A Comparative Data Protection Analysis of Healthcare Robots: On Informed Consent in Human-Robot Interaction

A Comparative Data Protection Analysis of Healthcare Robots: On Informed Consent in Human-Robot Interaction
Research Article
Yueh-Hsuan Weng
Frontiers in Artificial Intelligence and Applications, 1 January 2023
Abstract
As societies across the developed world are dealing with problems associated with aging populations, a promising solution in the form robotics technologies that support elderly people in their daily healthcare has emerged. However, emerging technology are like a double-edge sword. Although healthcare robots can be used for elderly and disabled people with different levels of assistive supports, ie by monitoring their real time health for prompt interaction or by communicating with people to reduce their anxiety, they also bring with them many concerns from an ethical, legal and societal perspective. Among them, one serious issue is privacy and data protection. When healthcare robots are powered by machine learning and distributed databases, “data-driven” networked healthcare robots will be able to gather a huge amount of personal data in physical environments through their interactions with humans. There are several alternative approaches of data protection for “data-driven” networked healthcare robots, including privacy by design, de-identification of data and informed consent. In this article our focus is on the issue of informed consent in human-robot interaction. My argument is that specific conditions of intelligent robots (i.e., embodiment) will mean that the principle of informed consent cannot just be copied and applied to “data-driven” networked healthcare robots. I will make the comparison of the two types of informed consent to clarify our targeted “informed consent in human-robot interaction”. Furthermore, there is a need to discuss potential legal conflicts of this new type of informed consent when it is applied to different countries and their respective legal regimes. Hence, in this article I will conduct a comparative legal analysis of European, American and Japanese data protection law to investigate how such differences might influence the implementation of informed consent to data-driven healthcare robots.

Exploring the challenges of and solutions to sharing personal genomic data for use in healthcare

Exploring the challenges of and solutions to sharing personal genomic data for use in healthcare
Lasse Parvinen, Ari Alamäki, Heli Hallikainen, Marko Mäki
Health Informatics Journal, January-March 2023; 29(1)
Abstract
Boosted by the COVID-19 pandemic, as well as the tightened General Data Protection Regulation (GDPR) legislation within the European Union (EU), individuals have become increasingly concerned about privacy. This is also reflected in how willing individuals are to consent to sharing personal data, including their health data. To understand this behaviour better, this study focuses on willingness to consent in relation to genomic data. The study explores how the provision of educational information relates to willingness to consent, as well as differences in privacy concerns, information sensitivity and the perceived trade-off value between individuals willing versus unwilling to consent to sharing their genomic data. Of the respondents, 65% were initially willing to consent, but after educational information 89% were willing to consent and only 11% remained unwilling to consent. Educating individuals about potential health benefits can thus help to correct the beliefs that originally led to the unwillingness to share genomic data.

Evaluation of consent to link Twitter data to survey data

Evaluation of consent to link Twitter data to survey data
Zeina Mneimneh
Journal of the Royal Statistical Society, December 2022; 185(S2) pp 364-386
Abstract
This study presents an initial framework describing factors that could affect respondents’ decisions to link their survey data with their public Twitter data. It also investigates two types of factors, those related to the individual and to the design of the consent request. Individual‐level factors include respondents’ attitudes towards helpful behaviours, privacy concerns and social media engagement patterns. The design factor focuses on the position of the consent request within the interview. These investigations were conducted using data that was collected from a web survey on a sample of Twitter users selected from an adult online probability panel in the United States. The sample was randomly divided into two groups, those who received the consent to link request at the beginning of the survey, and others who received the request towards the end of the survey. Privacy concerns, measures of social media engagement and consent request placement were all found to be related to consent to link. The findings have important implications for designing future studies that aim at linking social media data with survey data.

Consent Codes: Maintaining Consent in an Ever-expanding Open Science Ecosystem

Consent Codes: Maintaining Consent in an Ever-expanding Open Science Ecosystem
Stephanie O. M. Dyke, Kathleen Connor, Victoria Nembaware, Nchangwi S. Munung, Kathy Reinold, Giselle Kerry, Mamana Mbiyavanga, Lyndon Zass, Mauricio Moldes, Samir Das, John M. Davis, Jordi Rambla De Argila, J. Dylan Spalding, Alan C. Evans, Nicola Mulder, Jason Karamchandani
Neuroinformatics, 15 December 2022
Open Access
Abstract
We previously proposed a structure for recording consent-based data use ‘categories’ and ‘requirements’ – Consent Codes – with a view to supporting maximum use and integration of genomic research datasets, and reducing uncertainty about permissible re-use of shared data. Here we discuss clarifications and subsequent updates to the Consent Codes (v4) based on new areas of application (e.g., the neurosciences, biobanking, H3Africa), policy developments (e.g., return of research results), and further practical considerations, including developments in automated approaches to consent management.

