Why POPIA does not apply to DNA

No abstrac

Does data protection law in South Africa apply to pseudonymised data?

The use of pseudonymised datasets is increasingly commonplace as research institutions seek to balance data utility with data security. Yet, a crucial question arises: How does South Africa’s Protection of Personal Information Act (POPIA) govern these datasets, especially given their ambiguous state between de-identification and possible re-identification? A thorough examination of POPIA suggests that the determination of whether a pseudonymised dataset is personal information—and thus whether processing the dataset falls within POPIA’s purview—must be informed by the specific context of the responsible party in possession of the pseudonymised dataset. When a research institution retains both the pseudonymised dataset and its linking dataset, the pseudonymised dataset remains identifiable and is thus personal information that falls within POPIA’s purview. However, when only the pseudonymised dataset—without the linking dataset—is transferred to another entity, it is non-personal information in the hands of such a recipient, thus freeing the recipient from POPIA compliance. Such a delineation offers research institutions greater flexibility in sharing and using pseudonymised datasets. Importantly, because the original provider of the pseudonymised dataset (who has the means to re-identify the dataset) remains governed by POPIA, the privacy rights of data subjects are not undermined

The in Vitro Embryo and the Law: The Ownership Issue and a Response to Robinson

In 2012 the Minister of Health made the Regulations Relating to the Artificial Fertilisation of Persons, which provide that the woman who intends to be made pregnant with an in vitro embryo owns such an embryo and can control the embryo's fate in specified ways. Given that in vitro embryos are outside the woman's body, the rationale for these provisions cannot be to protect the woman's bodily integrity. These provisions are, however, problematic from a constitutional perspective, as they: exclude fathers across the board, and impede the right of all intended parents who will not gestate the pregnancy, like surrogacy commissioning parents, to make decisions regarding reproduction – which include the right not to reproduce and hence to veto the further use of an in vitro embryo for reproductive purposes. Robinson argues that the legislative intent with the 2012 Regulations was not to establish ownership of in vitro embryos, and that in vitro embryos are not legal objects (or subjects), but rather form part of the legal subjectivity of their parents. I respond that the language used in the relevant provision is plain and clear in establishing ownership of in vitro embryos, and that in vitro embryos are therefore legal objects. I further suggest that Robinson's proposition of in vitro embryos forming part of the legal subjectivity of their parents may address the gender equality concern with the 2012 Regulations, but that it in turn causes other problems. In particular, Robinson's rationale for his proposition is problematic, as it appears to conflate the embryo with the prospective child. I rely on the important recent judgment in Ex Parte KAF 2019 2 SA 510 (GJ) that held explicitly that the in vitro embryo should not be equated with the prospective child. Finally, I respond to Robinson's critique of my 2005 article, by clarifying the research questions and answers of that article. I highlight the importance of the moral status of the in vitro embryo to legal and ethical debates relating to the in vitro embryo, and invite academic debate on the topic. &nbsp

Clarifying Misconceptions and Recentring the Debate on Heritable Human Genome Editing in South Africa: A Response to De Vries

This article responds to recent criticisms by Professor Jantina de Vries regarding my research group's position on the legal status of heritable human genome editing (HHGE) in South Africa. De Vries challenges our interpretation of section 57 of the National Health Act (NHA), questions the methodology of our deliberative public engagement study, and speculates about the broader intentions behind our work. In this response, I clarify our interpretation of section 57 using established principles of statutory interpretation and show that the provision prohibits reproductive cloning but does not ban HHGE outright. I address misconceptions surrounding the scope and structure of the provision, and demonstrate why an interpretation that bans HHGE would result in internal inconsistency. I also defend the methodological soundness and peer-reviewed credibility of our public engagement research, and respond to concerns about our broader strategic intent. Finally, I propose a constructive path forward: a context-sensitive regulatory framework for HHGE grounded in constitutional values, public health priorities and rigorous ethical oversight. The article aims to re-centre the debate on substantive legal and governance issues and invites evidence-based academic engagement on the future of HHGE in South Africa. In doing so it contributes to a more principled and legally coherent foundation for regulating advanced biotechnologies in constitutional democracies

