On 25 May 2018, the new EU General Data Protection Regulation (GDPR) entered into force in Austria. The aim of the GDPR is to grant citizens more rights with regard to their personal data and thus to improve data protection. However, new laws and guidelines are initially very difficult to understand. Due to the nature of citizen science projects involved scientists are particularly affected by the new regulations for handling personal data (e.g. name, date of birth, address). To shed more light on this subject, the Citizen Science Network Austria, the University of Vienna, the Federal Ministry of Education, Science and Research and the Centre for Citizen Science organised an information event on the topic at the end of June.
The lecturer, DI Annmarie Hofer, who dealt intensively with GDPR in her master thesis, spoke about a number of legal aspects after clarifying the basic concepts such as "personal data", "pseudonymous and anonymous" or the different roles “contoller, processor and data protection officer”. She explained the different steps in a project, which requires e.g. clarification of responsibilities and of the types of data, as well as the data protection and consent declaration.
In the discussion with around 50 participants, it became clear that no general statements can be made on this sensitive topic and that each project must be considered individually against the background of the GDPR. In principle, however, it is always important to store and retrieve as little personal data as possible.
If you would like to work more intensively on this topic, you can participate in the working group for legal aspects of Österreich forscht. In this context, a catalogue of recommendations for general legal questions was also produced and can be downloaded from the website.