Hrefna Dögg Gunnarsdóttir
Karen Blixens Plads 16, 2300 København S, 6B Bygning 6B, Building: 6B-3-04
Hrefna Dögg Gunnarsdóttir is a PhD Candidate at the Centre for Advanced Studies in Biomedical Innovation Law (CeBIL), Faculty of Law, University of Copenhagen. Her supervisor is Professor Timo Minssen.
Prior to academia, Hrefna practiced as an Attorney-at-Law at Réttur - Aðalsteinsson & Partners, a litigation and human rights law firm based in Reykjavík, Iceland. She has contributed to policy making of the Icelandic government and the Icelandic Bar Association, and to research with the Human Rights Institute at the Univ. of Iceland. Her experience also includes variety of cross-sectoral projects in different regional and country context ranging between the archipelago of Svalbard and Tamil Nadu in India. She has held two consultancies with the UNHCR where she mapped the status of stateless persons, and has provided legal advice to refugees in the Moria detention camp on behalf of the Council of Bars and Law Societies of Europe via European Lawyers in Lesvos, Greece. Hrefna is a board member of Nordic Per Med Law, a network working with legislation for modern medicine, and serves on the international experts panel of the Genetic Discrimination Observatory. She is a member of IASC's Justice in the Arctic Working Group, and is specifically interested in health law, data governance and research reciprocity in the environmental, societal and cultural context of the circumpolar North. Hrefna has been featured by the Women in the Arctic and Antarctic (WiAA) initiative.
Hrefna has been a visiting researcher at Faculty of Law, Uppsala University and at The Petrie-Flom Center for Health Law Policy, Biotechnology, and Bioethics at Harvard Law School.
Hrefna graduated with a BA and Mag. Juris in Law from the University of Iceland (2012) and with a MA in Disaster Management from School of Global Health, University of Copenhagen (2018). She was admitted to the Icelandic Bar Association in 2013.
Fields of interest
- Human rights and human dignity
- Right to life and right to health
- Health data governance
- Ethics, including bioethics and data ethics
- Law and ethics in relation to science and technology
The PhD project analyses GDPR‘s transparency provisions when applied in the relationship between a data controller and a patient as a data subject, where the controller processes patients' health data for biomedical research purposes. When GDPR was adopted, transparency was introduced as an independent principle with detailed provisions about which information should be provided to data subjects. The rationale behind giving transparency such a weight was inter alia to strengthen individual’s rights, which was expected to lead to various normative virtues, including individuals’ trust in the data governance system. For the purposes of this research, the author has developed a model to conceptualize transparency both generally in biomedical research literature, and specifically in the GDPR. The model is based on Albu and Flyverbom’s (2019) categorization of transparency (concept, conditions and consequences) and David Heald’s (2003, 2006) varieties of transparency. Their work has been modified and developed by the author for this research. The analysis demonstrates that the concept of transparency in general biomedical research literature is context dependent. The concept features are three, i.e. proactive disclosure of content, providing access to content upon request, and communication. The purpose or expected outcome of transparency in the biomedical research sector is also context dependent. Reoccurring themes that can be identified are replication of research, trust and transparency. By applying the model specifically to transparency in the GDPR, it can be established that the concept of transparency in vertical downward relationships, such as the relationship between a data controller and a data subject has two components. It refers to (1) disclosure, access or communication of (2) procedural-like conditions that are further stipulated in the Regulation and which may entail (a) effective and (b) timely revealing of content. The research furthermore demonstrates that transparency is established and introduced in the GDPR with the purpose of allowing data subjects to enjoy the rights that they are entitled too. Enjoying these rights is considered essential to establish the trust that the regulators considered necessary for the digital economy. Having analyzed the concept and purpose of transparency in the GDPR, the legal scope of the transparency principle and provisions are investigated in the context of biomedical research with patients’ health data. Decisions from the Icelandic Supervisory Authority, and other empirical material, provide perspectives from practice. These perspectives shed light on how data subjects’ rights to transparency according to the GDPR have been addressed and applied to biomedical scientific research using patients’ clinically collected data. The perspectives guide the normative evaluation of the GDPR’s transparency provisions and how they relate to the expected normative outcome of transparency, such as trust. It is argued that when normative virtues guide regulation making, the outcome may be held to a higher standard. The research shows challenges in establishing that the legal scope of the transparency provisions lead to trust. When the expected outcome, is at best questionable, the normative virtue may be considered a naturlized discourse that should be avoided as a rationale for lawmaking. It is however argued that sufficient disclosure of clearly formulated information is beneficial for patients’ as data subjects in biomedical research, to be able to exercise their rights. Such disclosure should be framed and perceived as procedural requirements, applied relationally to their context.