Employing Non-Health Data in Building Health Emergency Warning System
Research into the legal rights and responsibilities of EU companies to collect and process non-health data to foresee future pandemics.
Dr Dimitrios Kyriazis
- Respond (Decrease transmission & spread), such as: Optimal preventive interventions & uptake maximization, Cutting through “infodemic” & enabling better response, Data-driven learnings for increased efficacy of interventions
The problem we are working to solve is the inefficiency existing in the corporate collection and sharing of non-health data to be used for early identification or mitigation of a potential health emergency. The geographical scope of the analysis is the UK and the 27 EU Member States. The scale of the problem is actually far-reaching within the EU, with approximately 450 million citizens being affected. In the context of a global pandemic, however, and given that the EU was for a long time period the centre of the coronavirus pandemic, the scale of the problem is potentially global.
Some of the causes of this inefficiency are arguably regulatory. Identifying the exact causes is part of the inquiry we will conduct. The potential sources are data protection laws as they apply today, as well as the absence of a more complete data protection governance and responsibility framework. No local or global statistics are directly relevant.
In terms of intended audiences, firstly, the research will be of significance for policy-makers interested in maximising the benefits from data analysis in foreseeing or mitigating health emergencies. Secondly, our insights will be of interest to corporations interested in clarifying their legal position with regard to data processing, as well as in enhancing their corporate social responsibility strategies by introducing a data sharing responsibility. Thirdly, as companies become more involved in devising data-driven solutions to health emergencies, civil society organisations, academics and the public will be interested in scrutinising whether this type of corporate data processing is consistent with legal and ethical principles. To understand the needs of our stakeholders, we have been conducting qualitative semi-structured interviews with expert stakeholders in the UK and in Europe. We have already conducted interviews with senior members of the judiciary, data protection law experts who advise corporate entities regularly and officials working for regulatory agencies in the area of data protection. As we will be developing our solution, we plan to further engage with affected stakeholders in a variety of ways, i.e. by appointing a stakeholder board to review the project’s progress, organise workshops and events with stakeholder participation and engage in further empirical work.
- Proof of Concept: A venture or organisation building and testing its prototype, research, product, service, or business/policy model, and has built preliminary evidence or data
- Big Data
- Crowd Sourced Service / Social Networks
- GIS and Geospatial Technology
- Software and Mobile Applications
Our solution is strategically oriented to serve the public good via the dissemination of knowledge and qualitative data that can facilitate wider use of critical and large amounts of data to safeguard public health and prevent the next pandemic. Shedding light on perceived and real barriers to unblocking the use of such data from a legal perspective is integral to shifting cultures of cautiousness and organisational inertia that block proactive efforts of corporate actors to assist public policy-makers in public health protection. Furthermore, through conceptualising the idea of ‘corporate data responsibility’, we will also consider the incentives for corporate actors in developing relevant strategies for data use and analysis, by contrast to the current lack of incentives blocking relevant initiatives. We will seek to disseminate our results in an accessible to policy-makers and other stakeholders format, both via a report/white paper and peer-reviewed open-access publications. We will further engage in public dissemination via the media, including social media, in the interest of reaching broader audiences and create more trust in the potential of corporate data processing to serve the public good.
We expect our solution to have a tangible impact on our target population due to our existing and currently developing links with key stakeholders within the affected population. Both members of our team have rich experience in conducting socio-legal research and have a growing network of policy and industry practitioners in the area of EU policy-making and data protection regulation. To provide a high-level overview of our interview data, key stakeholders have been finding our angle very valuable and have agreed on the urgency of tackling regulatory barriers to enable corporate data use for public interest purposes. Our interviewees have alerted us both to the merits of developing a ‘corporate data responsibility’ to complement existing ‘corporate data governance’ structures and to the potential pitfalls and challenges that one needs to address (e.g. difficulties at the stage of monitoring adherence to data protection safeguards in this context). Through further socio-legal work, we seek to gain more clarity on the real-world challenges and implications of our research, as understood by key stakeholders, in the interest of creating tangible impact.
Our aspiration is to scale our impact within the EU region, with the potentially to positively improve the protection of public health in EU member states, but also on the global level more broadly and through a comparative lens. Our socio-legal inquiry seeks to do so by addressing cross-cutting legal challenges (e.g. privacy and data protection concerns) and developing a corporate governance model (through the notion of ‘corporate data responsibility’) that can operate as a model for the development of corporate policies across borders. Over the next one year, we will initiate our communication and dissemination plan and seek to produce the first outputs that will be accessible to affected stakeholders. Over the next three years, as our research will be maturing, we will reach and seek to influence decision-makers, both within the private sector and the government, in the interest of developing legally-compliant and responsible models for corporate data use to serve public health.
Success in our impact goals is measured by reference to specific, measurable, achievable, realistic and time-bound (SMART) research objectives and key performance indicators (KPIs) corresponding to these objectives. We will finalise the definition of these objectives and indicators, which will largely address our research questions outlined above, after the completion of our pilot study. For example, one of our metrics has been the engagement levels of key corporate and policy decision-makers with our research, and we have currently conducted ca. 20 interviews with such individuals. We seek to improve our performance and speak to at least 100 individuals throughout the course of our project. Another key objective will be the publication of our findings in an accessible manner to affected stakeholders and we seek to produce at least two (2) peer-reviewed journal article publications and one (1) policy report. We are also developing a comprehensive communication and dissemination plan to measure our impact success, and more details on that follow under the relevant section of the application below.
- United Kingdom
- France
- Germany
- Greece
- United Kingdom
The main barriers we will be facing will materialise in the first year. No major hurdles expected on the three-year horizon. Their type is twofold, i.e. potential legal and policy barriers.
As regards legal barriers, these revolve around the current interpretation and application of data protection laws. Our research, and particularly our interviews with key stakeholders and high ranking members of national judicatures, will enable us to tackle these problems head on.
In relation to policy problems, these mainly concern policy inertia and recalcitrance, and the hesitance that legislators (EU and national) might exhibit when it comes to recommendations for profound amendments to existing laws. In this context, our research will focus on tackling this problem on a more centralized EU level, thus preempting the need for many negotiation “fronts”.
- Solution Team (not registered as any organisation)
Oxford University
New College of the Humanities
Trilateral Research Ltd
This question is quasi philosophical, and - to an extent - deeply personal, too. There is a multitude of reasons why we are applying, some academic, others practical, some related to the intellectual challenge it constitutes. No reason, however, is truer than this: from our own corner and with our own “weapons”, ie our expertise in high impact socio-legal research, we wish to contribute to the fight against the next pandemic. More specifically, we wish to employ data protection governance and responsibility as a panacea against the next infodemic. We profoundly believe that a proper, well functioning, early warning system will help us prevent or better control the next pandemic. Therefore, the trajectory of the next pandemic depends on the management of the infodemic that precedes it. Our research aspires to find and mould the key that unlocks our potential in “taming” that infodemic. With the support of TC’s partners, we are confident we can deliver.
We would like to partner with Trinity Challenge Member organisations not in order to request monetary support, but to obtain access to individuals working for these organisations for research purposes (i.e. conducting brief confidential interviews with them). This will help us advance our solution significantly to better understand the needs of partner organisations and ensure that our research is well-aligned with their priorities. More specifically, we would be very interested in partnering inter alia with Google, Microsoft, Facebook, Aviva, GSK, Imperial, LSE, Northeastern University, Cambridge University, Tencent and Palantir.