User Account

All Pages

Case study on legal aspects of Data Science

Assignment Help Computer Engineering
Reference no: EM133032199

CST4080 Legal, Ethical and Security Aspects of Data Science - Middlesex University

Assessment Brief - Case study on legal aspects of Data Science

CASE STUDY

Medix Research Ltd (MRL) is a medical research institution in the UK. They provide research services, market and sell various medical products and also treat patients. Some of their medical research include work in genomics which is the study of sequencing and analysis of genomes (that contain DNA and all the genes of an organism). Using data science tools, research scientists at MRL analyse genomic strands to search for irregularities and defects in them. They then try to identify connections between genetics and health of a person. One of the projects undertaken my MRL is the Cancer Genome Project (CGP), to identify genetic sequence variants and mutations relevant to the development of human cancers. Via the CGP project, MRL processes the personal data of thousands of patients including their age, sex, medical history and tumour pathology. Data science is also use to help in the diagnosis and treatment of patients. Patient data is usually stored in a database accessible by several hundred researchers employed by MRL. Other companies can access data from the CGP via a licence agreement attached at the end of this document.

Question 1: (Data Protection)

(a) At the start of its operations, MRL were advised to conduct a data protection impact assessment. An important aspect of a data protection impact assessment is the identification and assessment of the risks to the rights and freedoms of data subjects. Explain at least three different types of risks related to the processing activities of MRL.

(b) MRL wants to develop a new IT system to be used for their data science activities involving the extensive processing of personal data. They have been advised that any new IT system should comply with data protection by design and default. Citing legal authority advise MRL on what data protection by design and default means and give examples of the kind of measures that they can take to comply with this obligation.

(c) Citing relevant legal authority, advise MRL on their data protection obligations if they discover a cyber attack that resulted in an extensive data breach affecting thousands of identifiable medical records.

(d) Citing relevant legal authority, advise MRL on their legal obligations if issued with the following from the UK Information Commissioner:
(i) an information notice to provide a true account of any cyber attacks within the last year;
(ii) a request to inspect IT systems used to process personal data in order discharge an international obligation;
(iii) an information notice to produce communications that they had with their lawyers, in regard to any cyber attack.

Question 2: (Intellectual Property Rights) [24 marks]

In the context of Intellectual property law, advise MRL on the legality of undertaking the actions below. In your answers please cite relevant legal authority (legislation or case law).

(i) Six months ago, MRL entered secret talks with a French research institution to collaborate on a project. The French research institution showed MRL their secret blueprint to develop a new gene sequencing machine. Due to disagreements over financial issues MRL decided not to pursue the collaboration, however, they used information from the blueprint to develop their own gene sequencing machine.

(ii) An MRL researcher (David) interested in gene sequencing techniques photocopied an article (six pages) from a book on genetics (that he found in his colleague's office) so that he could read the article when relaxing at home.

(iii) An MRL researcher (Alan) who is a part-time student at a local university has access to a lot of data held in the university library. He downloaded 10GB of data from the university, to perform data mining to complete a commercial project for a client.

(iv) MRL recently produced a new food supplement, that is being marketed in a bottle similar to an existing bottle produced by a competitor. The design of the competitor's bottle is NOT registered as a trade mark, however, the competitor's bottle has been
well-known in the UK and popular for over 20 years.

(v) A researcher (Sarah) employed at MRL wrote a report based on various research experiments that she conducted at work over two years. Due to her hard work, she requested that her name should be published as part of the report. MRL published the report but did not include her name.

(vi) MRL recently imported a drug from a company located in a country, where the drug is manufactured without a licence from the UK pharmaceutical company who developed the drug.

Question 3: (Contract/Licencing)

Advise MRL on the legality of the actions taken by RECIPENTS (A1, A2, A3, A4) who are party to the licence agreement. Always reference specific sections of the licence agreement or legal authority (e.g., legislation or case law) to support your answers.

(a) RECIPENT A1 is a medical school in London. A1 wants to collaborate on a project with a research institute in Sweden. RECIPENT A1 has no formal relationship or contract with the institute in Sweden. After a telephone conversation, RECIPENT A1 gave the institute in Sweden access to the database for the purpose of deciding whether or not to take part in the project.

(b) RECIPENT A2 is a research hospital with a research department in London. A2 accessed the database to obtain data which was combined with other data to perform analyses. These analyses were used to develop new insights that led to the publication of a report on A2's website. The report generated widespread recognition and was used by the UK government in guiding certain healthcare policies. The report makes no reference to MRL and A2 claims ownership of copyright in the report.