The anatomy of a data transfer agreement for health research

In a data-driven era, the exchange and safeguarding of personal information has become paramount. Data transfer agreements (DTAs) serve to guard privacy, defining the rules for sharing and protecting sensitive data. Yet, the complexities surrounding issues such as data privacy, intellectual property, and dispute resolution within these agreements pose challenges that demand careful consideration. Through a scoping review of twenty-four publicly available, English language DTAs relevant to health research, this article undertakes a comprehensive analysis, examining common clauses, their vital components, and charting a course for responsible data sharing through the provision of insights and practical guidance for drafting DTAs. The article underscores the need for attention to detail and an understanding of data protection legislation in order to ensure that DTAs align with the law and maximize legal certainty

Protecting personal information in research: Is a code of conduct the solution?

No abstrac

Liability for harm caused by AI in healthcare: an overview of the core legal concepts

The integration of artificial intelligence (AI) into healthcare in Africa presents transformative opportunities but also raises profound legal challenges, especially concerning liability. As AI becomes more autonomous, determining who or what is responsible when things go wrong becomes ambiguous. This article aims to review the legal concepts relevant to the issue of liability for harm caused by AI in healthcare. While some suggest attributing legal personhood to AI as a potential solution, the feasibility of this remains controversial. The principal–agent relationship, where the physician is held responsible for AI decisions, risks reducing the adoption of AI tools due to potential liabilities. Similarly, using product law to establish liability is problematic because of the dynamic learning nature of AI, which deviates from static products. This fluidity complicates traditional definitions of product defects and, by extension, where responsibility lies. Exploring alternatives, risk-based determinations of liability, which focus on potential hazards rather than on specific fault assignments, emerges as a potential pathway. However, these, too, present challenges in assigning accountability. Strict liability has been proposed as another avenue. It can simplify the compensation process for victims by focusing on the harm rather than on the fault. Yet, concerns arise over the economic impact on stakeholders, the potential for unjust reputational damage, and the feasibility of a global application. Instead of approaches based on liability, reconciliation holds much promise to facilitate regulatory sandboxes. In conclusion, while the integration of AI systems into healthcare holds vast potential, it necessitates a re-evaluation of our legal frameworks. The central challenge is how to adapt traditional concepts of liability to the novel and unpredictable nature of AI—or to move away from liability towards reconciliation. Future discussions and research must navigate these complex waters and seek solutions that ensure both progress and protection

Correction to:South Africa’s new standard material transfer agreement: proposals for improvement and pointers for implementation

Correction to: BMC Medical Ethics (2020) 21:85 https://doi.org/10.1186/s12910-020-00526-

South Africa’s new standard material transfer agreement:proposals for improvement and pointers for implementation

BackgroundWhenever South African (SA) research institutions share human biological material and associated data for health research or clinical trials they are legally compelled to have a material transfer agreement (MTA) in place that uses as framework the standard MTA newly gazetted by the South African Minister of Health (SA MTA).Main bodyThe article offers a legal analysis of the SA MTA and focuses on its substantive fit with the broader legal environment in South Africa, and the clarity and practicality of its terms. The following problematic aspects of the SA MTA are highlighted: (a) Where only data and no human biological material are transferred, the SA MTA does not apply, leaving a lacuna; (b) Health Research Ethics Committees are required to be parties to a MTA despite it being outside their legal mandate and undermining their oversight function; (c) the SA MTA’s consent provisions are not aligned with extant law; and, similarly, (d) its provision on donor ownership is misaligned with extant law; (e) its creation of fictitious performance can only cause frustration on the part of an injured party; (f) its benefit-sharing provision is vague and will have little practical effect; (g) its dispute-resolution provisions fail to adequately protect South African research institutions and research participants; (h) it fails to provide substantive guidance regarding intellectual property as its provisions relating to intellectual property may cause practical problems; and, finally, (i) its data privacy provision is insufficiently specific, is overbroad, and fails to provide terms that in general would facilitate the international sharing of human biological material and associated data in terms of existing privacy law.ConclusionsWhile some of the problematic aspects of the SA MTA are intricate and require consultative processes with stakeholders and others, to develop comprehensive solutions, most of the problematic aspects can be resolved immediately through amendments by the South African Minister of Health. The formulation of such amendments is proposed and, where possible, interim measures are suggested that may ameliorate the problems presented by the SA MTA