Updating a 1995 EU directive on the protection of individuals with regard to the processing of personal data is a cumbersome task, Striking a right balance however between privacy of personal data and being able to just do your job, referring here to researchers, seemed to be too difficult a task. Luckily the legislative procedure has been postponed, which gives room for continued lobbying. Because if the current proposal of the European Commission on reforming data protection and the approved amendments of the LIBE Committee in the EP would become reality, these could seriously impede (medical) research.


Data protection in research: a healthy business?

The issues

From 1995 to the present date, the world has changed significantly in terms of ICT and internet technologies accompanied by an increasing flow of data, social networks and ICT firms. Handling your data with respect and with utmost care shouldn’t be taken too lightly, but one also should recognise that in many cases sharing your personal data for scientific purposes is crucial for saving people’s lives and for improving health standards of European citizens. Some of the main problems that can have a detrimental effect on medical research are as follows:

  • Following LIBE’s vote in the data protection regulation, explicit consent will now also be necessary for the processing of personal data for scientific purposes. Only in case of ‘exceptional high public interest’, which has not been further defined what this covers, the data in question need to be anonymised or pseudonymised under the highest technical standards, and all necessary measures need to be taken to prevent re-identification of the data subjects (article 81 and 83).
  • Next to that, the consent would need to be “specific, informed and explicit”. In many cases, this cannot be achieved in health research.

It is unfortunate that although there were many pleas from European and national research and medical organisations, these points seem to remain in vain. Research deserves a unique position within the regulatory framework, exactly because the use of (health) research data do not serve the individual interest but the public interest.

What’s next?

Well, although the outlook on the basis of the Commission proposal and the vote in the LIBE Committee does not seem too bright, the whole US National Security Agency scandal comes as a blessing as now talks on the EU data protection regulation have been delayed by the European heads of state until later in 2014, possibly beginning of 2015. Being aware of the fact that in 2014 a new European Parliament will be elected  and new EU Commissioners will be chosen, anything can basically happen but no one knows exactly what. The new EC Commissioner can decide he or she does not like the proposal by its predecessor and put forward a new proposal. This might also happen in the EP; the new rapporteur can decide it does not like the report and draft a new report, which would consequently also mean a new round of amendments. Patience is a virtue, but in this case a virtue much welcomed. In the meantime, research and medical organisation should continue voicing their concerns as frankly they haven’t been heard enough yet despite many efforts. Researchers can be happy about this as the delay offers a new window of opportunity.

by Charlotte Geerdink