A new platform helps researchers and ICT professionals navigate the maze of ethical and legal issues around using data for developing new applications.
Growing use of artificial intelligence and other technologies using big data poses new legal and ethical compliance concerns for researchers and ICT personnel attempting to keep up with new regulations on data protection, privacy and security.
"The PANELFIT interactive platform helps keep researchers and ICT professionals informed of the changing regulatory environment so they can understand and comply with legal and ethical issues around data," says PANELFIT academic coordinator Iñigo de Miguel Beriain, research professor from the department of public law at the University of the Basque Country in Spain.
“It includes concrete practical advice and a corpus of good practices on how to deal with data protection issues,” he adds. “It helps them understand what they can do and where the boundaries and the limits are.”
“We are entering a new era in which data are becoming very important assets, but it’s not so easy to understand the implications and how to exercise the power we might have over our data,” de Miguel Beriain says. “Most researchers and professionals start processing data without having a legal basis for lawful processing. This can have terrible consequences because you might be producing very nice new things but using data that you should not use.”
Changing emphasis
The PANELFIT platform covers the main principles of data regulations such as the EU’s General Data Protection Regulation (GDPR) in force since 2018. “These are intended to implement the main rights that we all have, applicable to all technologies in this world,” explains de Miguel Beriain.
In addition, the platform provides legal advice on five main data-generating and data-dependent technologies – artificial intelligence, biometrics, use of location and proximity data, internet of things and social networks.
The user’s mouse hovers over a principle, or a legal or ethical concept, and a pop-up window provides more information or the user can dive deeper for more detail.
Researchers and ICT professionals also need to understand a shift in emphasis to introduce adequate safeguards for the rights and freedoms of individuals, he explains.
“Till the GDPR, data processing was mostly based on the idea of informed consent and a lot of researchers continue with that kind of mindset. But the GDPR changes that, with the idea that alternative legal bases – such as what is in the public interest – can be even more respectful of data subjects’ rights and freedoms if adequate safeguards are implemented.”
Network of experts and stakeholders
The platform, one of the first of its kind anywhere in the world, was developed after extensive consultations with legal experts and ICT professionals. “It is not just an excellent repository of information, it is the result of a wide exchange of ideas on ethical and legal issues,” he notes.
“We organised a lot of expert panels to explain all these things, including explaining differences in EU Member States’ national laws. The aim is not quantity of information but quality and ease of use, with the content reviewed by external reviewers."
The project built up a network of over 200 members – experts in ICT, law and ethics – with relevant research groups encoding and providing feedback to ensure the platform worked well for end users. “We have been especially careful to include materials for vulnerable populations,” he says.
PANELFIT has also drawn up a code of conduct for using data for ICT research proposals and a handbook on data protection law and legal and ethical issues for the public, journalists, policymakers, stakeholders and other end users based on workshops, public consultations, encounters and surveys with such users.