New Research Brief Evaluates the Effectiveness of GDPR in Mitigating Risks Associated with the Distinctive Nature of Neurodata

21 January 2025

Advances in neurotechnology (NT) have driven the growing collection and processing of neurodata – data related to the structure and functioning of the human brain – across various societal domains. The development and use of NTs heavily depend on neurodata to ensure device functionality (e.g., neurofeedback monitors or brain-computer interfaces) and to enhance performance by refining AI algorithms integrated into these devices.

In our new Research Brief, ‘Neurodata: Navigating GDPR and AI Act Compliance in the Context of Neurotechnology’, Timo Istace highlights the delicate balance needed between leveraging neurodata for progress and protecting individual rights. He notes that ‘the indispensability of neurodata to fuelling progress in the sector needs to be balanced against the risks to individual users. Neurodata is a highly sensitive and personal form of data, akin to genetic data. Its combined features – including its informational richness (extending to cognitive processes), predictive potential, and risk of involuntary disclosure – warrant significant scrutiny to preserve individuals’ privacy, particularly mental privacy.’

Timo further explains, ‘Data protection regulations are crucial in addressing these concerns. The sensitive nature of neurodata raises questions around whether current regulatory frameworks offer adequate protection against incursions on mental privacy and the safeguarding of neurodata. While no supranational regulation specifically addresses neurodata, regional instruments like the EU’s General Data Protection Regulation (2018) provide a framework for assessing protection measures.’

This paper evaluates the effectiveness of the GDPR in mitigating risks associated with the distinctive nature of neurodata, with the goal of safeguarding neuroprivacy and mental privacy in the context of emerging NTs. It analyzes the scope and applicability of the GDPR, examines the challenges of ensuring robust protection during the collection, processing, storage, and transfer of neurodata, and considers how the recent EU AI Act might complement or reinforce GDPR safeguards.

MORE ON THIS THEMATIC AREA

neurotech image News

Research Brief Evaluates the Human Rights Implications of Neurotechnology in Therapeutic and Commercial Applications

27 March 2025

Our research brief, Neurotechnology and Human Rights: An Audit of Risks, Regulatory Challenges, and Opportunities, examines the human rights implications of neurotechnology in both therapeutic and commercial applications.

Read more

News

New Working Paper Explores AI for Human Rights and SDG Monitoring

30 January 2025

A new working paper, 'AI Decoded: Key Concepts and Applications of Artificial Intelligence for Human Rights and SDG Monitoring', has been published by the Geneva Human Rights Platform.

Read more

Warzone Event

Advanced IHL Seminar for Academics and Policymakers

25-29 August 2025, 09:00-17:30

Co-hosted with the ICRC, this event aims to enhance the capacity of academics to teach and research international humanitarian law, while also equipping policymakers with an in-depth understanding of ongoing legal debates.

Read more

Asian workers working at technology production factory with industrial machines Training

Business and Human Rights

19-23 May 2025

This training course will examine how the UN Guiding Principles on Business and Human Rights have been utilized to advance the concept of business respect for human rights throughout the UN system, the impact of the Guiding Principles on other international organizations, as well as the impact of standards and guidance developed by these different bodies.

Read more

Training

Human Rights and the Environment: Introducing Legal Regimes and Key Issues

1-8 September 2025

Participants in this training course will be introduced to the major international and regional instruments for the promotion of human rights, as well as international environmental law and its implementation and enforcement mechanisms.

Read more

surveillance image of people Project

Human Rights in a Digitalized World: Mapping Risk, Strengthening Regulation and Promoting the Development of International Human Rights Law

Started in August 2023

To unpack the challenges raised by artificial intelligence, this project will target two emerging and under-researched areas: digital military technologies and neurotechnology.

Read more

Crops view from the sky Project

The Right to Food in Europe

Started in December 2022

This research will provide legal expertise to a variety of stakeholders on the implementation of the right to food, and on the right to food as a legal basis for just transformation toward sustainable food systems in Europe. It will also identify lessons learned from the 2023 recognition of the right to food in the Constitution of the Canton of Geneva.  

Read more

Cover of the publication Publication

Briefing N° 25: Localizing Multilateralism

published on March 2025

Domenico Zipoli, Ludovica Chiussi Curzi, Kamelia Kemileva

Read more

Cover page of the working paper Publication

AI Decoded: Key Concepts and Applications of Artificial Intelligence for Human Rights and SDG Monitoring

published on January 2025

Milica Mirkovic, Jennifer Victoria Scurrell

Read more