Privacy Statements Under the GDPR

The need to include specific types of information in a privacy statement is a GDPR compliance obligation that does not get as much attention as some other GDPR requirements. Perhaps that is because privacy statements have been much maligned in recent years. They are too long and full of legalese. Nobody reads them. They are part of a notice and consent approach to privacy that puts an unrealistic burden on consumers to make informed choices. But despite these well-known criticisms, the GDPR doubles down on privacy statements. In fact, gauging by the roughly fourfold increase in privacy statement requirements compared to the previous law, the GDPR quadruples down. As a result, ensuring that a privacy statement is GDPR-compliant is one of the more important obligations that companies must navigate. And meeting the privacy statement requirements effectively is not as simple as it might first appear. This Article discusses how companies should approach and craft their privacy statements to meet these new GDPR requirements, thereby reducing their risk

Science and Privacy: Data Protection Laws and Their Impact on Research

While privacy laws differ in their scope, focus, and approach, they all involve restrictions on the collection, use, sharing, or retention of information about people. In general, privacy laws reflect a societal consensus that privacy violations can lead to a wide range of financial, reputational, dignitary, and other harms, and that excessive collection and harmful uses of personal information should therefore be constrained. These laws require organizations to comply with a number of obligations concerning personal information. In practice, these requirements can lead organizations to refrain from collecting certain data, only use data with the consent of the individual, or to delete data after a certain timeframe or at the request of the individual. Further, the global trend is toward both more and stricter privacy laws. At the same time, scientific research is increasingly using the tools of data analytics and machine learning. These tools rely on “big data” and the idea that powerful computers and sophisticated analytical tools can examine very large data sets to reveal new insights and discoveries. Scientists believe this data-driven approach to research will lead to stunning breakthroughs in medicine, education, and many other fields that can dramatically advance human knowledge and well-being. The tension between these two trends is clear. Most privacy laws acknowledge and address that tension. While privacy laws aim to restrict harmful data practices, they typically also are designed to allow for, or even encourage, uses of personal information that are beneficial and valuable to the individual or society. The inherent tension is often resolved by including reasonable exceptions in the laws to allow for necessary or beneficial data uses. But these exceptions are not complete exemptions from privacy obligations; even such beneficial uses of personal information typically remain subject to other protections in privacy laws such as an obligation to maintain the security of the data. Protecting individual privacy is an important part of any use of personal information for research purposes. Organizations that collect, retain, use, or share personal information to advance scientific research should always handle that information with care, protect it from inadvertent disclosure or misuse, and be transparent about the use and protection of that data. But if privacy laws do not take into account and make allowances for the beneficial uses of personal information for research, the advancement of science, the expansion of knowledge, and the realization of new discoveries can be seriously impaired. This article addresses how privacy laws can and should allow for scientific research while still providing meaningful protections for personal information. Part I discuses key principles found in many privacy laws and how each can potentially impact scientific research. Part II describes several prominent privacy laws across different jurisdictions and how each addresses research as a type of data use. Part III briefly discusses the distinction between academic or public-interest research and commercial research. Finally, Part IV provides specific recommendations to lawmakers and regulators on how privacy law should address and accommodate scientific research

Exploring the Impact of Select Speed-Reducing Countermeasures on Pedestrian and Bicyclist Safety

DTNH2217D00042/ DTNH2017F00184Speed is a contributor to both crash frequency and crash severity. This project explored efforts to reduce speed and evaluated their effectiveness in improving safety for pedestrians and bicyclists. Phase 1 was a program scan that identified countermeasures in use throughout the United States. Based on the scan, the team evaluated automated speed enforcement and road conversions in five municipalities to explore their impact on motor vehicle related pedestrian and bicyclist crashes. Phase evaluated safety benefits of a select group of temporary road conversions implemented in response to the COVID-19 pandemic

Privacy Statements Under the GDPR

The need to include specific types of information in a privacy statement is a GDPR compliance obligation that does not get as much attention as some other GDPR requirements. Perhaps that is because privacy statements have been much maligned in recent years. They are too long and full of legalese. Nobody reads them. They are part of a notice and consent approach to privacy that puts an unrealistic burden on consumers to make informed choices. But despite these well-known criticisms, the GDPR doubles down on privacy statements. In fact, gauging by the roughly fourfold increase in privacy statement requirements compared to the previous law, the GDPR quadruples down. As a result, ensuring that a privacy statement is GDPR-compliant is one of the more important obligations that companies must navigate. And meeting the privacy statement requirements effectively is not as simple as it might first appear. This Article discusses how companies should approach and craft their privacy statements to meet these new GDPR requirements, thereby reducing their risk

Nrf2 target genes are induced under marginal selenium-deficiency

A suboptimal selenium supply appears to prevail in Europe. The current study, therefore, was focused on the changes in gene expression under a suboptimal selenium intake. Previous microarray analyses in the colon of mice fed either a selenium-adequate or a moderately deficient diet revealed a change in genes of several pathways. Severe selenium-deficiency has been found previously to influence Nrf2-regulated genes of the adaptive response. Since the previous pathway analyses were done with a program not searching for Nrf2 target genes, respective genes were manually selected and confirmed by qPCR. qPCR revealed an induction of phase II (Nqo1, Gsts, Sult1b1 and Ugt1a6) and antioxidant enzymes (Hmox1, Mt2, Prdx1, Srxn1, Sod1 and Gclc) under the selenium-poor diet, which is considered to compensate for the loss of selenoproteins. The strongest effects were observed in the duodenum where preferentially genes for antioxidant enzymes were up-regulated. These also include the mRNA of the selenoproteins TrxR1 and GPx2 that would enable their immediate translation upon selenium refeeding. The down-regulation of Gsk3β in moderate selenium-deficiency observed in the previous paper provides a possible explanation for the activation of the Nrf2 pathway, because inhibition of GSK3β results in the nuclear accumulation of Nrf2

Analysis of Outcomes in Ischemic vs Nonischemic Cardiomyopathy in Patients With Atrial Fibrillation A Report From the GARFIELD-AF Registry

IMPORTANCE Congestive heart failure (CHF) is commonly associated with nonvalvular atrial fibrillation (AF), and their combination may affect treatment strategies and outcomes