Toward Consent in Molecular HIV Surveillance? Perspectives of Critical Stakeholders
Research Article
Stephen Molldrem, Anthony K J Smith, Vishnu Subrahmanyam
AJOB Empirical Bioethics, 28 September 2023
Abstract
Background
The emergence of molecular HIV surveillance (MHS) and cluster detection and response (CDR) programs as key features of the United States (US) HIV strategy since 2018 has caused major controversies. HIV surveillance programs that re-use individuals’ routinely collected clinical HIV data do not require consent on the basis that the public benefit of these programs outweighs individuals’ rights to opt out. However, criticisms of MHS/CDR have questioned whether expanded uses of HIV genetic sequence data for prevention reach beyond traditional public health ethics frameworks. This study aimed to explore views on consent within MHS/CDR among critical stakeholders.
Methods
In 2021 we interviewed 26 US HIV stakeholders who identified as being critical or concerned about the rollout of MHS/CDR. Stakeholders included participants belonging to networks of people living with HIV, other advocates, academics, and public health professionals. This analysis focused on identifying the range of positions among critical and concerned stakeholders on consent affordances, opt-outs, how to best inform people living with HIV about how data about them are used in public health programs, and related ethical issues.
Results
Participants were broadly supportive of introducing some forms of consent into MHS/CDR. However, they differed on the specifics of implementing consent. While some participants did not support introducing consent affordances, all supported the idea that people living with HIV should be informed about how HIV surveillance and prevention is conducted and how individuals’ data are used.
Conclusions
MHS/CDR has caused sustained controversy. Among critical stakeholders, consent is generally desirable but contested, although the right for people living with HIV to be informed was centrally supported. In an era of big data-driven public health interventions and routine uses of HIV genetic sequence data in surveillance and prevention, CDC and other agencies should revisit public health ethics frameworks and consider the possibility of consent processes.

A Conceptual Consent Request Framework for Mobile Devices
Olha Drozd, Sabrina Kirrane
Information, 19 September 2023; 14(9)
Open Access
Abstract
The General Data Protection Regulation (GDPR) identifies consent as one of the legal bases for personal data processing and requires that it should be freely given, specific, informed, unambiguous, understandable, and easily revocable. Unfortunately, current technical mechanisms for obtaining consent often do not comply with these requirements. The conceptual consent request framework for mobile devices that is presented in this paper, addresses this issue by following the GDPR requirements on consent and offering a unified user interface for mobile apps. The proposed conceptual framework is evaluated via the development of a City Explorer app with four consent request approaches (custom, functionality-based, app-based, and usage-based) integrated into it. The evaluation shows that the functionality-based consent, which was integrated into the City Explorer app, achieved the best evaluation results and the highest average system usability scale (SUS) score. The functionality-based consent also scored the highest number of SUS points among the four consent templates when evaluated separately from the app. Additionally, we discuss the framework’s reusability and its integration into other mobile apps of different contexts.

Developing Consent Tools for the Research Community at the German Human GenomePhenome Archive (GHGA)
Andreas Bruns, Simon Parker, Fruzsina Molnár-Gábor, Eva C. Winkler
Conference on Research Data Infrastructure, 7 September 2023
Abstract
The German Human Genome-Phenome Archive (GHGA) aims to enable the responsible sharing of human omics data for secondary research use across Germany and Europe. Informed consent is the most commonly used legal and ethical basis for processing omics data for secondary use. However, obtaining informed consent from Data Subjects can be challenging when data is to be widely shared and reused beyond the initial purpose of collection. To address these challenges, the ELSI (Ethical, Legal, and Social Implications) Group of GHGA has developed consent tools for the research community. First, we have developed a toolkit for prospective data collection, which consists of consent modules and complementary advice on how to update or create new consent forms. Second, we have created a legacy consent toolkit that can be used by researchers to assess whether the consent under which data was originally collected covers further data processing for secondary research purposes.

