Regulating neural data processing in the age of BCIs: Ethical concerns and legal approaches

Abstract

Brain–computer interfaces (BCIs) have seen increasingly fast growth under the help from AI, algorithms, and cloud computing. While providing great benefits for both medical and educational purposes, BCIs involve processing of neural data which are uniquely sensitive due to their most intimate nature, posing unique risks and ethical concerns especially related to privacy and safe control of our neural data. In furtherance of human right protection such as mental privacy, data laws provide more detailed and enforceable rules for processing neural data which may balance the tension between privacy protection and need of the public for wellness promotion and scientific progress through data sharing. This article notes that most of the current data laws like GDPR have not covered neural data clearly, incapable of providing full protection in response to its specialty. The new legislative reforms in the U.S. states of Colorado and California made pioneering advances to incorporate neural data into data privacy laws. Yet regulatory gaps remain as such reforms have not provided special additional rules for neural data processing. Potential problems such as static consent, vague research exceptions, and loopholes in regulating non-personal neural data need to be further addressed. We recommend relevant improved measures taken through amending data laws or making special data acts.

Introduction

Brain–computer interface (BCI) technologies have developed at an increasingly rapid speed. The first human brain-chip implant was conducted in the beginning of 2024 by Neuralink. ¹ BCIs may help patients who are paralyzed or non-verbal to regain free movements and words communication, and have also rapidly expanded to the consumer sphere with educational and recreational applications. ²

BCIs collect and process data from our brain activities, termed as “neural data” or “brain data” interchangeably by a UNESCO report. ³ A broad definition for such data may be found in the OECD Recommendation on Neurotechnology (OECD Recommendations), which defined “personal brain data” as those relating to the functioning or structure of the human brain of an identified or identifiable individual that include unique information about their physiology, health, or mental states. ⁴ Particularly, “neural data” has been defined in a law for the first time in the newly amended data privacy act of the state of Colorado in the U.S., followed by California shortly afterwards. As the first two regulatory definitions for neural data, both the two acts interpret it with the key element of information generated by measuring activity of “central or peripheral nervous systems.” ^a Besides, a broader concept of “cognitive biometric data” is used by some experts referring to neural data as well as other data collected from a given individual or group of individuals through other biometric and biosensor data. ⁵ Despite the different terms used and angles of definition in different discussive backgrounds, we take an inclusive approach and use in this article the term “neural data” as covering those information generated from human nervous system or other cognitive system, so as to embrace different studies and legislations. But we emphasize that neural data of concerns may also involve non-personal data generated through inferences or analysis.

While providing great benefits for wellness and scientific progress, BCIs also raise significant concerns regarding challenges for privacy, integrity, and safety of our neural data. Studies have shown that such data may be used to infer visual content of mental processing, covert speech, or even reportedly to predict future tendency of carrying out certain acts (e.g., criminal tendency). ⁶ Warnings have been discussed about unauthorized access, ⁷ sensitive inferences and predictions about individual and group information, ⁸ motivation for purchasing, ⁹ and unwanted surveillance and manipulation. ⁵ Combined with other advancing technologies, the rapid development of artificial intelligence to decode and analyze neural data brings us closer to mind-reading in reality. ¹⁰

Such challenges and risks are not pure theoretical speculations, echoed by relevant attempts in business activities. It has been reported that Kernel, a multimillion-dollar company wants to “hack the human brain,” which is joined by Facebook wanting to develop a means of controlling devices directly with data derived from the brain. ^b The new launch of Neuralink has created more potential and uncertainties for the power of new-generation BCIs. ¹

In addition to fast-developing ethical considerations and proposals concerning right to mental privacy under human right context, ¹¹ regulatory response is equally important and possibly more immediate in addressing those new challenges. As a most relevant field to neural data, data protection laws such as the GDPR ¹² provide specific rules for regulating data processing, which might provide a mature legal basis for oversight of neural data exploitations. Under the category of sensitive data in GDPR, health data cover personal data related to physical or mental health, and biometric data relate to physical, physiological or behavioral characteristics of a person, which allow or confirm the unique identification of that person. Both two types of existing sensitive data may partially cover neural data. However, there have been various BCIs for recreational or educational purposes such as NeuroSky. ² They may generate neural data beyond the meaning of health data. Moreover, biometric data is only regulated as sensitive data conditioned upon “uniquely identifying” purposes, while BCI-generated neural data may constitute personal data yet without bearing those direct purposes. Accordingly, current regulatory approaches for classifying sensitive data represented by GDPR are not fully responsive to new data issues of BCIs. Neural data are “uniquely sensitive,”^5,6 posing unique risks which might not have been envisioned by conventional legal approaches in data laws. With most current data laws worldwide not yet mentioning neural data, it has been observed that existing information protection regimes are potentially insufficient for adequately safeguarding mental privacy, ¹³ and that “beyond GDPR” there are further BCI-related data concerns. ¹⁴

