject Some proposed limitations No right to rectification when processing for archival purposes No right to restriction of processing Article 18.1 in GDPR (contest of accuracy) Artikel 18.1 d i GDPR (verification that the legitimate grounds of the controller override those of the data subject) if excercising these rights leads to that the research cannot be carried out, or is seriously delayed or hampered

SOU 2017:50 cont. Legal technical adaption of two register laws The LifeGene Law The Law on the Forensic Psychiatry Research Register Restricted to necessary changes due to GDPR Previous considerations and decisions are accepted References are updated Legislate A Research Data Law is proposed Proposal: The Research Data Act Introductory provisions Scope of the law Processing of personal data for research purposes Legal ground General safeguards Sensitive personal data (special categories) Personal data on criminal convictions and offenses etc. Exemptions from rights of the data subject Disclosure of personal data

Remaining work Long term regulation of research databases Comprising The Luxembourg Income Study (LIS) Review of the regulation etc. of the Forensic Psychiatry Research Register Propose a regulation of the National Biobank Register Strengthened protection of data on deceased persons within forensic research? Challenges moving ahead Compliance with fundamental data protection principles Especially purpose imitation Data minimisation Position of the national supervisory authority in light of the governmental goal Potential tools A broad understanding of the research process Ethical reviews applied beyond conventional projects

2024 © hobbydocbox.com Privacy Policy | Terms of Service | Feedback