Back to Blood: The Sociopolitics and Law of Compulsory DNA Testing of Refugees

Since October 2012, certain family members of refugees seeking reunification through the United States Refugee Admissions Priority Three program must undergo DNA testing to prove they are genetically related. The putative purposes of the policy include fraud prevention, enhanced national security, and greater efficiency in refugee claims processing. Upon close inspection, however, the new policy generates significant sociopolitical and legal concerns. The notion of what constitutes a family is significantly narrowed. Required DNA testing may violate domestic laws and international human rights instruments regarding voluntary informed consent, privacy, and anti-discrimination. Traditional legal solutions insufficiently remedy these concerns and cannot prevent the collective march towards an intractable risk society that views the “Other” as a potential fraud. Alternative strategies to mitigate the impact of the new policy are recommended. Such strategies can allow for a more nuanced understanding of family and a firmer understanding of the inherent but also uncertain risks of DNA technology in the immigration and refugee context

To What Extent Does the EU General Data Protection Regulation (GDPR) Apply to Citizen Scientist-Led Health Research with Mobile Devices?

In this article, we consider the possible application of the European General Data Protection Regulation (GDPR) to “citizen scientist”-led health research with mobile devices. We argue that the GDPR likely does cover this activity, depending on the specific context and the territorial scope. Remaining open questions that result from our analysis lead us to call for lex specialis that would provide greater clarity and certainty regarding the processing of health data by for research purposes, including these non-traditional researchers

Should consent for data processing be privileged in health research?

Several recent data protection laws appear to afford a privileged position to scientific research, including health research. Provisions that might otherwise apply to data subjects and data controllers, including rights exercisable by data subjects against controllers, are lifted or lessened.However, when it comes to considering whether consent should serve as the lawful basis for processing data in the health research context, a fair degree of policy and regulatory divergence emerges. This divergence seems to stem from a normative link that some draw between consent as a research ethics principle and consent as a lawful basis in data protection law.We look at the EU General Data Protection Regulation (GDPR) and three national laws, either implementing the GDPR or inspired by it, to provide points of comparison: South Africa’s Protection of Personal Information Act, 2013, the UK’s Data Protection Act 2018, and Ireland’s Health Research Regulations 2018. We supplement this analysis by considering other relevant laws and regulations governing health research in these jurisdictions.We argue that there is merit in distinguishing research ethics consent from data processing consent, to avoid what we call ‘consent misconception’, and come to advocate a middle-ground approach in data protection law, ie one that does not mandate consent as the lawful basis for processing personal data in health research projects—but does encourage it. This approach, we argue, achieves the best balance for protecting data subject/research participant rights and interests and promoting socially valuable health research

Ethics governance in Scottish universities:How can we do better? A qualitative study

While ethical norms for conducting academic research in the United Kingdom are relatively clear, there is little empirical understanding of how university research ethics committees (RECs) themselves operate and whether they are seen to operate well. In this article, we offer insights from a project focused on the Scottish university context. We deployed a three-sided qualitative approach: (i) document analysis; (ii) interviews with REC members, administrators, and managers; and (iii) direct observation of REC meetings. We found that RECs have diverse operation and vary in terms of what members understand to be the remit of their REC and what should constitute the content of ethics review. Overall, though, most participants perceive university RECs as operating well. When asked what they consider to be areas for further improvement, most commented on: implementation of an online system; more experience with how to evaluate various kinds of research projects; best practice exchange and training opportunities; more accurate reflection of the REC role as part of the university’s workload allocation model; and greater recognition of the importance of research ethics governance in the university’s research environment, and, for the members themselves, their career advancement. Based on our findings and subsequent discussions during an end-of-project roundtable with stakeholders, we propose a model of collaboration that can address some of the identified areas that could benefit from further improvement. This model would facilitate a heightened awareness of the importance of supporting REC members in their own effort in assisting students and staff alike in undertaking as ethically robust research as possible

Signalling standards for progress:Bridging the divide between a valid consent to use patient data under data protection law and the common law duty of confidentiality

In this article, we analyse the legal components of disclosing confidential patient information under the UK's common law duty of confidentiality (CLDoC) and processing personal (health) data under the UK's General Data Protection Regulation (GDPR) and Data Protection Act 2018. We describe the ostensible divide between the CLDoC and data protection law when it comes to the requirements of a valid signal of consent by a patient to use and disclose patient information, obtained by a health professional in the context of direct care, for health care and health research purposes. Ultimately, our analysis suggests that we are saddled, at least in the medium term, with two regimes operating with different standards of a valid consent-while putatively protecting similar interests. There is, however, opportunity for progress. It is possible to improve professional guidance on the interaction between the regimes and to achieve significant normative alignment without aligning the signalling standard for consent; this would promote consistent protection of reasonable expectations of patients across both regimes. Further coherence would require aligning not only the standard, but also the role played by consent under each regime. Here we argue that, in relation to direct care, any such shift should be away from consent as the normal justification. In relation to health research, on the contrary, it should be toward consent as the normal justification for use and disclosure of patient information under both the CLDoC and data protection law