28 January 2015
By Sarion Bowers
We increasingly live in an age of big data, but does that equate to an Orwellian dystopia where “Big Brother is watching you”? Are privacy and data sharing directly in conflict, or can an organisation’s decision to share your personal data be compatible with protecting your freedom and choice?
The European Union is proposing a new Data Protection Regulation, which could curb data sharing in Europe, including for research purposes. Could legislation that is designed to protect individuals from unwanted use of their data actually undermine the wellbeing of the people it seeks to protect?
At the Wellcome Trust Sanger Institute big data is our bread and butter. In January 2014 we reached a major milestone having collected 1 petabyte (1 million gigabytes) of genomic data and we continue to collect about 1 terabyte (1 thousand gigabytes) each day.
The data that we collect is used around the world to improve knowledge of human and animal health. We pride ourselves on our expertise in sequencing and analysing genomes. Our research is overwhelmingly supported by charitable and public funds, so we believe it right and in the public interest that others benefit from the science we create by sharing our expertise, resources and the data we generate. Doing great science is of limited benefit if others cannot use it.
So, if sharing genomic data is in the public interest where does that leave our participants’ privacy? Our human data is generated from volunteers who donate samples. Whether they are apparently healthy people or people with specific illnesses, they appreciate the fact that their data are beneficial to society. For many participants, they do not simply donate for an individual project, but instead expect and want us to share the data we derive from their donation freely with other researchers.
Our participants recognise that it is not possible to predict the future uses for their data but they still consent to and want their data shared for research purposes. This is typically done in a coded anonymised form that prevents researchers from knowing individuals’ identities.
Alongside consent, the Sanger Institute also operates a managed system whereby researchers must apply to access data. An application to access data is never judged on the merits of the science or whether it competes with our own research, but simply on whether the applicants are seeking to use data for legitimate and ethical research purposes.
As we have the consent of our participants to share data, it is not unreasonable to ask why we have managed access. Consent is a fundamental and critical cornerstone of research, the importance of which cannot be underestimated, but believing that consent completely protects participants from having their privacy breached is, perhaps, a mistake.
Every day people give commercial organisations consent to use their data when they sign up for their services and yet often feel their privacy has been invaded if an organisation uses their data in a way they did not expect. This was exemplified in the backlash that accompanied publication of the experiment Facebook carried out on its users. Every user had given consent but many still felt that Facebook had breached their privacy.
At the Sanger Institute, we believe that guarding data from misuse stands alongside consent as the best means to guarantee we protect our participants’ privacy.
Given that consent is rightly enshrined in research and permeates our society, it is understandable that the European Parliament put consent at the heart of their proposed Data Protection Regulations, which will include health-related and genetic data. Under the proposals, individuals need to provide purpose-limited consent for their personal data to be used and they must re-consent on a case-by-case basis for their personal data to be shared.
On the face of it this sounds reasonable, but, in reality, vital research that is legal and ethical would not be possible because of the difficulties of re-consenting thousands of participants each time their data were shared for new research.
We believe that these Regulations will make research at the Sanger Institute and worldwide extremely difficult in a way that would be detrimental to research and healthcare, but critically they also undermine the autonomy of research participants throughout Europe. We should all have the right to say how our data is used.
For these reasons the Sanger Institute has chosen to support the Data Saves Lives Campaign, which aims to persuade the EU to recognise the importance of sharing data for research and to revise its restrictions on research. The Sanger Institute is committed to protecting the privacy of our participants, without whom our work would not be possible.
Over the coming months we will campaign to be allowed to do the research that we believe is so important to patients and beneficial for wider society and in the process we will be campaigning for our participants’ autonomy and their right to self-determination.
Sarion Bowers is the Research Policy Advisor at the Wellcome Trust Sanger Institute. She has a PhD in Biochemistry. Before joining the Institute she did postdoctoral fellowships in Leeds and Connecticut. She recently completed an MSc in Science and Technology Policy, in which she researched the adoption of genomics into the NHS.