Gauthier Chassang, Lisa Feriol

European Data Protection Law Review, Volume 10 (2024), Issue 1, Page 57 - 68

The article explores the challenges in implementing data altruism, focusing on personal health data altruism for scientific research purposes. The analysis highlights conceptual gaps and lack of clarity of the Data Governance Act (DGA) provisions and their unclear interplay with the General Data Protection Regulation (GDPR). Ethical considerations regarding the relationship between altruism and solidarity-based systems are discussed, along with legal issues surrounding the scope of data altruism and consent requirements in different scenarios of personal health data altruism for scientific research. The discussion extends to existing opt-out practices in scientific research and their recognition, pointing out potential drawbacks of an overly restrictive emphasis on consent in the context of data altruism. The conclusion highlights the conceptual and ethical shortcomings of data altruism, advocates for the development of an integrative approach to altruism within the regulatory sphere and within health data-sharing organisations for encouraging collaboration and recognition of contributors to not-for-profit research in the public interest. Ultimately, the article supports the development of new approaches to participation in research through dynamic opt-out mechanisms in health systems and emphasises the need for clearer regulatory guidance to unlock the full potential of health data altruism. Keywords: data altruism; personal health data; scientific research; Data Governance Act; DGA

Maitrayee Pathak

European Data Protection Law Review, Volume 10 (2024), Issue 1, Page 43 - 56

This article explores the evolution of EU Data Regulations from the GDPR, through the DMA, DSA, DGA, Data Act and the upcoming AI Act. It addresses a research gap of a comprehensive evolutionary view of a significant regulatory expansion in the scope of data, the diversification of regulated entities, and the increasing complexity of data management activities. Through a comparative legal analysis, it highlights how the regulations responded to digital challenges, from the often obscure and anticompetitive data management practices of big tech companies to the emergence of new technologies such as IoT, smart contracts and generative AI, and created the expansion of regulatory reach to new entities, including gatekeepers, online intermediaries, data intermediaries, data altruism organisations, manufacturers of connected products, AI system developers and many more, and a broadening scope of data from personal to non-personal and business data. Our analysis critically assesses the alignment of this evolution with the European Data Strategy of creating a single market for data through fostering innovation and competition, and shaping a society empowered by data by safeguarding fundamental rights through ensuring data access, accountability and transparency. This article contributes to understanding the EU's evolving approach to data governance, fundamental rights and innovation. Keywords: data governance; EU Data Strategy; data privacy; smart contracts; artificial intelligence; AI