Many of you will have noted the recent ruling by the Court of Justice of the European Union (CJEU), which decided that the Safe Harbour agreement, which was concerned with the transmission of personal data to the US, was invalid. Are there any implications of this for UK organisations joining ORCID through the Jisc national consortium, and using the data and services offered as part of that membership? The short answer is, no. As Laure Haak of ORCID notes:
Institutions as data controllers have a responsibility to ensure an adequate level of protection for the data they share with ORCID, and guidance from the UK Information Commissioner’s Office and European data protection authorities will be issued shortly. However, because researchers expressly opt in to ORCID’s privacy practices when they create an ORCID record, and because ORCID’s system does not collect or store personally sensitive information, it is very unlikely that the CJEU ruling changes how universities should engage with ORCID.