Beyond data transactions: a framework for meaningfully informed data donation
Alejandra Gomez Ortega, Jacky Bourgeois, Wiebke Toussaint Hutiri, Gerd Kortuem
AI & Society, 30 August 2023
Open Access
Abstract
As we navigate physical (e.g., supermarket) and digital (e.g., social media) systems, we generate personal data about our behavior. Researchers and designers increasingly rely on this data and appeal to several approaches to collect it. One of these is data donation, which encourages people to voluntarily transfer their (personal) data collected by external parties to a specific cause. One of the central pillars of data donation is informed consent, meaning people should be adequately informed about what and how their data will be used. However, can we be adequately informed when it comes to donating our data when many times we don’t even know it is being collected and, even more so, what exactly is being collected? In this paper, we investigate how to foster (personal) data literacy and increase donors’ understanding of their data. We introduce a Research through Design approach where we define a data donation journey in the context of speech records, data collected by Google Assistant. Based on the data donation experiences of 22 donors, we propose a data donation framework that understands and approaches data donation as an encompassing process with mutual benefit for donors and researchers. Our framework supports a donation process that dynamically and iteratively engages donors in exploring and understanding their data and invites them to (re)evaluate and (re)assess their participation. Through this process, donors increase their data literacy and are empowered to give meaningfully informed consent.

Dynamic consent, communication and return of results in large-scale health data reuse: Survey of public preferences
Sam Ha Muller, Ghislaine Jmw van Thiel, Menno Mostert, Johannes Jm van Delden
Digit Health, 16 August 2023
Open Access
Abstract
Dynamic consent forms a comprehensive, tailored approach for interacting with research participants. We conducted a survey study to inquire how research participants evaluate the elements of consent, information provision, communication and return of results within dynamic consent in a hypothetical health data reuse scenario. We distributed a digital questionnaire among a purposive sample of patient panel members. Data were analysed using descriptive and nonparametric inferential statistics. Respondents favoured the potential to manage changing consent preferences over time. There was much agreement between people favouring closer and more specific control over data reuse approval and those in favour of broader approval, facilitated by an opt-out system or an independent data reuse committee. People want to receive more information about reuse, outcomes and return of results. Respondents supported an interactive model of research participation, welcoming regular, diverse and interactive forms of communication, like a digital communication platform. Approval for reuse and providing meaningful information, including meaningful return of results, are intricately related to facilitating better communication. Respondents favoured return of actionable research results. These findings emphasize the potential of dynamic consent for enabling participants to maintain control over how their data are being used for which purposes by whom. Allowing different options to shape a dynamic consent interface in health data reuse in a personalized manner is pivotal to accommodate plurality in a flexible though robust manner. Interaction via dynamic consent enables participants to tailor the elements of participation they deem relevant to their own preferences, engaging diverse perspectives, interests and preferences.

Withdrawal of consent for processing personal data in biomedical research
Marcu Florea
International Data Privacy Law, 15 June 2023
Open Access
Excerpt
In the context of biomedical research, consent is both a ground for the lawful processing of personal data and a bioethical requirement for participation in scientific research projects. While the conditions for obtaining valid consent are extensively discussed in legal and bioethical literature, withdrawal of consent has received considerably less attention. According to the EU General Data Protection Regulation (GDPR), that data subjects have the right to withdraw their consent at any time, but the duties of the entities processing personal data are not clearly defined in the text of the Regulation. Pursuant to Article 7 GDPR, withdrawal ‘shall not affect the lawfulness of processing based on consent before its withdrawal’, but there is no clear specification of the rules governing what happens after this moment…

Obtaining Informed Consent for Future Reuse of Patient Data
Kelly FitzGerald
Applied Clinical Trials, 8 June 2023; 32(6)
Excerpt
…One of the first national policies regarding this was the National Institutes of Health (NIH) Genomic Data Sharing Policy enacted in 2014, which established the expectation of broad and responsible sharing of genomic research data. During the public comment period and subsequent publication of the final policy, the issue of adequate informed consent for this kind of far-reaching research was raised. This resulted in NIH recommending that investigators seek the broadest consent possible when first obtaining consent from participants. However, NIH recognized that in some cases, limits will still be required, and it allows for use of controlled access databases as a way to mitigate concerns.

