Skip to content
Male hand holding a fountain pen signing a document
Male hand holding a fountain pen signing a document © Cytonn Photography

General Data Protection Regulation

The General Data Protection Regulation (GDPR) regulates the collection and processing of personal data from individuals living in the European Union. Its provisions have far-reaching impact on researchers and their organisations.

Why does the GDPR matter?

The General Data Protection Regulation, adopted in 2016, applies to any type of scientific research that uses personal data, such as studies in (bio)medicine, the social sciences, and the arts and humanities. It affects EU researchers who need to be able to collect, process, and re-process personal data and collaborate internationally. It also affects research funding and performing organisations that want to establish international collaborations with other organisations.

The challenges for research organisations

Unfortunately, the GDPR legislation creates numerous challenges for research:

  • Fragmented legal landscape due to incoherence in national rules complicates cross-border collaboration
  • Provisions on joint or separate controllership leave room for interpretation and makes it difficult for research organisations and their partners to identify the correct approach
  • Explanations on the correct legal form to use for agreements are often not applicable for public organisations
  • Many ‘tools’ such as Standard Contractual Clauses (SCCs) or adequacy decisions are not applicable to public organisations
  • Non-EU partners are reluctant to sign agreements on data protection due to lack of knowledge of the rules and implications

First steps towards solutions

Since the adoption of the legislation and the identification of the problems, Science Europe is pleased to report some remedial measures have been introduced:

© European Commission

Related content