Legal and ethical analysis
Introduction
This is the central DE4A wiki page for the legal and ethical work in DE4A. It is intended to:
- Provide an overview of prior legal/ethical outputs, including copies of any finalised documents
- Link to existing templates for legal documents; this is particularly important to support piloting activities of the partners
- Summarise the state of play on key legal and ethical issues
- Help in the collection of legal / ethical inputs from DE4A project partners
- Reference relevant external (non-DE4A) legal inputs
Each of the sections below will provide a short summary of the main information, and links to subpages, reports, or external sources where more information can be found.
Prior legal and ethical outputs
Within DE4A, a substantial number of formal legal and ethical outputs have already been produced. These include reports that capture the state of play of the project and of EU level once-only legislation; but also analysis of known problems and challenges, and specific documents that aim to resolve these.
The main outputs produced thus far include:
- an initial overview of legal and ethical requirements, produced during the first 6 months of the project
- an initial report on legal and ethical recommendations and best practices, produced at the end of the first year, and comprising many of the inputs referenced on this legal/ethics subwiki
- the DE4A data protection impact assessment, identifying known and anticipated privacy challenges, and DE4A's mitigation challenges
- the DE4A Memorandum of Understanding, which governs the responsibilities that are assumed by piloting partners
Legal templates - disclaimers and privacy policies
The legal team in DE4A has provided legal templates for disclaimers and privacy policies. The disclaimer includes caveats on the legal outcomes of the piloting applications, and thus comes in two variants: one for non-operational piloting; and one for operational piloting. The privacy policy reflects the transparency requirements of the GDPR. Both types of documents require some form of customisation, and are intended to be integrated into the micro-sites for the pilots.
Currently, the following templates are available:
- the standard DE4A piloting disclaimer, intended to be used for non-operational piloting (with fake data; or with real data on non-operational systems). The key requirement for this disclaimer is that the piloting cannot have any impact on real persons.
- a modified DE4A piloting disclaimer for live piloting, intended to be used for piloting with real data on operational systems. The key requirement for this disclaimer is that the piloting can have an impact on real persons.
- a privacy policy for DE4A piloting - usable for operational and non-operational piloting cases.
- a privacy policy for the DE4A MA - deregistration process. It is intended specifically for that use case only, and should not be used elsewhere.
- a template to report on use case status, including to log/communicate legal issues.
Collection of feedback / inputs
Any feedback or input can be sent to the legal team leader, as the principal contact person for legal and ethical issues in DE4A.
Currently, there is no active call for feedback / input; but any concerns or suggestions may always be provided at your own initiative.
External (non-DE4A) legal and ethical inputs
The principal relevant external inputs include:
- the final Single Digital Gateway Regulation
- the most current draft Implementing Act
- the most current DPIA provided by the Commission
- the SDG Once-Only Collaborative Workspace (not accessible to the public)