Addressing legal implications of sharing data
Thanks to the RDA Europe Early Career Program, I was able to attend the 12th RDA Plenary in Gaborone, Botswana as part of the International Data Week 2018. A common topic emerging throughout the International Data Week was the conflict between the potential benefits of sharing health data and privacy concerns.
The consideration of legal aspects is a necessary step before making data openly accessible. Also, the FAIR principles highlight the importance of licensing for making data reusable. (Wilkinson et al., 2018) Legal uncertainty is a major barrier to data sharing. For example, a comparison of surveys at German universities showed that information needs regarding legal issues were high across all institutions, with 51.3% to 70% of respondents expressing the need for information services on copyright law, licensing and protection of privacy. (Strecker, 2018)
During the joint session “Shareable Data - Metadata, Issues of Privacy and Legal Implications” of the IG Metadata, IG RDA/NISO Privacy Implications of Data Sets and the IG RDA/CODATA Legal Interoperability, a few interesting approaches to address these issues were presented.
Professor Jane Greenberg, director of the Metadata Research Center at Drexel University, presented results from the project “A licensing model and ecosystem for data sharing”. The project aims at automating parts of the process to reach legal agreements for data sharing. To facilitate sharing of data that is not necessarily open or free, a licensing model is created by collecting and analysing existing agreements. So far, the project has collected 80 data sharing agreements. ShareDB, a prototype platform for sharing and analysing data, is being developed to implement the licensing terms.
Todd Carpenter, executive director of the National Information Standards Organization (NISO), presented results from the IG RDA/NISO Privacy Implications of Data Sets. The interest group explores issues related to personally identifiable information in data sets. The goal is to develop a framework for how researchers and repositories should manage human-related data sets, compile a bibliography of resources and build awareness. The results can also inform activities of other RDA groups. So far, the IG has collected use cases on privacy issues for researchers and repositories, compiled a glossary of more than 100 related terms and a list of privacy regulations in different countries.
These approaches to share knowledge across institutions, automate time-consuming processes and reduce uncertainty could make it easier to share data and respect privacy regulations.
This could also be a first step towards implementing legal metadata in machine actionable data management plans. Collecting and updating metadata necessary for decisions on data sharing and access throughout the data life cycle could facilitate decisions and remove barriers to data sharing due to legal uncertainty.