The policy requires that participants provide consent for sharing their data, even after it is de-identified, in order for the data to be deposited in an accessible database. The policy also requires that institutions, usually by way of their institutional review boards (IRBs), confirm the data sharing is consistent with the informed consent of study participants, and that consideration was given to the risks to individual participants and their families as well as groups or populations associated with the data…

Massive Omission of Consent (MOOC): Ethical Research in Educational Big Data Studies
Eamon Costello, James Brunton, Richard Bolger, Tiziana Soverino, Clément Juillerac
Online Learning Journal, 1 June 2023
Abstract
Ethical reviews of research plans function as a cornerstone of good research practice in order that no harm should come to participants. Ethical concerns have taken on a new salience in a digital world where data can be generated at scale. Big data research has grown rapidly, raising increased ethical concerns. Several intersecting areas of big data research exist within educational research, such as learning analytics, artificial intelligence (AI), and Massive Open Online Courses (MOOCs). In the current study, an investigation was made of peer-reviewed papers on MOOC teaching and learning to determine if they explicitly refer to (a) ethical considerations in their studies, and (b) obtaining formal ethical approval for their research. This investigation was accomplished through a review of MOOC-related, English-language papers available in Scopus database, over the course of a year. The review produced a total of 1,249 articles, of which, 826 articles related to empirical studies involving human participants where full text of the articles could be obtained. The string “ethic” was searched for within these articles, and resulting articles analyzed, which found that a small fraction, 42 articles (5.08%), mention ethics in relation to the study presented in the article, and only 13 articles (1.57%) explicitly mention obtaining formal ethical approval for the research. The findings show a lack of transparency in reporting on and/or engagement with ethical considerations in MOOC teaching and learning research. These findings indicate the need for further stakeholder engagement and sectoral dialogue in relation to ethics education and training for researchers; consideration of ethics in big data studies in education; and norms/policies in academic publishing for authors to report how ethical issues have been considered.

Privacy for IoT: Informed consent management in Smart Buildings
Chehara Pathmabandu, John Grundy, Mohan Baruwal Chhetri, Zubair Baig
Future Generation Computer Systems, August 2023; 145 pp 367-383
Abstract
Smart Buildings (SBs) employ the latest IoT technologies to automate building operations and services with the objective of increasing operational efficiency, maximising occupant comfort, and minimising environmental impact. However, these smart devices – mostly cloud-based – can capture and share a variety of sensitive and private data about the occupants, exposing them to various privacy threats. Given the non-intrusive nature of these devices, individuals typically have little or no awareness of the data being collected about them. Even if they do and claim to care about their privacy, they fail to take the necessary steps to safeguard it due to the convenience offered by the IoT devices. This discrepancy between user attitude and actual behaviour is known as the ‘privacy paradox’. To address this tension between data privacy, consent and convenience, this paper proposes a novel solution for informed consent management in shared smart spaces. Our proposed Informed Consent Management Engine (ICME) (a) increases user awareness about the data being collected by the IoT devices in the SB environment, (b) provides fine-grained visibility into privacy conformance and compliance by these devices, and (c) enables informed and confident privacy decision-making, through digital nudging. This study provides a reference architecture for ICME that can be used to implement diverse end-user consent management solutions for smart buildings. A proof-of-concept prototype is also implemented to demonstrate how ICME works in a shared smart workplace. Our proposed solution is validated by conducting expert interviews with 15 highly experienced industry professionals and academic researchers to understand the strengths, limitations, and potential improvements of the proposed system.