Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

⚒ Exploring a BIDS-DID Specification for Research Participant Data Self-Sovereignty #5

Open
6 tasks
hebbianloop opened this issue Mar 17, 2021 · 0 comments
Open
6 tasks

⚒ Exploring a BIDS-DID Specification for Research Participant Data Self-Sovereignty #5

hebbianloop opened this issue Mar 17, 2021 · 0 comments

Comments

@hebbianloop
Copy link
Member

hebbianloop commented Mar 17, 2021
edited
Loading

Exploring a BIDS-DID Specification for Research Participant Data Self-Sovereignty

Regulatory Background

The General Data Protection Regulation (GDPR) provides a high level of protection for health and genetic data (Article 9), the conditions for consent (Article 7), defines individual rights of data subjects (Articles 13-22), and describes mechanisms for data subjects to enforce their rights (Articles 77-84).

The collection and banking of large datasets must be justified by the societal benefit and balanced against respect for dignity, autonomy, privacy, and confidentiality of individuals. Researchers must show that data cannot lead to "re-identifiability" and must describe procedures to protect users and allow them to opt-out of research projects that violate a person's ethical beliefs (discrimination, profiling, unethical weapons, marginalization).

Self-Sovereign and Decentralized Identity

A decentralized identity (DID) can streamline scientific human subjects research by allowing users to grant/revoke access to data collected under their DID. The Brain Imaging Data Structure (BIDS) provides clarity for data interoperability between research studies. However, the current specification leaves use-rights and licenses in the hands of the researchers/institutions sharing the data.

Specific goal

In this project, we will explore the feasibility of integrating existing DID frameworks with the BIDS specification to enable GDPR-compliant sharing of datasets. The milestones for this project are outlined below!

  • Summarize GDPR regulations relevant to collecting neuroimaging data from human subjects
  • Outline a revision to the BIDS specification to include DID tagging of participant data
  • Outline a schema for a BIDS-compatible identity index
  • Design a UI for uploading encrypted personal data to distributed cloud storage (IPFS)
  • Implement Data Permissions Access/Revocation with 3box profiles API
  • Demonstrate execution of a BIDS-app with confidential cloud computing on BIDS-DID dataset.

Skills required to participate

The only requirement is an interest to learn more about GDPR in the age of Web 3.0, DID, federated learning, and confidential cloud computing!

Preparation material

IDX: Identity protocol for Open Applications
IDX Specification
3box Profiles Documentation
3box Storage Documentation
Infura for IPFS Data Storage
BIDS Specification
GDPR and the research exemption

More information

This project is an extension of a previous hack-a-thon project to build open-source toolkits for decentralized science (De-Sci).

Communication

Join us on Discord

Opscientia
@hebbianloop hebbianloop changed the title ⚒ OpenMR hackathon :: Exploring a BIDS-DID Specification for Research Participant Data Self-Sovereignty ⚒ Exploring a BIDS-DID Specification for Research Participant Data Self-Sovereignty Apr 13, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@hebbianloop