As medical science pushes ever forward it reveals new and seemingly never-ending knowledge about homo sapiens. We understand better than ever before how we reproduce, grow, develop and die. In particular, the advent of modern genetic science has generally been heralded as one of the greatest advances in human history. Unfortunately, it is also perceived as one of the biggest threats to individual interests in the contemporary private sphere.
In the public realm, advances in genomic research are widely recognised as being in the interests of the collective good. The promise of considerable clinical benefit from genetics is a rarely-questioned given. The ability to gain knowledge about one's own genetic make-up can, however, be a frightening prospect for the individual. Such information might reveal an underlying disease or dysfunction, or indicate a predisposition to future ill health. It could also have implications for one's relatives, given the common genetic heritage that family members share. Moreover, once such information is discovered, a question arises over its use and possible misuse. Family members, the state, researchers, insurers and employers could all claim an interest in knowing the genetic information relating to individuals. The basis and legitimacy of such interests will be discussed in chapter 3. That such claims might be put, however, means that potential invasions of the informational privacy of the individuals to whom the data relate are very much more likely.
The profusion of electronic medical records serves only to exacerbate concerns, because these databases greatly facilitate the use and manipulation of personal health data. Such systems open up many potential uses of health data beyond the immediate care and treatment of the patient and facilitate their dissemination and use on a much wider scale than was possible previously. Databanks of health information have been proposed in various jurisdictions,74 not least the United Kingdom, where a National Health Service super database of patient details offers multiple access points throughout the country.75
74 See L. Gostin, 'Genetic Privacy' (1995) 23 Journal of Law, Medicine and Ethics 320.
75 See A. Tonks, 'Information Management and Patient Privacy in the NHS' (1993) 307 British Medical Journal 1227. The handling and management of NHS data is governed by the NHS Information Authority, which sets standards and benchmarks for all users of NHS data.
In the United States the exceptionally ambitious National Health and Nutrition Examination Survey (NHANES) is a rolling programme of surveys designed to collect both genetic and non-genetic information from citizens so as to provide current statistical data on the nature, distribution and effects of illness and disability across the country. Each year, over 5,000 Americans are visited in multiple locations throughout the country. The data collected range over 500 separate issues concerning, inter alia, the individual's diet, bone density, blood pressure, risk status, drug use and history of sexually transmitted disease. NHANES also tests and stores biological samples for the purposes of long-term follow-up and statistical research.76
Most controversially, the Icelandic Health Sector Database was established after the Icelandic parliament adopted a law of 17 December 1998 that allows a private company, deCODE Genetics, to maintain and exploit a database of the population's health records.77 One of the ultimate aims of this project is to tap the rich genetic resources of the Icelandic people as a unique genetically homogeneous population.78 However, in order to provide the best epidemiological and statistical data possible, a high proportion of the population is required to participate. To facilitate this, the Icelandic law adopted an opt-out scheme for participation. That is, the presumption will be that every individual gives consent to the use of their records unless she or he indicates otherwise. This scheme has not been without its critics,79 the main objection being that it does not pay sufficient respect to the autonomy of Icelandic citizens to choose freely whether or not to take part.80 By the same token, this innovative approach seeks to protect the core personal interests at stake - namely those of privacy - while at the same time furthering the considerable public interests that can be served by the existence of such a resource. An adequate privacy protection mechanism is crucial to the success of the scheme. But more fundamentally, the Icelandic approach
76 Gostin, 'Genetic Privacy', 322.
77 O. M. Arnardottir, D. T. Bjorgvinsson and V. M. Matthiasson, 'The Icelandic Health Sector Database' (1999) 6 European Journal of Health Law 307.
78 H. T. Greely, 'Iceland's Plan for Genomic Research: Facts and Implications' (2000) 40 Jurimetrics Journal 153.
79 R. Chadwick, 'The Icelandic Database - Do Modern Times Need Modern Sagas?' (1999) 319 British Medical Journal 441.
80 H. Roscam Abbing, 'Central Health Database in Iceland and Patients' Rights' (1999) 6 European Journal ofHealth Law 363.
poses a challenge to the traditional method of protecting and promoting patient interests, which has been to focus on individual autonomy. To the extent that this represents an exploration of the limits of autonomy and its social utility, this project serves as an apposite model for a correlative examination of the possible role of privacy as an alternative means to protect and further both private and public interests.81 For these reasons we will return to consideration of this initiative in chapter 5.
Other avenues that have traditionally served to protect patient privacy have also been called into question in the face of the challenges posed by scientific and technological advances concerning patient records. Dierks, for example, has contended that medical confidentiality - the stalwart of bioethics - can no longer adequately protect patient rights.82 He makes out a case for a greater role for data protection provisions both to protect patient rights and 'to let the enormous chances presented by new methods of data processing be fully exploited in research'.83 Writing from within the German legal system, which has made 'informational self-determination' a constitutional right,84 Dierks argues for an acceptable balance to be struck between 'optimized data exploitation and maximum protection of the individual's rights'.85 However, to talk of balance within systems with a less developed sense of individual patient rights, such as that of the United Kingdom, is relatively meaningless. A balance cannot be struck if patients are denied recognition of the fundamental rights related to being a patient,86 and, paramount among them, the right of privacy requires clear definition and recognition. Moreover, as will be shown in chapter 4, the law of confidentiality is often in an unsophisticated and confused state, and its precise parameters remain elusive in most jurisdictions. While it is not denied that confidentiality helps to
81 Developments such as these have also provoked response at the international level. For example, in May 2000 the World Medical Association moved to develop ethical guidelines on centralised health databases as a direct result of the Icelandic initiative. See C. Kapp, 'WMA Drafts Guidelines on Genetic Databases' (2000) 355 The Lancet 1704.
