A Process-based Approach to Informational Privacy and the Case of Big Medical Data
-
Michael Birnhack
Abstract
Data protection law has a linear logic, in that it purports to trace the lifecycle of personal data from creation to collection, processing, transfer, and ultimately its demise, and to regulate each step so as to promote the data subject’s control thereof. Big data defies this linear logic, in that it decontextualizes data from its original environment and conducts an algorithmic nonlinear mix, match, and mine analysis. Applying data protection law to the processing of big data does not work well, to say the least.
This Article examines the case of big medical data. A survey of emerging research practices indicates that studies either ignore data protection law altogether or assume an ex post position, namely that because they are conducted after the data has already been created in the course of providing medical care, and they use de-identified data, they go under the radar of data protection law. These studies focus on the end-point of the lifecycle of big data: if sufficiently anonymous at publication, the previous steps are overlooked, on the claim that they enjoy immunity. I argue that this answer is too crude. To portray data protection law in its best light, we should view it as a process-based attempt to equip data subjects with some power to control personal data about them, in all phases of data processing.
Such control reflects the underlying justification of data protection law as an implementation of human dignity. The process-based approach fits current legal practices and is justified by reflecting dignitarian conceptions of informational privacy.
© 2019 by Theoretical Inquiries in Law
Articles in the same Issue
- Frontmatter
- Privacy Law’s Indeterminacy
- Turning Privacy Inside Out
- Re-reading Westin
- Privacy as Protection of the Incomputable Self: From Agnostic to Agonistic Machine Learning
- Schrödinger’s Robot: Privacy in Uncertain States
- Privacy and Manipulation in the Digital Age
- Grappling with “Data Power”: Normative Nudges from Data Protection and Privacy
- Contextual Integrity Up and Down the Data Food Chain
- A Process-based Approach to Informational Privacy and the Case of Big Medical Data
- The Right to Communications Confidentiality in Europe: Protecting Privacy, Freedom of Expression, and Trust
- Theorizing Privacy in a Liberal Democracy: Canadian Jurisprudence, Anti-Terrorism, and Social Memory After 9/11
- Synthesis and Satisfaction: How Philosophy Scholarship Matters
Articles in the same Issue
- Frontmatter
- Privacy Law’s Indeterminacy
- Turning Privacy Inside Out
- Re-reading Westin
- Privacy as Protection of the Incomputable Self: From Agnostic to Agonistic Machine Learning
- Schrödinger’s Robot: Privacy in Uncertain States
- Privacy and Manipulation in the Digital Age
- Grappling with “Data Power”: Normative Nudges from Data Protection and Privacy
- Contextual Integrity Up and Down the Data Food Chain
- A Process-based Approach to Informational Privacy and the Case of Big Medical Data
- The Right to Communications Confidentiality in Europe: Protecting Privacy, Freedom of Expression, and Trust
- Theorizing Privacy in a Liberal Democracy: Canadian Jurisprudence, Anti-Terrorism, and Social Memory After 9/11
- Synthesis and Satisfaction: How Philosophy Scholarship Matters