In this article, we elaborate on the specific legal approaches concerning neural data protection in furtherance of existing proposed solutions focusing on ethical and human right dimensions. We propose that data laws might be the most suitable and enforceable legal system to efficiently regulate neural data processing, with needs to reform certain aspects taking full account of specialty of neural data and BCIs. We begin with analyzing new functions of BCIs and their impact on neural data. Then, we explore the specialty of neural data and summarize main ethical concerns widely discussed, finding the core role of data laws to realize and implement proposed ethical guidelines. Under that premise, we review current regulatory systems and legislative reforms, especially including those of the two U.S. states of Colorado and California specifically covering neural data. We then analyze existing legal approaches, especially potential problems not yet solved considering the special features of neural data and BCI applications. Finally, we raise recommendations in response to relevant regulatory gaps we identified.

Impact of BCI technologies on neural data

BCIs can be invasive (chip implanted in brain) or non-invasive (wearable device such as a helmet). ² They have the functions of both “reading-out” through an “electroencephalogram” (EEG) and “functional magnetic resonance imaging” (fMRI) and “writing-in” through electrical or optical stimulation; reading out BCIs may decode brain signals using algorithms and formulate specific inferences about the user's brain activities or thoughts, individually or in combination. ¹⁵

Both invasive and non-invasive BCIs may access and decode mental processing, ² thus capable of analyzing neural data. Due to the intense activity 24/7 of the brain, neurotechnology may collect many types of neurodata. ¹⁶ With a neuroscientist noting that AI and machine-learning algorithms “turbocharged the whole field,” BCIs may at least partially realize the ever-long fantasy about “mind reading” and even “changing minds.” ¹⁷ Examples include a study that demonstrated speech decoding from neural data from the sensorimotor cortex using deep-learning models and EEG technology and decoded words in reconstructed speech with 92%–100% accuracy, as well as a study where researchers decode a Pink Floyd song which participants were listening to by analyzing their neural activity with generative AI. ² Moreover, a study using fMRI scans of deep neural networks to reconstruct mental images from brain activity achieved accuracies of 90% for seen images and 75% for imagined images. ²

On the one hand, BCIs development create great benefits for treatment of neurological illnesses, as well as new application scenarios for educational and recreational purposes. On the other hand, it brings about unprecedented and uncertain challenges and risks for the integrity and privacy of neural data. Neural data may be used to infer not only individuals’ physical health but also the mental state, including problem-solving, reasoning, decision-making, memory retrieval, perception, and emotions. ¹⁶ Using decoding techniques especially algorithms, BCIs may further “read” the brain data generated, deducing alterations in intentions, behaviors, and cognitive states. ¹⁵ Experimental results suggested that the extraction of specific PIN codes from EEG signals is theoretically feasible for some users and PINs. ¹⁸

Particularly with the ever-advancing BCI technologies, novel spywares and cyberattacks are more likely to be explored against neural data. It is possible to design malicious applications with which EEG signals collected for gaming can be used to reveal other types of correlations, such as medical or political ones. ¹³ Security vulnerabilities have been identified through the new micron-scale BCI, where scientists experimentally simulated two types of neuronal cyberattacks, respectively neuronal flooding (FLO) and neuronal scanning (SCA), and found that both cyberattacks are adequate to affect neuronal activity, with FLO being more effective in immediate terms and SCA in the long term. ¹⁹

Ethical concerns for the uniquely sensitive neural data and legal approaches in response

From ethical perspectives especially including human dignity, self-determination, and privacy, neural data exhibit unique characteristics which do not appear to be mirrored by conventional forms of data. Researchers have argued that neuroscience data are particularly more sensitive than are other personal or health data due to their intimate nature. ⁶ First, neural data touch on the “locus internus,” ⁸ or the most private sphere of human mind. Being the “last refuge” of freedom and self-determination, our minds along with thoughts, beliefs, and convictions, are “fortresses” largely beyond external constraint, in contrast with body which is easily subject to domination and control. ²⁰ Neural data are more proximal to personhood compared with other data, and may unveil one's “subconscious tendencies and biases” not filtered through executive control. ⁷ They closely reflect who we are, thus even considered to have philosophical relevance and moral importance to one's identity. ²⁰

