EU Parliamentary Committee advising against US data pact | The Register

Lawmakers in the European Parliament have urged the European Commission not to issue the “adequacy decision” needed for the EU-US Data Privacy Framework (DPF) to officially become the pipeline for data to freely flow from the EU to the States.

It almost goes without saying that the current operation of the technology sector in Europe would not work without US tech companies’ services – so data transfers to these American corporations cannot practicably be avoided. However, European rules around privacy, data collection, and data subjects’ rights are considerably stronger than those in America, hence the need for rules of engagement that make US companies’ treatment of EU data as good as what they’d get at home.

The DPF was announced in March last year and is meant to address concerns raised by the EU’s Court of Justice in Schrems II, a 2020 case that struck down the so-called Privacy Shield data protection arrangements between the political bloc and the US.

EU president Ursula von der Leyen and US president Joe Biden said they’d reached an agreement in principle on the framework for transatlantic data flows at the time, with Biden signing an executive order (EO) on the matter in October last year.

But the European Parliament’s Committee on Civil Liberties, Justice and Home Affairs (LIBE) is still not happy with what it sees, and has put out a nonbinding draft opinion [PDF] on how adequate it thinks the protection given by the proposed cross-border data rules is. In short: it ain’t.

[…]

 

 

France rules Google Analytics non-compliant with GDPR | Matomo

The French Data Protection Agency, CNIL (Commission nationale de l’informatique et des libertés), has concluded that the use of Google Analytics is illegal under GDPR. The CNIL has begun issuing formal notices to website managers using Google Analytics.

Apropos Data Sharing: Abandon the Distrust and Embrace the Opportunity | DNA and Cell Biology

Abstract:  In this commentary, we focus on the ethical challenges of data sharing and its potential in supporting biomedical research. Taking human genomics (HG) and European governance for sharing genomic data as a case study, we consider how to balance competing rights and interests—balancing protection of the privacy of data subjects and data security, with scientific progress and the need to promote public health. This is of particular relevancy in light of the current pandemic, which stresses the urgent need for international collaborations to promote health for all. We draw from existing ethical codes for data sharing in HG to offer recommendations as to how to protect rights while fostering scientific research and open science.

 

 

 

Full article: Open science and sharing personal data widely – legally impossible for Europeans?

“A requirement for having a research paper published in many medical journals is that the authors include a data sharing statement. Although the requirement from the International Committee of Medical Journal Editors is not very strict, simply requiring a statement [1], interpretation varies. Some journals essentially require that data must be readily available for other researchers for the paper to be accepted.

While most of us eagerly welcome open science and reuse of data to ensure reproducible science, the EU General Data Protection Regulation (GDPR) provides strong protection of privacy and rather restricts and counteracts open sharing of personal data [2]. Some editors will accept that data are not readily sharable with others than peer reviewers for legal reasons. However, editors of non-European journals will often object to a GDPR-compatible data sharing statement and, consequently and often at the last minute, reject the research paper.

Why is this an issue? How difficult is it for European researchers to share data with researchers in other parts of the world?”

Commission adopts adequacy decisions for the UK | European Union

 EU Press Release, June 28, 2021:

The Commission has today adopted two adequacy decisions for the United Kingdom – one under the General Data Protection Regulation (GDPR) and the other for the Law Enforcement Directive. Personal data can now flow freely from the European Union to the United Kingdom where it benefits from an essentially equivalent level of protection to that guaranteed under EU law. The adequacy decisions also facilitate the correct implementation of the EU-UK Trade and Cooperation Agreement, which foresees the exchange of personal information, for example for cooperation on judicial matters. Both adequacy decisions include strong safeguards in case of future divergence such as a ‘sunset clause’, which limits the duration of adequacy to four years.

Open Access: A citizen’s guide to discovering who holds your info – and what’s in there

“When people think of getting information from public bodies, they often think of Freedom of Information (FOI). But when it comes to accessing records which contain your personal information, there are now more avenues than FOI.

Of course, it’s still a useful route – while many think of the FOI request as the preserve of journalists for stories about politicians’ expenses or the behind the scenes of some dubious government decision, in fact of the nearly 40,000 FOI requests last year, nearly 60% were for personal information….”

 

Datasharing: obsolete? impossible in times of GDPR ? Or mandatory in science?! – Mischak – – European Journal of Clinical Investigation – Wiley Online Library

“All the above facts and issues contribute to the reluctance towards data sharing that is a prominent problem ever since, as in general nobody is tempted to invite severe critique. In addition, data sharing also takes away ownership of the data from the individual scientist, which also does not raise the interest in data sharing, even if this practice in fact is ethical, especially if data are generated using public or social security money.