An e-consent framework for tiered informed consent for human genomic research in the global south, implemented as a REDCap template

An e-consent framework for tiered informed consent for human genomic research in the global south, implemented as a REDCap template
Database
Tsaone Tamuhla, Nicki Tiffin, Taryn Allie
BMC Medical Ethics, 24 November 2022; 23(119)
Open Access
Abstract
Research involving human participants requires their consent, and it is common practice to capture consent information on paper and store those hard copies, presenting issues such as long-term storage requirements, inefficient retrieval of consent forms for reference or future use, and the potential for transcription errors when transcribing captured informed consent. There have been calls to move to electronic capture of the consent provided by research participants (e-consent) as a way of addressing these issues. A tiered framework for e-consent was designed using the freely available features in the inbuilt REDCap e-consent module. We implemented ‘branching logic’, ‘wet signature’ and ‘auto-archiver’ features to the main informed consent and withdrawal of consent documents. The branching logic feature streamlines the consent process by making follow-up information available depending on participant response, the ‘wet signature’ feature enables a timestamped electronic signature to be appended to the e-consent documents and the ‘auto-archiver’ allows for PDF copies of the e-consent documents to be stored in the database. When designing the content layout, we provided example participant information text which can be modified as required. Emphasis was placed on the flow of information to optimise participant understanding and this was achieved by merging the consent and participant information into one document where the consent questions were asked immediately after the corresponding participant information. In addition, we have provided example text for a generic human genomic research study, which can be easily edited and modified according to specific requirements. Building informed consent protocols and forms without prior experience can be daunting, so we have provided researchers with a REDCap template that can be directly incorporated into REDCap databases. It prompts researchers about the types of consent they can request for genomics studies and assists them with suggestions for the language they might use for participant information and consent questions. The use of this tiered e-consent module can ensure the accurate and efficient electronic capture and storage of the consents given by participants in a format that can be easily queried and can thus facilitate ethical and effective onward sharing of data and samples whilst upholding individual participant preferences.

Toward Dynamic Consent for Privacy-Aware Pervasive Health and Well-being: A Scoping Review and Research Directions

Toward Dynamic Consent for Privacy-Aware Pervasive Health and Well-being: A Scoping Review and Research Directions
Hyunsoo Lee, Uichin Lee
IEEE Pervasive Computing, 2022; pp 1-8
Abstract
Recent advances in sensor-enabled services have facilitated the use of mobile, wearable, and IoT devices; for example, an extensive range of sensor data are used to automatically track symptoms and diagnose health and well-being status of an individual (e.g., depression). As personal data are being continuously and unobtrusively sensed and collected at large scale, this raises privacy concerns in certain contexts (e.g., GPS data collection at privacy-sensitive places). Current one-off informed consent in such pervasive sensing scenarios does not offer context-awareness support that enables selective data disclosure based on a user’s needs or preferences (e.g., disabling GPS data collection when visiting hospitals). A lack of context-awareness support in informed consent would be a critical barrier to user acceptance of data-intensive pervasive computing for health and well-being. As an alternative method, we introduce the concept of “dynamic consent,” a type of informed consent that enables granular data consent and management, initially introduced in biomedical research for patient data management. We explore how this consent practice within biomedical research might inform usable privacy designs in pervasive computing by conducting a scoping review of dynamic consent literature and discussing future research directions.

Computable Consent – From Regulatory, Legislative, and Organizational Policies to Security Policies

Computable Consent – From Regulatory, Legislative, and Organizational Policies to Security Policies
Conference paper
Zoran Milosevic, Frank Pyefinch
International Conference on Enterprise Design, Operations, and Computing, 28 September 2022; Italy
Abstract
Consumer-facing health applications are increasingly requiring flexible approaches for expressing consumer consent preferences for the use of their health data across multiple providers, and across cloud and on-premises systems. This and the recognition of the need for clear governance and legislative rules that specify enforceable policies over how consumer data is used by the nominated and other providers, including AI vendors, increasingly require machine readable, i.e. computable consent expressions. These expressions can be regarded as additional constraints over security policies, applicable to all stakeholders, while accommodating rules from regulatory and legislative policies. Support for both kind of policies contribute to improving consumer trust in the use of their data. This is applicable to both care delivery processes but also research projects, such as clinical trials. This paper proposes a computable consent framework and positions it in the context of the new developments within Health Level Seven (HL7®) Fast Health Interoperability Resources (FHIR®) standard. The proposal is based on the use of precise policy concepts from the ISO/ITU-T RM-ODP (Reference Model for Open Distributed Processing) standard. The aim is to provide general standards-based policy semantics guidance to interoperability/solution architects and implementers involved in digital health applications. The framework is driven by consent requirements, while leveraging broader policy input from medico-legal community.

