Oslo22 November 2007

What lessons for Biometric regulation may be learned from biobank regulation?

Graeme Laurie

Edinburgh Law SchoolDirector, AHRC Research Centre for Studies in

Intellectual Property & Technology Law

Biobank Regulation in the UK

UK Biobank: the Ethics & Governance Council

National DNA Database: Nuffield Council on Bioethics, Forensic Uses of Bioinformation (2007)

Biobank regulation in the UK

Why did attention to governance come about?

What problems and solutions proposed?

What lessons can be learned?

Which issues remain outstanding?

UK Biobank

Most ambitious longitudinal study in world

Relationship between genes and environment

Recruit 500,000 (40-69)

Blood and urine samples and questionnaire

Follow medical records throughout life

Permit future research access as broadly as possible

Protect participants and promises made the them

The “Regulation+” Experiment

Public concerns; public trust; project size

In parallel development of scientific protocol and Ethics and Governance Framework (EGF)

Establishment of independent Ethics and Governance Council to oversee UKB

U K B io bank E th ics and G ove rnance C o unc il

R elationships

U K B iobank Ltd

(U K charitable com pany)c o lla b o ra t in g w it h 2 2 u n iv e rs it ie s t h ro u g h 6

R e g io n a l C o lla b o ra t in g C e n t re s

E thics andGov ernance

C ouncil

Accountab le

F undsOversees and advises Accountab le

Accountab le

F unds (W T and M R C only)

FundersD e p a rt m e n t o f H e a lt h f o r E n g la n d a n d W a le s

M e d ic a l R e s e a rc h C o u n c ilS c o t t is h E xe c u t iv e

W e llc o m e T ru s tN o rt h W e s t D e v e lo p m e n t A g e n c y

Respective responsibilities

UK Biobank Ethics and Governance Framework

UK Biobank: Build a resource to support a diverse range of

health-related research for the public good Promote access to the resource within this aim Act as steward of the resource Protect participants' interests

Respective responsibilities

UK Biobank Ethics and Governance Framework

Ethics and Governance Council: Monitor and advise UKB on compliance with the

EGF Maintain independence of thought and action Speak about UKB not for UKB Protect participants' interests

Ethics and Governance Framework

Broad consent “to participate in UK Biobank” Lifetime commitment Confidentiality and security (but no control) Absolute right of withdrawal Re-consent required for access beyond the

purposes of UK Biobank (Access Policy)

Core questions for A&IP

1. Who should have access, who decides, and how?

2. How are scientific decisions taken which might require use of (depletable) samples?

3. What role might an Access Committee play? And what of an Ethics Council?

4. What IP policies or principles should guide use of the resource?

5. What might benefit sharing look like in practice?

Core principles and the EGF

Para 1.2.3 -

Participant privacy is of utmost important to UK Biobank and any requests for access to data in the resource will be subject to the most stringent security measures. Moreover, while the data in the UK Biobank resource are not depletable, the sample resource is finite and likely to be in considerable demand from academic and commercial groups in the UK and internationally. Consequently, privacy protection and efficient management of the samples to ensure that the greatest scientific value can be extracted from them are the two guiding principles that inform coordination of resource use.

More principles

Access is to be managed in order to: 

Protect participants, honour commitments made to them and act within the scope of their consents;

Ensure compliance with legal and regulatory requirements

Prioritise access to those parts of the resource that are limited in availability (i.e. samples that are depletable); 

Manage intellectual property rights in the resource and the results that flow from it.

Overarchingly...

Subject to these constraints, UK Biobank will encourage and provide access to the resource and the results that flow from it as widely and openly as possible in order to maximise its use and value for research.

This will include access for researchers from the academic, commercial, charity and public sectors, both in the UK and overseas.

Non-access

Para 1.2.5:

No identifiable individual’s test results will be provided to their doctors, their relatives or anyone else (e.g. employers or insurance companies). Nor will UK Biobank allow access to the resource by the police, security services or lawyers, unless forced to do so by the courts, and it will resist such access (in particular by seeking to be represented in all court applications).

Key elements of good governance

Clear purpose and justification for database Robust protection mechanisms Well-defined operational processes Independent oversight Transparency Accountability (cf- UKB and EGC)

UK National DNA Database

Largest DNA forensic database in world (p/c)

c.2 million samples to c.4million in last 3 years

Criminal detections at steady state of 20,000

“Recordable offences” - arrest is trigger for taking sample and indefinite storage

Requests for removal at police discretion

Suggestions to extend to “non-recordable” offences, e.f. dropping litter

Signs of function creep, e.g. Research

DNA Database: current situation

• Custodian Unit safeguards the integrity of the Database and develops policy

• The Database Strategy Board:– Home Office– Association of Chief Police Officers– Association of Police Authorities– Human Genetics Commission

• New Gov proposals: Ethics Group and Forensic Services Regulator

Proposed governance framework

Criticisms of Gov proposals

Lack of transparency

Issues of influence and control

Questions of independence

Concerns about accountability and trust

New Ethics Group

Remit and influence unclear

We recommend development of a ethics and governance framework on: remit relationship with Strategy Board responsibilities for reporting publicly and

handling complaints powers maintenance of independence

Removing DNA from the Database

Records are removed in ‘exceptional cases’ under discretion of Chief Constable

If current system of retaining DNA remains, we recommend: public guidelines on how to apply to have records

removed police to justify need for retention independent body to oversee requests

International exchange

EC wants direct, online access to DNA databases across Europe

The Prüm Treaty proposed for exchange of information across EU

We recommend: safeguards to protect sensitive information on the

UK DNA Database being shared with other countries

provisions in Prüm Treaty to ensure its operation is properly monitored

The future: new legislation?

Current legislation for forensic use of bioinformation is piecemeal

Need to think about future possibilities and challenges (eg – linkage to IDENT1)

We recommend: a statutory basis for the regulation of forensic

databases a greater commitment to openness and

transparency

Commonalities and differences

Role of consent and knowledge

Clarity of purpose

The risks of mission creep

Mechanisms for withdrawal

Provisions on access & sharing

What lessons?

Clear purpose and justification for database Robust protection mechanisms Well-defined operational processes Independent oversight Transparency Accountability

Outstanding issues

The role of the individual?

The roles of consent/knowledge/intrusion?

Future purposes of biometric collections?

Who will have access and from where?

Linkage of databases in the future?