Explicit Consent and Alternative Data Protection Processing Grounds for Health Research

Jiahong Chen, Edward Dove, Himani Bhakuni

Research output: Working paper / PreprintPreprint

Abstract

In this chapter, we discuss the boundaries between explicit consent and other available legitimizing mechanisms in EU data protection law for health research, focusing on sensitive data. This begins with an overview of the normative values and limitations of consent, highlighting the partially overlapping but not entirely identical roles of consent in health research and data protection, and the possibility of relying on alternative safeguards when public interests are involved. Such normative debates, including the differences between research participant consent and data subject consent, are then put into a legal context, with an analysis of the interplay between explicit consent and other exemptions under Article 9(2) GDPR, such as the scientific research exemption. Grounded in this baseline framework, all 30 jurisdictions currently subject to the GDPR (as well as the UK) are compared in terms of how national laws have treated explicit consent and the scientific research exemption differently. Our analysis shows a divergent regulatory landscape when itcomes to the rules governing the use of sensitive data for health research.
Original languageEnglish
PublisherSocArXiv
Pages1-29
DOIs
Publication statusPublished - 7 Aug 2021

Keywords

  • GDPR
  • sensitive data
  • explicit consent
  • research exemption
  • health research
  • public interest

Cite this