82 C. Dierks, 'Medical Confidentiality and Data Protection as Influenced by Modern Technology' (1993) 12 Medicine and Law 547.
86 The Information Commissioner has, for example, urged the British medical profession to adopt a 'culture of data privacy'. Speaking at a conference on health care computing in April 1997, Elizabeth France argued that the use of 'pseudonymised data' could go a long way to addressing the problems of privacy and confidentiality which surround the NHS's medical data networks; see D. Carnell, 'Data Protection Registrar Calls for Culture of Privacy' (1997) 314 British Medical Journal 922.
protect some privacy interests of medical patients, it is submitted that it cannot do so adequatelywhen faced with new problems posed bymedical advance.
None of this is to suggest that personal privacy has not received attention from legislators or other social institutions. Indeed, for many of the reasons outlined, the perception of an increased threat to privacy has resulted in a number of measures designed to assuage concerns about its protection. Thus, for example, the European Community (EC) Directive on the protection of individuals with regard to the processing of personal data and on the free movement of such data87 required member states to implement compliant data protection legislation by 24 October 1998.88 This legislation must lay down conditions under which all processing of personal data should be carried out, provide for the maintenance of quality data standards, and establish certain core rights for data subjects. 'Personal data' are defined as 'data which relate to a living individual who can be identified - (a) from those data, or (b) from those data and other information which is in the possession of, or is likely to come into the possession of, the data controller'.89 A 'data controller' is 'a person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be, processed'.90 Personal health data, including genetic data, are clearly caught by the provisions of this legislation. Indeed, they qualify as 'sensitive personal data' and, as such, receive more stringent protection, permitting processing only in limited circumstances - for example, with the explicit consent of the data subject.91 To the extent that these provisions are concerned with the security of personal data, they go a long way to providing strong protection for personal informational privacy interests. They do not, however, exhaust the limits of privacy as a means to protect individuals from all of the threats to their interests in respect of their genetic constitution.
87 EC Directive 95/46/EC, OJ 1995 No. L281/31. On the same day and in the same document, the Commission also proposed a Council Directive on the protection of personal data and privacy in the context of public digital telecommunications networks, in particular the Integrated Services Digital Network (ISDN) and public digital mobile networks. It was felt that this second directive was necessary to supplement the general directive by applying the general principles of data protection to the specific requirements of new telecommunications networks.
88 The UK legislation is contained in the Data Protection Act 1998, which came fully into force on 1 March 2000.
89 See s. 1(1) of the Data Protection Act 1998 . 90 Ibid. 91 Ibid., s. 2.
The passing of the Human Rights Act 1998 in the United Kingdom has been proclaimed as a significant advance in the protection of individual rights.92 Chief among these is the right to respect for private and family life, protected under Article 8(1) of the European Convention on Human Rights (ECHR), and now contained in Schedule 1 of the 1998 Act. For the moment, we must patiently await the British courts' attempts to put flesh on the bones of this new rights framework and to give meaning to the term 'private and family life'. If help is sought from European jurisprudence, as it undoubtedly will be, then it is worth noting that the European Court of Human Rights and its Commission have interpreted Article 8 very widely to include not only a right to control personal information, but also to the protection ofinterests in physical and moral integrity, the establishment and maintenance of personal relationships, and the development of personality more generally.93 This leaves much scope for the British courts to grasp the nettle, should they choose to do so, and expand considerably the protection accorded to these kinds of individual interests in the United Kingdom.
These legislative initiatives reflect a healthy enthusiasm for the protection of personal privacy. It is not the aim of this work necessarily to call these measures into question, nor indeed to give an exhaustive account of the protection that they afford. Rather, they will be held up as examples of instances of protection that have arisen in response to particular problems or concerns but which do not reflect a common or coherent concept of privacy. The protection is piecemeal and without conceptual focus as to the nature of the enterprise at hand. Accordingly, one of the fundamental questions to be addressed in this work is: what are we protecting when we seek to protect privacy?
It is also a core aim to reassess privacy from its fundamentals towards its practical application. A conceptual framework must be established in order to achieve this. A definition of privacy has already been advanced which comprises the two elements of informational privacy and spatial privacy. Personal privacy interests in the health care setting relate to both of these. It has also been argued that medical advances heighten concerns about possible privacy invasions and reveal a need to ensure proper protection of the rights and interests of patients. We can find evidence of both forms of privacy interest being accommodated within
92 This Act came into force fully in the United Kingdom on 2 October 2000.
the protection measures that have been outlined above. Data protection is almost exclusively concerned with the security of information, and as such is clearly designed to protect informational privacy interests. And, while the same class of interests might been protected under Article 8 of the ECHR, the European jurisprudence also reveals a much wider scope of protection that encompasses interests more akin to those described within the concept of spatial privacy. It is also important to note that Article 8 protects 'private life' and not simply privacy, and the former is accordingly a broader notion than the latter. None the less, it is not enough simply to find instances of privacy protection that accord with the definition of privacy offered in this work. What is lacking is a unifying and well justified view of privacy that can bring coherence to these instances of protection. This is necessary not only for the sake of conceptual clarity, but also for the protection of the concept itself. As we shall see in chapter 2, privacy has for a long time received short shrift and has often been regarded as a poor cousin to other related concepts such as autonomy, liberty and confidentiality. This book seeks to explore the nature of the interrelationships between these concepts and to argue for a clearer and more defensible role for privacy as an important and equally valid device to protect our personal and social values and interests.
Was this article helpful?
Although nobody gets a parenting manual or bible in the delivery room, it is our duty as parents to try to make our kids as well rounded, happy and confident as possible. It is a lot easier to bring up great kids than it is to try and fix problems caused by bad parenting, when our kids have become adults. Our children are all individuals - they are not our property but people in their own right.