The (Im)Possibilities of Scientific Research Under the GDPR

Cybersecurity Law Report

17 Jun 2020

Alex van der Wolk authored an article for Cybersecurity Law Report discussing how the GDPR can impact a company’s innovation at the research and development stage, potentially limiting them when datasets consist of personal information.

“It will be clear that companies that want to engage in research initiatives in the EU will need to work their way through a myriad of assessments and requirements,” Alex said. “The inability of the GDPR to provide for a clear and workable way forward for companies undertaking research projects does not seem to be on par with the EU’s objectives of fostering innovation as part of the EU’s Digital Single Market strategy. The varying degree of requirements at a national level combined with the strong requirements toward (explicit) consent, pseudonymization, and anonymization make it challenging for companies to navigate their research projects into GDPR compliance whilst making full use of their research potential. The result may well be that companies will be drawn to countries outside the EU where their projects do not face similar restrictions.”

Read the full article.



Unsolicited e-mails and information sent to Morrison & Foerster will not be considered confidential, may be disclosed to others pursuant to our Privacy Policy, may not receive a response, and do not create an attorney-client relationship with Morrison & Foerster. If you are not already a client of Morrison & Foerster, do not include any confidential information in this message. Also, please note that our attorneys do not seek to practice law in any jurisdiction in which they are not properly authorized to do so.