New Research Brief Evaluates the Effectiveness of GDPR in Mitigating Risks Associated with the Distinctive Nature of Neurodata

21 January 2025

Advances in neurotechnology (NT) have driven the growing collection and processing of neurodata – data related to the structure and functioning of the human brain – across various societal domains. The development and use of NTs heavily depend on neurodata to ensure device functionality (e.g., neurofeedback monitors or brain-computer interfaces) and to enhance performance by refining AI algorithms integrated into these devices.

In our new Research Brief, ‘Neurodata: Navigating GDPR and AI Act Compliance in the Context of Neurotechnology’, Timo Istace highlights the delicate balance needed between leveraging neurodata for progress and protecting individual rights. He notes that ‘the indispensability of neurodata to fuelling progress in the sector needs to be balanced against the risks to individual users. Neurodata is a highly sensitive and personal form of data, akin to genetic data. Its combined features – including its informational richness (extending to cognitive processes), predictive potential, and risk of involuntary disclosure – warrant significant scrutiny to preserve individuals’ privacy, particularly mental privacy.’

Timo further explains, ‘Data protection regulations are crucial in addressing these concerns. The sensitive nature of neurodata raises questions around whether current regulatory frameworks offer adequate protection against incursions on mental privacy and the safeguarding of neurodata. While no supranational regulation specifically addresses neurodata, regional instruments like the EU’s General Data Protection Regulation (2018) provide a framework for assessing protection measures.’

This paper evaluates the effectiveness of the GDPR in mitigating risks associated with the distinctive nature of neurodata, with the goal of safeguarding neuroprivacy and mental privacy in the context of emerging NTs. It analyzes the scope and applicability of the GDPR, examines the challenges of ensuring robust protection during the collection, processing, storage, and transfer of neurodata, and considers how the recent EU AI Act might complement or reinforce GDPR safeguards.

MORE ON THIS THEMATIC AREA

GHRP in Davos News

AI and Human Rights in the Intelligent Age: GHRP in Davos

3 February 2025

The Geneva Human Rights Platform contributed to key discussions on AI, human rights, and sustainable digital governance at the World Economic Forum 2025.

Read more

GHRP EU News News

Bridging Geneva and Europe: advancing human rights in the digital age

2 June 2025

The Geneva Human Rights Platform has taken its work on strengthening the international human rights system to the heart of European policymaking.

Read more

Warzone Event

Advanced IHL Seminar for Academics and Policymakers

25-29 August 2025, 09:00-17:30

Co-hosted with the ICRC, this event aims to enhance the capacity of academics to teach and research international humanitarian law, while also equipping policymakers with an in-depth understanding of ongoing legal debates.

Read more

A general view of participants during of the 33nd ordinary session of the Human Rights Council. Training

The Universal Periodic Review and the UN Human Rights System: Raising the Bar on Accountability

10-14 November 2025

This training course will explore the origin and evolution of the Universal Periodic Review (UPR) and its functioning in Geneva and will focus on the nature of implementation of the UPR recommendations at the national level.

Read more

A session of the UN Human Rights Council Project

IHL Expert Pool

Started in January 2022

The IHL-EP works to strengthen the capacity of human rights mechanisms to incorporate IHL into their work in an efficacious and comprehensive manner. By so doing, it aims to address the normative and practical challenges that human rights bodies encounter when dealing with cases in which IHL applies.

Read more

Session of the UN Human Rights Committee Project

Treaty Body Review 2020 and Beyond

Started in January 2018

The Geneva Human Rights Platform contributes to this review process by providing expert input via different avenues, by facilitating dialogue on the review among various stakeholders, as well as by accompanying the development of a follow-up resolution to 68/268 in New York and in Geneva.

Read more

Cover of the 2023 Geneva Academy Annual Report Publication

Annual Report 2024

published on July 2025

Read more