Second, neural data are multidimensional. They concern both mind integrity and psychological integrity. ²¹ As introduced above, neural data may even help infer behavioral data predicting future actions tendency. Third, neural data are variable and fragile. It is still unclear regarding the construction of the brain–body–mind relationship. ²² BCI-generated data may manifest our unknowingly or unintentionally revealed thoughts, emotions and even personality. They may provide insight into an individual which might even be unknown to or out of control of the individual. ²³ BCIs may even generate ability to control one's thoughts and lead to manipulation of one's sense of agency or personal identity.^7,24

Even compared with other types of sensitive data such as genetic data or biometric data, neural data involve particularity. Genetic data, fingerprint, and other biometric data tell about external individuals such as what we look like, while neural data tell about internal individuals such as what we are thinking. ²⁵ Just as a scholar argues, “I already don’t want my employer or insurance company to know my genome. As to my brainome, I don’t want anyone to know it for any purpose whatsoever. It is … my most intimate identity.” ²⁶

Ethical considerations related to the uniquely sensitive neural data have long developed, with the growing concerns for BCIs among brain technologies. ²⁷ They originated from concerns of neurotechnology generally, covering a wide spectrum of aspects identified by a thematic analysis as amounting to 24 issues ranging from accountability to trust. ²⁸ Back in 1993, the UNESCO had founded an International Bioethics Committee (IBC), which started exploring ethics in neuroscience. ²⁹ The International Neuroethics Society (INS), formed by multidisciplinary experts indicates that neuroethics involves ethical concerns well beyond bioethics. ^c The IBC issued a special report for ethical issues of neurotechnology in 2021, recognizing most important ethical principles such as mental integrity and human dignity, personal identity and psychological continuity, autonomy, and mental privacy. ³ An Ad Hoc Expert Group (AHEG) was further constituted by the UNESCO Director-General to draft a “Recommendation on the ethics of Neurotechnology,” and a first draft version (UNESCO Recommendation Draft) was issued in 2024. ³⁰

Among broad neuroethical concerns for both physical and mental aspects, mental privacy may be said as the special priority in respect of BCI-generated data, as privacy is the foundation for data protection. Ethical concerns about privacy and unauthorized access of neurotechnologies are pressing, especially with their putative capacity. ³¹ The IBC ethics report dedicated a special section on BCIs and raised data risks under the notion of “mental privacy,” summarizing “mind reading” as a risk for mental privacy, where data may be unexpectedly detected, and access to neural data by third parties may have consequences. ³ As consumer neurotechnology gains steam, ensuring that privacy standards are acceptable remains a challenge. ¹⁷

The ethical research and guidelines for neural data, or neuroethics related to privacy, play an important role as an ethical basis for regulating neural data processing. Protecting data subjects’ interests requires the identification of sufficient ethical considerations for privacy, including the value of individual data ownership, the extent and degree of uniqueness of neural data as discussed above, balancing interests of neurotechnology companies involving difficulties in anonymization, strengthened cybersecurity measures, etc.

Nonetheless, neural data under BCI technologies take the form of generated and analyzed data, where data protection, or vis-à-vis, regulating of its processing, is a regulatory system beyond mental privacy as a fundamental human right. The INS mentioned brain data protection as one of the main aspects where neuroethics differ from bioethics.^b Multiple studies covering mental privacy have also actually focused on legal rules related to neural data processing.^15,24,28 Moreover, ethical guidelines set up values and principles, while further implementation with a binding force is still needed through regulatory systems for data processing. As noted by social scientists, ethics “shape laws” while laws “complement” it. ³² Some scholars have been skeptical that ethical self-regulation of neurotech firms will seriously ever put the brakes on mind-reading devices, when there is so much lucrative personal data to harvest. ³³ We believe that ethical principles are important for the governance foundation of neural data, while they need to be further addressed by specific legal approaches in the form of regulatory systems for data processing. Further to those ethical concerns expressed about relevant mental privacy risks, the regulation of neural data processing through corresponding legal approaches addressing those concerns in response is distinct and indispensable. Therefore, we will mainly review regulatory approaches involving neural data in the form of data laws. Considering the analysis about particularity of neural data, we hold that in evaluating such regulatory approaches for addressing relevant new ethical concerns, neural data should be treated as “uniquely” or “highly sensitive” as identified by the IBC report, ³ even compared with conventional types of sensitive data such as biometric data.