(c) RECIPENT A3 is an independent research laboratory located in Germany. A3 conducts research for several medical institutions. Recently A3 used data from the database to conduct analyses for a client, which turned out to be incorrect (due to some errors in the database) resulting in the loss of a huge amount of money for the client. The client has contacted A3 to demand compensation in the amount of US$ 2 million. A3 in turn has brought legal action against MRL in the German courts stating that MRL's data was the incorrect and that MRL should bear responsibility for the loss.

(d) RECIPENT A4 is a medical centre in the UK which has a research department but also provides medical services to patients. A4 often uses data from the MRL database to train machine learning algorithms to develop predictive analyses for their patients. The MRL data is combined with other patient data to provide patients with specialised medical diagnosis regarding the risk of developing cancer in the future. As part of a study on survival rates of cancer patients, A4 also performs analyses with MRL data and other databases to determine the names of some of the data subjects in the MRL database. This data is useful is predicting the survival rates for their own patients.

Question 4: (Legal issues AI/Machine Learning)

Machine Learning (ML) algorithms are increasingly being used as part of decision-making processes in both the public and private sectors, with potentially significant consequences for individuals, organisations and societies. The governance of such algorithms (with social impacts) should include principles such as: Fairness, Transparency, Accountability, Explainability and Accuracy. Carry out individual research and for each principle, explain to MRL (i) the meaning of the principle and what it involves/entails and (ii) why it is important to MRL. In your answer cite any relevant legal authorities or sources of information used.

Attachment:- Ethical and Security Aspects of Data Science.rar

Reference no: EM133032199

Questions Cloud

Explain what a large mni means for a company : A large MNI could mean several things including more risk in evaluating a company's assets. Explain what a large MNI means for a company
Biblical prophecy : How would you respond to the claim that biblical prophecy could not be from God since prophecy is attested outside of and prior to the Bible?
What is the Residual Income for the Strata Division : The minimum required rate of return of is 14% for the Strata Division. What is the Residual Income for the Strata Division for 2021
Developing relationship with literature : You have had many opportunities for reflection, analysis, and consideration regarding how literature affects the world and you individually.
Case study on legal aspects of Data Science : Case study on legal aspects of Data Science Assessment - Advise MRL on the legality of undertaking the actions
Calculate the break-even point in units for bicycle helmets : The bicycle helmets are priced at $77 and have variable costs of $45 each. Calculate the break-even point in units for bicycle helmets
Security issues with hardware : Do you think there are security issues with hardware too, or software-based security (anti-malware, monitoring, etc.) is enough?
Calculate the margin of safety in terms of sales revenue : Margin of Safety Head-First Company plans to sell 4,830 bicycle helmets at $74 each in the coming year. Calculate the margin of safety in terms of sales revenue
Advertisements with strong nonverbal messages : Find at least two advertisements with strong nonverbal messages from newspapers, magazines and/or social media

Reviews

Write a Review

Computer Engineering Questions & Answers

  Mathematics in computing

Binary search tree, and postorder and preorder traversal Determine the shortest path in Graph

  Ict governance

ICT is defined as the term of Information and communication technologies, it is diverse set of technical tools and resources used by the government agencies to communicate and produce, circulate, store, and manage all information.

  Implementation of memory management

Assignment covers the following eight topics and explore the implementation of memory management, processes and threads.

  Realize business and organizational data storage

Realize business and organizational data storage and fast access times are much more important than they have ever been. Compare and contrast magnetic tapes, magnetic disks, optical discs

  What is the protocol overhead

What are the advantages of using a compiled language over an interpreted one? Under what circumstances would you select to use an interpreted language?

  Implementation of memory management

Paper describes about memory management. How memory is used in executing programs and its critical support for applications.

  Define open and closed loop control systems

Define open and closed loop cotrol systems.Explain difference between time varying and time invariant control system wth suitable example.

  Prepare a proposal to deploy windows server

Prepare a proposal to deploy Windows Server onto an existing network based on the provided scenario.

  Security policy document project

Analyze security requirements and develop a security policy

  Write a procedure that produces independent stack objects

Write a procedure (make-stack) that produces independent stack objects, using a message-passing style, e.g.

  Define a suitable functional unit

Define a suitable functional unit for a comparative study between two different types of paint.

  Calculate yield to maturity and bond prices

Calculate yield to maturity (YTM) and bond prices

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd