name: intro class: center, middle # Who Owns My Data? ## University of Maastricht, NL • Nov 9-10, 2017 Puneet Kishor (Plazi) Released under a [CC0 Public Domain Dedication](https://creativecommons.org/publicdomain/zero/1.0/). <div class="slidefooter"> <a href="/Who-Owns-My-Data"><img src="/_lib/img/PunkishEidesisOrg-small.gif"></a> <a rel="license" href="https://creativecommons.org/publicdomain/zero/1.0/"><img src="/_lib/img/zero.png" alt="CC0" width="30" height="30"></a> <div class="navlinks"> <a href="javascript:slideshow.gotoPreviousSlide()">prev</a> <a href="javascript:slideshow.gotoNextSlide()">next</a> </div> </div> --- layout: true <div class="slidefooter"> <a href="/Who-Owns-My-Data"><img src="/_lib/img/PunkishEidesisOrg-small.gif"></a> <a rel="license" href="https://creativecommons.org/publicdomain/zero/1.0/"><img src="/_lib/img/zero.png" alt="CC0" width="30" height="30"></a> <div class="navlinks"> <a href="javascript:slideshow.gotoPreviousSlide()">prev</a> <a href="javascript:slideshow.gotoNextSlide()">next</a> </div> </div> --- ## Help * Notes are hidden, but may be seen by pressing **P** on your keyboard. * Press **C** to clone a show. * Press **H** for other keyboard shortcuts. ??? notes here --- ## Who Owns the Data? <cite>Hall MA, Schulman KA. <a href="http://jama.jamanetwork.com/article.aspx?articleid=183601" target="_blank">Ownership of Medical Information.</a> JAMA. 2009;301(12):1282-1284. doi:10.1001/jama.2009.389.</cite> .left-column[ <h3><img src="img/patient.png" width="67"></h3> ] .right-column[ **The one who receives care?** <blockquote> Patients have rights of privacy and access to their records, but neither federal nor state law explicitly extends property rights to patients. <span class="hilite">For instance, patients do not have the right to sole possession or to the destruction of their original records.</span><br> … <br> Privacy law (which grows out of tort law) may appear to give patients property-like control, but privacy rights enable patients only to block access, not to sell the information, and privacy governs only clinicians and payers, not anyone else who might possess the information. </blockquote> ] -- count: false <img src="img/no.png" class="overlay"> --- ## Who Owns the Data? <cite>Hall MA, Schulman KA. Ownership of Medical Information. JAMA. 2009;301(12):1282-1284. doi:10.1001/jama.2009.389. <a href="http://jama.jamanetwork.com/article.aspx?articleid=183601" target="_blank">http://jama.jamanetwork.com/article.aspx?articleid=183601</a></cite> .left-column[ <h3><img src="img/patient.png" width="67"></h3> <h3><img src="img/care-provider.png" width="67"></h3> ] .right-column[ **The one who gives care?** <blockquote> Ownership of paper records was never much in doubt.<br> … <br> Clinicians, as owners of the paper records they maintain, can give or sell medical records to other clinicians for treatment purposes and block access by anyone <span class="hilite">except the patient.</span> </blockquote> ] -- count: false <img src="img/no.png" class="overlay"> --- ## Who Owns the Data? <cite>Hall MA, Schulman KA. Ownership of Medical Information. JAMA. 2009;301(12):1282-1284. doi:10.1001/jama.2009.389. <a href="http://jama.jamanetwork.com/article.aspx?articleid=183601" target="_blank">http://jama.jamanetwork.com/article.aspx?articleid=183601</a></cite> .left-column[ <h3><img src="img/patient.png" width="67"></h3> <h3><img src="img/care-provider.png" width="67"></h3> <h3><img src="img/payer.png" width="67"></h3> ] .right-column[ **The one who pays for care?** <blockquote> Insurers own the tangible vessels in which they store patients’ medical information.<br> …<br> <span class="hilite">Patients have rights of privacy and access to their records.</span> </blockquote> ] -- count: false <img src="img/no.png" class="overlay"> --- ## Who Owns the Data? <cite>Hall MA, Schulman KA. Ownership of Medical Information. JAMA. 2009;301(12):1282-1284. doi:10.1001/jama.2009.389. <a href="http://jama.jamanetwork.com/article.aspx?articleid=183601" target="_blank">http://jama.jamanetwork.com/article.aspx?articleid=183601</a></cite> .left-column[ <h3><img src="img/patient.png" width="67"></h3> <h3><img src="img/care-provider.png" width="67"></h3> <h3><img src="img/payer.png" width="67"></h3> <h3><img src="img/who-owns.png" width="67"></h3> ] .right-column[ **Does it really matter?** <blockquote> In the emerging era of electronic health informatics, few other medicolegal questions are more critical, more contested, or more poorly understood. The ARRA of 2009 allocates up to an estimated $20 billion to implement clinical information systems, and it aims for the use of electronic health information “for each person in the United States by 2014.” It fails, though, to resolve who owns this massive increase in electronic information. <span class="hilite">This legal uncertainty presents a major obstacle to integrating and using information about a single patient from various clinicians and hospitals.</span> </blockquote> ] -- count: false <img src="img/maybe.png" class="overlay"> --- ## Ownership of health data in the US <cite>Health Information & the Law Project. 2012. <a href="http://www.healthinfolaw.org/comparative-analysis/who-owns-medical-records-50-state-comparison" target="_blank">Who Owns Medical Records: 50 State Comparison</a>. Milken Institute of Public Health</cite> <figure class="svg-container"> <img src="img/us-states-ownership.jpg" width="100%"> </figure> --- ## What if I move ### from Wisconsin <figure class="svg-container"> <img src="img/us-states-ownership-none.jpg" width="100%"> <figcaption>ownership undefined</figcaption> </figure> --- ## What if I move ### <span class="punkish-dim">from Wisconsin</span> to California <figure class="svg-container"> <img src="img/us-states-ownership-hospital.jpg" width="100%"> <figcaption>hospital owns my data</figcaption> </figure> --- ## What if I move ### <span class="punkish-dim">from Wisconsin to California</span> to New Hampshire? <figure class="svg-container"> <img src="img/us-states-ownership-me.jpg" width="100%"> <figcaption>I own my <span class="hilite">what?</span></figcaption> </figure> --- ## Property vs Privacy vs IP Laws .left-column[ ### Property ] .right-column[ > Property encompasses a range of legal rights and entitlements, including <span class="hilite">the right to exclude others from, and the right to profit from, sell, dispose of or destroy one’s property</span>. These various rights (and there are many more) are often referred to as a “bundle” of rights or, more colorfully, a bundle of sticks. ] --- ## Property vs Privacy vs IP Laws .left-column[ ### Property ### Privacy ] .right-column[ > Privacy law is protective of individuals, like laws against assault and battery. Privacy law may prevent someone from taking your photograph without your permission, or from disclosing embarrassing facts about you. <span class="hilite">Privacy is based in tort law, rather than property</span> (tort, property and contract being the three big common law civil disciplines, i.e., not criminal). ] --- ## Property vs Privacy vs IP Laws .left-column[ ### Property ### Privacy ### IP ] .right-column[ > Intellectual property (patent, copyright, trademarks and trade secrets) are yet another category. Despite being called intellectual “property,” these rights do not derive from common law, but from statute. In the U.S., Art 1, Sec. 8.8 of the Constitution authorizes Congress to enact IP laws, and they have done so. So their basis is purely statutory. Interestingly, <span class="hilite">there is no statutory protection in the U.S. for data or databases</span> (unlike Europe). Thus, those wishing to protect individual medical data must rely on common law property or privacy theories to achieve their ends. ] --- ## Statutory vs Common vs Natural .left-column[ ### Statutory ] .right-column[ > Statutory law or statute law is written law set down by the legislature. It is fairly meaningless to say that we have a right if there’s no way to enforce it. The court will enforce a right if there is a statute establishing the right and the process of enforcement. ] --- ## Statutory vs Common vs Natural .left-column[ ### Statutory ### Common ] .right-column[ > In the US and England, common-law is a set of principles and precedents that the courts of the land have discerned, one way or another, over time. ] --- ## Statutory vs Common vs Natural .left-column[ ### Statutory ### Common ### Natural ] .right-column[ > Natural law is stuff like “All men are … endowed by their Creator with the right to life, liberty, and the pursuit of happiness.” The thing is, unless the Creator gets the legislature and courts on its side, to interpret, delimit and confirm those rights, there’s no way they can be realized. ] --- .two-column-header[ <h3 class="yes">Yes to ownership</h3> ## Unpatients—why patients should own their medical data ] <cite>Leonard J Kish & Eric J Topol. 2015. Unpatients—why patients should own their medical data. Nature Biotechnology. Vol. 33, No. 9. Sep 2015</cite> .left-column[ ### Shared home ] .right-column[ > For the benefits of digital medicine to be fully realized, we need not only to find a shared home for personal health data but also to give individuals the right to own them. ] --- .two-column-header[ <h3 class="no">No to ownership</h3> ## Why patients shouldn’t “own” their medical records ] <cite>John Rumbold & Barbara Pierscionek. 2016. Why patients shouldn’t “own” their medical records. Correspondence, Nature Biotechnology, Vol. 34, No. 6, June 2016</cite> .left-column[ ### no ‘property’ in data ] .right-column[ > <span class="hilite">There is no property in data… it cannot be owned nor stolen</span>. Thus, the proposed benefits of ownership described cannot accrue to patients in that way. This fundamental understanding is crucial to any argument about providing patients with the right to access their own healthcare data, given that they are appealing for legally enforceable rights. … There are property rights in a database as a thing in action, but these relate to intellectual property or *sui generis* database rights (which apply mostly in the European Union). ] --- .two-column-header[ <h3 class="no">No to ownership</h3> ## Why patients shouldn’t “own” their medical records ] <cite>John Rumbold & Barbara Pierscionek. 2016. Why patients shouldn’t “own” their medical records. Correspondence, Nature Biotechnology, Vol. 34, No. 6, June 2016</cite> .left-column[ ### no ‘property’ in data ### contracts enforce trusted exchange ] .right-column[ > There are also philosophical objections to the assertion that “without ownership, there can be no trusted exchange.” It is <span class="hilite">the ability to enforce contracts that is the basis for trusted exchange</span>, not the concept of a thing in possession. A contractual right in personam overrides a right in rem; therefore, this is a better basis for protection of data rights. ] --- .two-column-header[ <h3 class="no">No to ownership</h3> ## Why patients shouldn’t “own” their medical records ] <cite>John Rumbold & Barbara Pierscionek. 2016. Why patients shouldn’t “own” their medical records. Correspondence, Nature Biotechnology, Vol. 34, No. 6, June 2016</cite> .left-column[ ### no ‘property’ in data ### contracts enforce trusted exchange ### privacy instead of ownership ] .right-column[ > <span class="hilite">The rights over personal data largely relate to issues of privacy and confidentiality</span>, and can be contrasted with the rights over anonymized data. ] --- .two-column-header[ <h3 class="no">No to ownership</h3> ## Why patients shouldn’t “own” their medical records ] <cite>John Rumbold & Barbara Pierscionek. 2016. Why patients shouldn’t “own” their medical records. Correspondence, Nature Biotechnology, Vol. 34, No. 6, June 2016</cite> .left-column[ ### no ‘property’ in data ### contracts enforce trusted exchange ### privacy instead of ownership ### ownership is US-centric ] .right-column[ > <span class="hilite">Patient ‘ownership’ of data would have the potential to make access to aggregated data more difficult and thus to hinder research</span>. Their proposed solution might be optimal for the US situation (with its) lack of interoperability of health IT systems, the payment of fees by healthcare providers to access their patients’ data held by other providers and the disincentives in a fee-for-service system to reduce repeat testing of no medical value. (It) would prove an impediment in nationwide public healthcare systems such as are common in the EU and of which the UK’s National Health Service is typical. ] --- .two-column-header[ <h3 class="yes">Yes to ownership</h3> ## Response to Rumbold & Pierscionek ] <cite>Topol and Kish. 2016. Response to Rumbold and Pierscionek. Correspondence, Nature Biotechnology, Vol. 34, No. 6, June 2016</cite> .left-column[ ### We need something that doesn’t yet exist ] .right-column[ > <span class="hilite">Lack of clarity highlights the need for us to pursue new definitions of data property, not to resign ourselves to the belief that constructing new rules will be too difficult</span>. The potential value is vast. New approaches to medical data ownership, implemented via technological solutions and legislative action, must be advanced in order for individualized medicine to achieve its potential. ] --- .two-column-header[ <h3 class="yes">Yes to ownership</h3> ## Response to Rumbold & Pierscionek ] <cite>Topol and Kish. 2016. Response to Rumbold and Pierscionek. Correspondence, Nature Biotechnology, Vol. 34, No. 6, June 2016</cite> .left-column[ ### We need something that doesn’t yet exist ### IP == P ] .right-column[ > That there “is no property in data” is in many circumstances false. Although intellectual property (IP) is a matter of national law and can vary by nation, research data are often considered IP and are covered as a trade secret, or copyrighted. This raises an interesting point as to whether an individual’s data, say from a medical device, constitute a new kind of research and could be considered IP of the individual, or whether they are just a set of facts. As we move toward precision medicine, personal data will take on much greater value, and we expect that laws will need to adjust. ] --- .two-column-header[ <h3 class="yes">Yes to ownership</h3> ## Response to Rumbold & Pierscionek ] <cite>Topol and Kish. 2016. Response to Rumbold and Pierscionek. Correspondence, Nature Biotechnology, Vol. 34, No. 6, June 2016</cite> .left-column[ ### We need something that doesn’t yet exist ### IP == P ### A patchwork of laws ] .right-column[ > In addition, in the US, many states have determined that medical records are property, mostly that of the providers who collect them. In New Hampshire, however, “Medical information contained in the medical records at any facility licensed under this chapter shall be deemed to be the property of the patient.” Finally, several states have <span class="hilite">considered</span> bills asserting that genetic data not only is property, but should be considered ‘real property’ of the individual from whom it came. Real property normally requires a verified signature in order to be transferred. In other contexts, our identities have recognized value, and there are laws that protect the use of our likeness, our image, our voice and other information derived from us. The bottom line is that personal data are already viewed as property in a variety of contexts. ] --- .two-column-header[ <h3 class="yes">Yes to ownership</h3> ## Response to Rumbold & Pierscionek ] <cite>Topol and Kish. 2016. Response to Rumbold and Pierscionek. Correspondence, Nature Biotechnology, Vol. 34, No. 6, June 2016</cite> .left-column[ ### … ### Doing nothing is not the answer ] .right-column[ > Doing nothing about ownership has had the effect of encouraging unwanted behavior, as we saw last year with over 100 million data breaches in the United States. The high value of the data is increasing, promoting incentives for acquiring them, but apparently not enough incentives to protect them. ] --- .two-column-header[ <h3 class="yes">Yes to ownership</h3> ## Response to Rumbold & Pierscionek ] <cite>Topol and Kish. 2016. Response to Rumbold and Pierscionek. Correspondence, Nature Biotechnology, Vol. 34, No. 6, June 2016</cite> .left-column[ ### … ### Doing nothing is not the answer ### Give individuals power ] .right-column[ > <span class="hilite">Laws are generated and rights conferred by the kinds of behaviors the law seeks to encourage</span>. We firmly believe that laws will need to confer more power to the individual as the information continues to increase in value, with its attendant risks. There rarely seems to be debate on whether or not institutions can ‘own’ data, but questions arise when it comes to individuals and their personal data. ] --- .two-column-header[ <h3 class="yes">Yes to ownership</h3> ## Response to Rumbold & Pierscionek ] <cite>Topol and Kish. 2016. Response to Rumbold and Pierscionek. Correspondence, Nature Biotechnology, Vol. 34, No. 6, June 2016</cite> .left-column[ ### … ### Doing nothing is not the answer ### Give individuals power ### Individuals should control their data ] .right-column[ > If one accepts that this individual model is of very high value to the individual, to broader population science, to marketers, to government, to physicians and to anyone who wants to influence the course of action of an individual, how can it make sense that anyone beside that individual should have complete access to and control of this powerful data set? We must begin with this premise. ] --- .two-column-header[ <h3 class="yes">Yes to ownership</h3> ## Response to Rumbold & Pierscionek ] <cite>Topol and Kish. 2016. Response to Rumbold and Pierscionek. Correspondence, Nature Biotechnology, Vol. 34, No. 6, June 2016</cite> .left-column[ ### … ### Tech makes data behave like property ] .right-column[ > New technologies are changing what is possible with regard to data rights, trust, contract enforcement and control. Data can be made unique and transferrable, much more akin to real property than in previous generations, through hashing functions, digital signatures and peer-to-peer blockchain-related technologies. These processes will continue to improve and evolve. ] --- .two-column-header[ <h3 class="yes">Yes to ownership</h3> ## Response to Rumbold & Pierscionek ] <cite>Topol and Kish. 2016. Response to Rumbold and Pierscionek. Correspondence, Nature Biotechnology, Vol. 34, No. 6, June 2016</cite> .left-column[ ### … ### Tech makes data behave like property ### Lack of individual control ] .right-column[ > We must take a close look at the world implied by a lack of individual control and property over personal health data, in which a variety of third parties own and control our personal information. As predictive analytics improve, should third parties and outside entities be able to make predictions when an individual cannot make predictions for him- or herself? In such a world, each of us would be at the mercy of the digital world we inhabit, promoting the autonomy of large entities while denying autonomy to the individual. ] --- .two-column-header[ <h3 class="yes">Yes to ownership</h3> ## A European perspective ] <cite>Purtova, N. N. 2011. <a href="https://pure.uvt.nl/portal/en/publications/property-rights-in-personal-data(9122d0d0-7192-49ad-b503-fa74dfa3ba2b).html" target="_blank">Property rights in personal data: A European perspective</a>. Oisterwijk: BOXPress BV</cite> > The idea of property rights in personal data in Europe is not only formally possible, but… (also) <span class="hilite">introduces ultimate clarity as to the allocation of the data protection obligations</span>. The study therefore concludes that the property approach should not be ruled out as a possible next step in developing data protection without further careful consideration.” --- .two-column-header[ <h3 class="no">No to ownership</h3> ## Would Patient Ownership of Health Data Improve Confidentiality? ] <cite>Barbara J. Evans. 2012. <a href="http://journalofethics.ama-assn.org/2012/09/pfor1-1209.html" target="_blank">Would Patient Ownership of Health Data Improve Confidentiality?</a> Virtual Mentor. September 2012, Volume 14, Number 9: 724-732. AMA Journal of Ethics</cite> .left-column[ ### TL;DR: No ] .right-column[ > the protections patients currently enjoy under the Health Insurance Portability and Accountability Act (HIPAA), Privacy Rule, and the Common Rule are surprisingly similar to those they would have if they owned their data and biospecimens ] .footnote[ <span class="red">*</span> <span class="hilite">Not directly “No” but at least one important advantage attributed to ownership would not actually materialize</span>. ] --- .two-column-header[ <h3 class="no">No to ownership</h3> ## Propertizing Consent ] <cite>Contreras, Jorge L., <a href="https://ssrn.com/abstract=2787553" target="_blank">Genetic Property</a> (November 18, 2016). 105 Georgetown Law Journal 1 (2016); University of Utah College of Law Research Paper No. 171. Available at SSRN: https://ssrn.com/abstract=2787553</cite> .left-column[ ### Too much control ] .right-column[ > With propertizing consent, <span class="hilite">the permission sought from an individual to undergo a medical procedure invests that individual with a property-like interest in the resulting data</span>. As a result, contrary to a century of legal precedent, genetic information has taken on many of the attributes of personal property. ] --- .two-column-header[ <h3 class="no">No to ownership</h3> ## Propertizing Consent ] <cite>Contreras, Jorge L., <a href="https://ssrn.com/abstract=2787553" target="_blank">Genetic Property</a> (November 18, 2016). 105 Georgetown Law Journal 1 (2016); University of Utah College of Law Research Paper No. 171. Available at SSRN: https://ssrn.com/abstract=2787553</cite> .left-column[ ### Too much control ### *de facto* common law property regime ] .right-column[ > Even without the benefit of specific legislation, a <span class="hilite">*de facto* common law property regime has emerged in all but name</span> with respect to human genetic data. As a result, individuals have brought litigation asserting a growing degree of control over the use of data that is obtained from their genetic material, hindering ongoing scientific research and causing the destruction of valuable research resources. ] --- .two-column-header[ <h3 class="no">No to ownership</h3> ## The president says patients should own their genetic data. He’s wrong ] <cite>Jorge L. Contrera. 2016. <a href="https://www.nature.com/articles/nbt.3608" target="_blank">The president says patients should own their genetic data. He’s wrong</a>. Nature Biotechnology, Vol. 34, No. 6, June 2016</cite> .left-column[ ### No property-rights in data ] .right-column[ > Information cannot be ‘owned’ in the same way as land, tangible goods or even intangibles like money and securities. <span class="hilite">Pure data, once known, is, as Justice Louis Brandeis wrote nearly a century ago, as “free as the air to common use.”</span> ] --- ## MIDATA.coop <img src="img/midata-scheme.jpg" width="100%"> ### Values > MIDATA.coop enables citizens to securely store, manage and control access to their personal data by helping them to establish and own national/regional not-for-profit MIDATA cooperatives. > MIDATA cooperatives act as the fiduciaries of their members’ data. As MIDATA members, citizens can visualize and analyze their personal data. They can actively contribute to medical research and to clinical trials by providing access to sets of their personal data across cooperatives. <cite><a href="https://midata.coop/" target="_blank">MIDATA.coop</a></cite> --- ## MIDATA.coop <img src="img/midata-scheme.jpg" width="100%"> ### Citizen owned > Copies of personal data are stored in citizen-owned and citizen-controlled MIDATA cooperatives. Members profit from data analysis, visualization and interpretation tools. In this way, members will increasingly be able to take control over their own health. <cite><a href="https://midata.coop/" target="_blank">MIDATA.coop</a></cite> --- ## MIDATA.coop <img src="img/midata-scheme-break.jpg" width="100%"> ### Point of Failure MIDATA aspires to be a mediator of health data. But the combination of technical expertise, deep pockets, scale, and wide-spread adoption, it will be the tech companies that will become meaningful mediators. --- ## Demand Side - We need data to make better decisions. Ownership can help. - We need data to make better decisions. Ownership can detract. ## Supply Side - We need better protection of the patients. Ownership can help. - We need better protection of the patients. Ownership can detract. --- ## A Liability Rule Framework for Data-Based Research <cite>Contreras, Jorge L., <a href="https://ssrn.com/abstract=2787553" target="_blank">Genetic Property</a> (November 18, 2016). 105 Georgetown Law Journal 1 (2016); University of Utah College of Law Research Paper No. 171. Available at SSRN: https://ssrn.com/abstract=2787553</cite> .left-column[ ### From consent to liability ] .right-column[ > <span class="hilite">Property-like treatment of genetic data be replaced by a combination of existing and new regulations of researcher conduct (liability rules) to protect individuals from abusive research practices</span>. This approach would shift the landscape from one in which data-based research cannot occur without the consent of individual research participants to one in which research is presumptively allowed, but researchers face liability for overstepping the bounds of permitted activity. ] --- ## A Liability Rule Framework for Data-Based Research <cite>Contreras, Jorge L., <a href="https://ssrn.com/abstract=2787553" target="_blank">Genetic Property</a> (November 18, 2016). 105 Georgetown Law Journal 1 (2016); University of Utah College of Law Research Paper No. 171. Available at SSRN: https://ssrn.com/abstract=2787553</cite> .left-column[ ### From consent to liability ### Positive Law ] .right-column[ > Positive regulations should prohibit researchers from misusing this data in a variety of ways and create a cause of action if these prohibitions are violated. ] --- ## A Liability Rule Framework for Data-Based Research <cite>Contreras, Jorge L., <a href="https://ssrn.com/abstract=2787553" target="_blank">Genetic Property</a> (November 18, 2016). 105 Georgetown Law Journal 1 (2016); University of Utah College of Law Research Paper No. 171. Available at SSRN: https://ssrn.com/abstract=2787553</cite> .left-column[ ### From consent to liability ### Positive Law ### From entitlement to remedy ] .right-column[ > <span class="hilite">Property rules and liability rules trigger action at different points in time, leading to differing cost burdens on transacting parties</span>. That is, a property rule establishes entitlements whose infringement can only be avoided with the advance permission of the rights holder. A liability rule, on the other hand, only gives rise to a remedy when someone violates its strictures. ] --- ## A Liability Rule Framework for Data-Based Research <cite>Contreras, Jorge L., <a href="https://ssrn.com/abstract=2787553" target="_blank">Genetic Property</a> (November 18, 2016). 105 Georgetown Law Journal 1 (2016); University of Utah College of Law Research Paper No. 171. Available at SSRN: https://ssrn.com/abstract=2787553</cite> .left-column[ ### Existing rules ] .right-column[ <blockquote> <ul> <li>Deception and Breach of Fiduciary Duty</li> <li>Other Common Law Actions—Fraud and Deceit</li> <li>Prohibiting Genetic Discrimination</li> <li>Contracting for Greater Protection and Participation</li> </ul> </blockquote> ] --- ## A Liability Rule Framework for Data-Based Research <cite>Contreras, Jorge L., <a href="https://ssrn.com/abstract=2787553" target="_blank">Genetic Property</a> (November 18, 2016). 105 Georgetown Law Journal 1 (2016); University of Utah College of Law Research Paper No. 171. Available at SSRN: https://ssrn.com/abstract=2787553</cite> .left-column[ ### Existing rules ### Augment with new rules ] .right-column[ <blockquote> <ul> <li>Outlaw Genetic Discrimination</li> <li>Prohibit Reidentification</li> <li>Prohibit Nonresearch Use</li> <li>Enhance Data Security</li> </ul> </blockquote> ] --- ## A Liability Rule Framework for Data-Based Research <cite>Contreras, Jorge L., <a href="https://ssrn.com/abstract=2787553" target="_blank">Genetic Property</a> (November 18, 2016). 105 Georgetown Law Journal 1 (2016); University of Utah College of Law Research Paper No. 171. Available at SSRN: https://ssrn.com/abstract=2787553</cite> .left-column[ ### Existing rules ### Augment with new rules ### Who bears the cost? ] .right-column[ <blockquote> <ul> <li>Monitoring Costs</li> <li>Enforcement Costs</li> </ul> </blockquote> *Note: Contreras doesn’t address who should pay the cost but only argues that the cost in a liability regime are lower than in a property regime.* ] --- ## A Liability Rule Framework for Data-Based Research <cite>Contreras, Jorge L., <a href="https://ssrn.com/abstract=2787553" target="_blank">Genetic Property</a> (November 18, 2016). 105 Georgetown Law Journal 1 (2016); University of Utah College of Law Research Paper No. 171. Available at SSRN: https://ssrn.com/abstract=2787553</cite> .left-column[ ### Existing rules ### Augment with new rules ### Who bears the cost? ### Remedies ] .right-column[ <blockquote> <ul> <li>Compensatory Damages</li> <li>Punitive Damages and Penalties</li> <li>Injunctive Relief</li> <li>Administrative Penalties</li> </ul> </blockquote> ] --- ## A Contractually Constructed Commons <cite>Reichman, J. H., & Uhlir, P. F. (2003). A Contractually Reconstructed Research Commons For Scientific Data In A Highly Protectionist Intellectual Property Environment. Law and Contemporary Problems, 66.</cite> .left-column[ ### Science Responding to Legal and Economic Pressures ] .right-column[ > <span class="hilite">The first programmatic response would look to the strengthening of existing institutional, cultural, and contractual mechanisms that already support the research commons</span>, with a view to better addressing the new threats to the public domain identified above. The second logical response is collectively to react to new information laws and related economic and technical pressures by negotiating contractual agreements between stakeholders to preserve and enhance the research commons. ] --- ## A Contractually Constructed Commons <cite>Reichman, J. H., & Uhlir, P. F. (2003). A Contractually Reconstructed Research Commons For Scientific Data In A Highly Protectionist Intellectual Property Environment. Law and Contemporary Problems, 66.</cite> .left-column[ ### Science Responding to Legal and Economic Pressures ### Government Response ] .right-column[ > <span class="hilite">Build appropriate, public-interest contractual templates into that deal, to ensure the continued operation of a research commons</span>. The public research function is too important to be left as an afterthought. It must figure prominently in the planning stage of every legitimate privatization initiative precisely because the data would previously have been generated at public expense for a public purpose. ] --- ## A Contractually Constructed Commons <cite>Reichman, J. H., & Uhlir, P. F. (2003). A Contractually Reconstructed Research Commons For Scientific Data In A Highly Protectionist Intellectual Property Environment. Law and Contemporary Problems, 66.</cite> .left-column[ ### Science Responding to Legal and Economic Pressures ### Government Response ### Academia Response ] .right-column[ > Establish a zone of conditionally available data in order to reconstruct and artificially preserve functional equivalents of a public domain. <span class="hilite">This strategy entails using property rights and contracts to reinforce the sharing norms of science in the nonprofit, trans-institutional dimension, without unduly disrupting the commercial interests of those entities that choose to operate in the private dimension.</span> ] --- ## A Contractually Constructed Commons <cite>Reichman, J. H., & Uhlir, P. F. (2003). A Contractually Reconstructed Research Commons For Scientific Data In A Highly Protectionist Intellectual Property Environment. Law and Contemporary Problems, 66.</cite> .left-column[ ### Science Responding to Legal and Economic Pressures ### Government Response ### Academia Response ### Private Sector Response ] .right-column[ > Here, the policy behind a contractually reconstructed research commons is not to defend the norms of science so much as to persuade the private sector of the benefits it stands to gain from sharing its own data with the scientific community for public research purposes. The goal is thus to promote voluntary contributions that might not otherwise be made to the true public domain or to the conditional domain for public research purposes on favorable terms and conditions. ] --- ### From Sharing v. Privacy to Sharing *and* Privacy<sup>*</sup> .footnote[ <span class="red">*</span> Findings from the Robert Wood Johnson Foundation sponsored Creative Commons workshop on <a href="http://punkish.org/science/sharingvprivacy/" target="_blank">Sharing v. Privacy</a> held in Feb 2015 in Washington DC. ] -- Instead of absolute privacy, contextually adequate privacy should be assured. -- A new social contract between the patient and the researcher balancing the need for individual privacy with the desire for sharing data for social good. -- A new *Belmont Report* to account for the rapidly blurring distinction between research and clinical setting as well as spaces outside of those two. -- Information should not be de-identified, but the researchers should agree to not re-identify. -- We need to identify a minimal viable dataset (MVD) for sharing rather than all data. -- Researchers should have a choice of IRBs. We need to identify the attributes that are common to a new kind of IRBs. -- Instead of consent, *engagement* should be emphasized. -- Patients, clinicians, researchers, and toolmakers, all need to be a part of the shared governance. --- ## Future Work: Shape the Conversation .two-left-column[ ### We Have to Talk About - Access and Use - Privacy - Security - Contractual obligations - Harm remediation ] .two-right-column[ ### Not Just - Ownership ] --- ## Future Work: Shape the Conversation .two-left-column[ ### Organize a Workshop - patient groups (supply side) - clinicians and researchers (demand side) - insurers - tool makers - ethicists - policy people We need the perspective from beyond just Europe and the US. ] .two-right-column[ ### Communication - Special Journal Issue - web site ] --- ## Acknowledgements - Iris Brest, Special Counsel, Carnegie Foundation for the Advancement of Teaching, Creative Commons - Jorge L. Contreras, College Of Law, University of Utah - Willi Egloff, Director Plazi GmbH and Lawyer and Partner Advocomplex, Bern, Switzerland - Barbara Prainsack, Professor, Dept. of Political Science, University of Vienna, and Dept. of Social Science, Health & Medicine, King’s College London