Genetic data governance for the development of the scientific research

Abstract

For the first time in the European regulatory landscape, the GDPR has introduced the concept of “genetic data”. A concept that is especially relevant in the context of scientific research. With the aim of contributing to a broader debate on the subject, this article aims to address the legal framework for the processing of genetic data for scientific research purposes. In particular, the article aims to examine and deepen the set of technical and organisational measures identified by the European legislator to reconcile the respect for the fundamental rights and freedoms of individuals with the needs of the development of scientific research and therefore the possible derogations to individual rights. Starting from the discipline introduced by Article 89 of the Regulation, the anonymisation and pseudonymisation techniques for the processing of genetic data will be presented, as well as the possible application of distributed ledger technologies (DLT) and blockchain This will be accompanied by a presentation of the technical and organisational measures set out in the various guidelines of national data protection authorities, as well as the principles of privacy by design and by default. A final in-depth analysis will be devoted to certification and to the need for international use of sectoral codes of conduct to overcome the national barriers that currently hinder genetic research.