This situation has recently substantially worsened, as a result of the introduction of the general data protection rule (GDPR) in Europe, which is echoed by similar yet not as detrimental legal frameworks in other countries. The introduction of GDPR, while theoretically likely starting from the positive aim to protect individuals from exploitation, by now has had a severe negative impact on science (and likely also on other areas, not the topic of this article) [1]. GDPR has been (ab)used to refuse sharing of raw data. As a result, interpretation of the actual data collected in a study is left solely to the scientists conducting the study, any re-evaluation or attempt to reproduce results by the scientific community is not possible in such a case, e.g. [2,3]. Additional negative side-effects are that the data, even though generated with public funding, are not accessible for the public who actually paid for the generation of these data in the first place. The consequence is also that similar data have to be generated again, in case they are required for any further experiment. Such an approach is inappropriate, and should neither be tolerated by (public) funders of studies, nor be supported by publishers….”

Transitioning punctum books to Open Source Infrastructure · punctum books

“Without open source digital infrastructure, open access publishing has no long-term chance of truly remaining open, that is, not only free to read but also free to write, free to edit, and free to publish. Without a commitment to make, as much as possible, the entire book production pipeline open, the decision of who gets to write and who gets to read will always remain beholden to actors that do not consider the public good their first priority.

An overarching profit motive of any of the vendors that punctum books uses as part of its pipeline posits a risk for our open access ideal: we are as weak as our most commercial link. Furthermore, the implementation of GDPR in the European Union obliges us to be much more careful with what happens with the personal data of our authors and readers – and rightfully so. Like knowledge, privacy is a public good that is at odds with the idea of profit maximalization. The open source community, on the contrary, embraces the public sharing of knowledge while safeguarding the human right to privacy.

Our first step was to find a replacement of the technically most complicated part of the book production process, the book design itself. This brought us to the good folks of Editoria, who are very close to cracking the nut of creating an open source online collaborative environment for the editing of scholarly texts combined with an output engine that creates well designed EPUB, HTML, PDF, and ICML output formats.

Through the COPIM project of Scholarled, punctum books was also already involved in the development of a metadata database and management system (under the codenames Thoth and Hapi) that will be the first free and open source system to generate ONIX, MARC, and KBART records….”

Transitioning punctum books to Open Source Infrastructure · punctum books

“Without open source digital infrastructure, open access publishing has no long-term chance of truly remaining open, that is, not only free to read but also free to write, free to edit, and free to publish. Without a commitment to make, as much as possible, the entire book production pipeline open, the decision of who gets to write and who gets to read will always remain beholden to actors that do not consider the public good their first priority.

An overarching profit motive of any of the vendors that punctum books uses as part of its pipeline posits a risk for our open access ideal: we are as weak as our most commercial link. Furthermore, the implementation of GDPR in the European Union obliges us to be much more careful with what happens with the personal data of our authors and readers – and rightfully so. Like knowledge, privacy is a public good that is at odds with the idea of profit maximalization. The open source community, on the contrary, embraces the public sharing of knowledge while safeguarding the human right to privacy.

Our first step was to find a replacement of the technically most complicated part of the book production process, the book design itself. This brought us to the good folks of Editoria, who are very close to cracking the nut of creating an open source online collaborative environment for the editing of scholarly texts combined with an output engine that creates well designed EPUB, HTML, PDF, and ICML output formats.

Through the COPIM project of Scholarled, punctum books was also already involved in the development of a metadata database and management system (under the codenames Thoth and Hapi) that will be the first free and open source system to generate ONIX, MARC, and KBART records….”

OKFN Open Science Mailing List will close on 31 Jan 2020 – where to next?

“Open Knowledge Foundation will be closing down their mailman lists by January 31st, 2020….Instead they will focus on offering a Discourse forum (https://discuss.okfn.org) which already has an open science category: https://discuss.okfn.org/c/working-groups/open-science

There are two things for members of this list to think about: 1 – where are the important conversations on open science happening now? What new lists should we join as this one closes and are there gaps that need to be filled? 2 – where to preserve the list archives? Open Knowledge Foundation do not plan to do so publicly and there is value (I think) in preserving conversations dating back 12 years to a time when open science was at a completely different level of development. If anyone has ideas or could help with archiving that would be great – I have asked for a copy to be kept but I don’t know in what form it will arrive!

As a very early member of this list I think it played an important role in developing an open science community that has spun into many active and exciting communities around the world. Moving on is not a bad thing and there are so many more communication channels to connect on open science topics than back in 2008 – I’d love to hear your recommendations! …

The decision has come about for three reasons:

 1. Managing the mailing lists and keeping the infrastructure up to date represents an effort in terms of resources and administration time that Open Knowledge Foundation is unable to meet going forward.

2. GDPR: EU legislation now requires us to have an active and current knowledge of the data held on our websites, as well as the consent of the subscribers regarding the use of their personal data, to ensure GDPR compliance. Unfortunately, Mailman mailing lists don’t comply with this Directive, which means we can’t use this tool any more.

3. We are currently implementing a new strategy within Open Knowledge Foundation which will focus the organisation on several key themes, namely Education, Health and Work. We want to keep fostering conversations but let groups choose what the best platform is for that.”

GDPR and the research process: What you need to know : OpenAIRE blog

“GDPR has a dual objective, protecting the data subject and, at the same time, increasing the free and lawful flow of data. By adhering to the GDPR principles, the research community is able to ensure maximum protection of personal data while maximizing the potential of opening research to the world.”