Consent form, the highest ethical standard in creating DNA databases for criminal investigation

Consent form, the highest ethical standard in creating DNA databases for criminal investigation
Renata Jankova, Pavlinka Donevska-Stefanov, Natasha Bitoljanu, Goran Pavlovski, Robert Janevski, Aleksandar Stankov
Forensic Science International: Genetics Supplement Series, 25 October 2022
Abstract
Preparation of DNA databases for the purpose of criminal investigation opens discussions about ethical-legal issues concerning violation of human rights. The practice shows that one of the human rights that can be misused while creating such a database is the right to freedom, the freedom to make a decision. When preparing DNA databases, the right to freedom refers to free decision of the person to be sampled for carrying out the test. The right to freedom and respect to self-determination of the person implies the necessity of prior consent of the subject when preparing a database on general population level. This is not a case when databases are created from persons under investigation for committing a crime, who are compulsory subjected for obtaining samples for DNA analysis. Legal regulations approve the duty of the police and its authorization in collecting samples for personal or criminalistic identification, analyzing, keeping and eliminating collected personal information when criminal prosecution is concerned. In these cases, consent form from the subject is not necessary. However, we should be aware that the process of taking and collecting of personal information by the national institutions can have direct impact of privacy of the subject, no matter if this information is going to be used or not. In purpose of fair balance between public and private interest, consent form can be redefined and the person from whom the biological material is provided will be unequivocally made aware of the purposes for which his genetic data will be used, how long his DNA will undergo further automated processing, and about the procedure and under what conditions his DNA profile can be removed from the national DNA databases.

Safeguarding Personal Data: Meta Consent as a Remedy to Section 28(2)(c) of Kenya’s Data Protection Act

Safeguarding Personal Data: Meta Consent as a Remedy to Section 28(2)(c) of Kenya’s Data Protection Act
Wanditi Gathumbi
Strathmore Law Review, 2022; 7(1) pp 127-159
Abstract
Biometric identity systems have been adopted in the Global South, following the Global North’s lead. The greatest discrepancy, however, is the existence of legal frameworks that govern the use, storage and processing of the data collected. The Kenyan government’s roll-out of the Huduma Namba registration exercise in April 2019 with no existing data protection law in Kenya exemplifies this. Thereafter, Parliament passed the Data Protection Act. Unfortunately, parts of this law are not keen enough to protect personal data. Deviating from the requirement for personal data to be directly collected from the data subject, section 28(2)(c) of the referenced Act permits indirect collection of personal data from a source other than the data subject themselves. Relying on desk-based research and using the Huduma Namba exercise as a case study, this paper examines this permission and the imminent danger it poses to privacy of the personal data of Kenyans. Finding that section 28(2)(c) exposes personal data to the privacy violations of secondary use and exclusion threatens the right to privacy, this research suggests that the meta consent model as embraced by the healthcare sector emerges as a feasible solution. This model allows data subjects to determine their consent preferences i.e., how and when they wish their consent to be sought for further collection and use, at the point of primary collection of personal data. Additionally, this paper recommends that the model should be embraced by the judiciary in its adjudication of matters and finally, that an amendment incorporating the solution should be made.

Your Consent Is Worth 75 Euros A Year – Measurement and Lawfulness of Cookie Paywalls

Your Consent Is Worth 75 Euros A Year – Measurement and Lawfulness of Cookie Paywalls
Conference Paper
Victor Morel, Cristiana Santos, Yvonne Lintao, Soheil Human
Workshop on Privacy in the Electronic Society [Los Angeles, USA], 7 November 2022
Open Access
Abstract
Most websites offer their content for free, though this gratuity often comes with a counterpart: personal data is collected to finance these websites by resorting, mostly, to tracking and thus targeted advertising. Cookie walls and paywalls, used to retrieve consent, recently generated interest from EU DPAs and seemed to have grown in popularity. However, they have been overlooked by scholars. We present in this paper 1) the results of an exploratory study conducted on 2800 Central European websites to measure the presence and practices of cookie paywalls, and 2) a framing of their lawfulness amidst the variety of legal decisions and guidelines.