The EU Commission has just published a Preliminary Opinion on data protection and scientific research. In its 36 pages, they cover a variety of topics including legal basis for processing, derogations for scientific research and the presumption of compatibility for research purposes. As a half Spanish reader, I consider this my King's Day present from the EU Commission and will share our thoughts on it later this week.
However, the message seems quite clear: Science and health come first, GDPR compliance cannot be used as an excuse for lack of transparency and concentration of power.
Scientific research serves a valuable function in a democratic society to hold powerful players to account, and this has grown in importance with the concentration of control over information flows in the hands of a few private global companies. Data protection obligations should not be misappropriated as a means for powerful players to escape transparency and accountability. Researchers operating within ethical governance frameworks should therefore be able to access necessary API and other data, with a valid legal basis and subject to the principle of proportionality and appropriate safeguards.