Join us on Facebook
Follow us on Twitter

EU data laws puts China research collaborations at risk

Yojana Sharma 05 October 2018

Universities in Europe sharing research data with institutions in China could be in breach of new European Union laws on data protection, legal experts said in a warning that could have an impact on Europe-China research collaborations, particularly in the medical field and some areas of artificial intelligence.

The new EU General Data Protection Regulation (GDPR) which came into force in May sets up strict rules for the use of personal data including in all areas of academic and scientific research, and encompasses the transfer of data outside the EU, including China.

“The road is somewhat bumpy when it comes to sharing personal data in research collaborations with China,” said Henk Kummeling, chancellor (rector magnificus) of Utrecht University in the Netherlands and a professor of law, economics and governance.

Cooperation in the academic field with China “offers unique opportunities but also risks when it comes to handling of data, specially personal research data,” he told a seminar on Europe-China Cooperation held in Oxford in the United Kingdom on 1 October.

Stijn van Deursen, a researcher at Utrecht University, said the GDPR applies to personal data use in research and covers the processing of data, including its distribution and deletion, with EU rules making the researcher and the university responsible for the control of data and any breaches of the GDPR.

“The main aim [of the GDPR] is to ensure the protection of the EU regime travels with the data, wherever the data goes,” so protections are preserved even if the data is shared or used outside the EU with third countries, he said.

Binding agreements with third countries

With regard to third countries outside the EU, the rules for protection must be laid down in binding agreements and they must be rules “that cannot be affected by state power”, Van Deursen said.

Some countries such as Australia have already indicated they will conform to the EU’s GDPR regime and Japan has announced it will also bring its own laws in line with the GDPR.

But Kummeling pointed to a possible “culture clash” with China. The EU enshrines individual rights, for example in its laws and on the constitutional level, but in China “it’s somewhere there in legislation but not there in the constitution, and as far as it is in [China’s] constitution, a tiny part, it’s not legally binding”, he said.

According to the new law, consent for the use of personal data must be obtained and the consent “must be explicit and given freely”. Data may only be transferred if it is not “repetitive” and “concerns only a limited number of data subjects”.

“Personal data is any kind of data that can directly or indirectly be traced back to an individual, a natural living person – a very broad definition which also covers data covered in a research context,” Van Deursen said, adding that the EU regulation is particularly strict on sensitive personal information that may reveal religious or sexual preferences.

Problem of independent supervision

“Looking through this lens at China we see some problems which might hamper research cooperation,” Van Deursen said. “There is no coherent framework [in China] regarding the protection of personal data,” such as would be required by the EU. More particularly, some Chinese public bodies are excluded from the scope of China’s own regulations.

“China also has no independent supervisory authority, which would be problematic from the EU perspective, and less enforceable data rights for subjects compared to the EU, such as the right to correction, and no right to be forgotten,” Van Deursen said.

“The rule of law seems to be less well-established in China,” he noted. “Many agreements concluded between universities and researchers may be affected by all kinds of governmental forces, which, of course, decreases the chances of setting up safeguards in order to ensure data protection,” he told the seminar.

Within China, under regulations made public in April, all data must be submitted to Chinese government data centres, which, “from a perspective of data protection is also a very worrying development,” Van Deursen said. EU rules say data use must be overseen by an “independent authority in the home country”.

China’s personal information protection law is currently pending before China’s National People’s Congress, which Chinese researchers believe will meet the GDPR requirements.

“We are not quite sure about that,” said Kummeling, pointing to the strict GDPR requirements, “but what we are sure about is that this piece of new legislation in China will not enter into force before the year 2023, so in the meantime you can be sure as hell there will be problems of the assessment of transfer of personal data within the EU legal framework and also the exchange of research.”

Existing rules on personal data in China allow for implied or silent consent to the use of data that would be inadequate from the EU perspective.

“Research institutions are not fully aware of what the implications will be of the GDPR,” Van Deursen acknowledged. But “the most important step is to decide what is personal data and what is not”.

Where research involves personal data, “then it is very problematic to share with China. You should stop sharing data with China or with any other countries that do not match up to EU standards.”

Receive UWN's free weekly e-newsletters

Sponsored Article

Getting to net zero, one community at a time

University of Victoria staff

Accelerating Community Energy Transformation is a University of Victoria-led collaborative initiative that brings together over 40 partners, including Indigenous knowledge keepers and community leaders, to create innovative place-based solutions for energy system transformation.

Promoted by the University of Victoria.

Sponsored Article

Africa pays a premium for global climate change sluggishness

Stellenbosch University staff

Africa needs to stop paying the price for the rest of the world’s recalcitrance to act fast enough in response to the irrefutable conclusions that climate change is real and that the impact of global warming could be devasting, says Professor Guy Midgley, interim director of the School for Climate Studies at Stellenbosch University, South Africa.

Promoted by Stellenbosch University.

Sponsored Article

Innovations to ensure energy savings in a hot, arid climate

UAE University staff

Researchers from the United Arab Emirates University have shown that the potential benefits of building energy savings and a cooler indoor environment, as well as improved cooling effect on air temperature at pedestrian level, strongly indicate that a cool roof with high solar reflectance and albedo is a promising strategy for buildings in regions with hot, arid climates.

Promoted by United Arab Emirates University.

Sponsored Article

A new global university ranking with an ethical mission

Aftab Dean

A new university ranking system aims to serve as a catalyst for positive transformation in higher education, ensuring that universities create an environment grounded in integrity and sustainability that inspires and supports students and staff in the development of novel solutions to global challenges.

Promoted by Globethics.net.

Sponsored Article

SDG progress report launches university into new territory

University of Pretoria staff

In the publication of its first progress report on its contribution to the Sustainable Development Goals, the University of Pretoria is navigating new territory at the same time as it is acknowledging its clear stewardship role in protecting the environment and biodiversity.

Promoted by the University of Pretoria.