In the age of big data and AI, the ability to extract knowledge and value from personal data is promising, especially for researchers and policymakers. The new findings based on the vast amount of data have the potential to save lives and reduce expenses for the whole society. However, processing sensitive data for a new purpose poses complex ethical, legal and technical challenges. The EU General Data Protection Regulation (GDPR) accounts for this challenge by allowing researchers to process and further use personal data under the ‘research exemption’. However, many aspects of this exemption would need further clarification: what level of public interest is necessary e.g., general, important or substantial, how the data should be de-identified and what kind of activities can fit in the definition of ‘scientific research’. The issue is elaborated through the GDPR and its implementation in England and Germany, focusing on the secondary use of health data
EDPB Approves Six-Month Extension for UK Data Protection Adequacy
The EDPB supports a six-month extension of the UK GDPR adequacy decisions until December 2025 while awaiting the UK’s data […]