The status quo: Existing regulatory approaches and recent legislative reforms

Neural data are “inherently identifiable,” ⁶ thus being highly likely to constitute personal data. Under GDPR and the recent case standards of the Court of Justice of the European Union (CJEU) in Nowak ³⁴ and Breyer, ³⁵ personal data cover any information with the capability of a “link” with the person. Such an “expansive” approach means that even passive BCIs like EMOTIV's MN8 only monitoring certain brain activities might be seen in analogy with the case of Nowak and involve personal data processing. ¹⁴

Typical personal data laws and relevant reforms for neural data

Following the comprehensive data protection/regulation rules of GDPR treated as the “gold standard,” ³⁶ typical personal data protection laws have been developed in major economies, including the Personal Information Protection Law (PIPL) in China. ³⁷ The United States has not yet established a federal personal data law yet has provided a legal system of HIPAA for health data as early as 1996. ³⁸ Moreover, typical state data privacy statutes were launched with standards corresponding to GDPR, such as the California Consumer Privacy Act (CCPA) as amended in 2020 (CPRA). ³⁹ However, none of the typical data laws passed before 2024 had clear coverage of neural data per se. Meanwhile, most data laws have a special category of sensitive data under stricter protective rules, especially involving health data and biometric data which may partially cover neural data.

As an important breakthrough, the U.S. state of Colorado amended the Colorado Privacy Act (CPA) in 2024 ⁴⁰ and became the first comprehensive data law worldwide to explicitly protect neural data. ^d Shortly afterwards, California also made a new amendment to CCPA, similarly bringing neural data under its regulatory scope. ⁴¹

As demonstrated in Table 1, both the two newly amended data laws clearly listed neural data under the category of sensitive data as a subject matter with specific definitions. The CPA places neural data under “biological data,” being subject to a limited scope of only those “for identification purposes.” In comparison, the new CCPA does not have such a precondition. Notably, both of the recent amendments for CPA and CCPA took place shortly after their last revisions, which may reflect their recognition of the urgent need for protecting neural data independently.

Table 1.

Typical personal data laws and legislative reforms involving neural data.

Personal data laws	Neural data listed under sensitive data	Neural data listed under a broader category	Health and biometric data covered under sensitive data	Biometric data conditioned upon identifying purpose
Typical data laws before 2024
EU: GDPR adopted in 2016	No	No	Yes	Yes
USA: CCPA as amended by CPRA 2020	No	No	Yes	Yes
China: PIPL adopted in 2021	No	No	Yes	Yes
Reformed data laws since 2024
USA: CPA as amended in 2024	Yes. With clear definition	Yes. As a subcategory of biological data, with precondition of “identification purposes”	Yes	Yes
USA: CCPA as amended in 2024	Yes. With clear definition	No	Yes	Yes

With more sophisticated regulatory approaches, Minnesota introduced a new bill (Minnesota Neurodata Bill) providing additional protection for neural data. ⁴² China has not clearly added neural data in the PIPL, but recently issued an ethical guideline specially for BCI research, encompassing data use. Although being departmental rules, it has certain binding effect linked with regulations about biological and medical research related to human beings. ⁴³ The U.S. Food and Drug Administration (FDA) also issued a guidance for implanted BCI devices. But it is limited to devices under the scope of medical purposes and does not focus on data processing. Importantly, it only comprises “nonbinding recommendations.” ⁴⁴ In Table 2, we summarize the typical approaches in reformed data laws and regulatory systems, including the newly passed AI Act of EU. ⁴⁵ Although the newly reformed CPA and CCPA clearly added neural data under protection, they have not provided any specific rules accommodating the special features of such data. On the contrary, some other new regulatory systems impose additional regulatory rules related to neural data.

Table 2.

Reformed data laws and new regulatory guidelines protecting neural data.

Regulatory approaches for neural data	Affirmative protection and definition	Special rules regulating neural data processing
USA: CPA (2024)	Yes. Based on measurement of activity of central or peripheral nervous system linked with a device	No
USA: CCPA (2024)	Yes. Based on measuring activity of a central or peripheral nervous system, not inferred from nonneural information	No
USA: Minnesota Neurodata Bill (2023)	Affirmative protection: Yes. Specific definition: No (With definition for BCIs).	1. An independent notice required for each time of BCI connection, covering information about: (1) type of uses; (2) third parties to be shared with. 2. A separate consent for each use and third party shared with, using a separate consent form. – Sec.2, Subd. 3.
EU: AI Act (2024)	No	1. Emotion recognition system: AI system for the purpose of identifying or inferring emotions or intentions of natural persons on the basis of their biometric data. 2. Prohibited AI practices: AI systems to infer emotions of a natural person in the areas of workplace and education institutions, except for medical or safety reasons. 3. High-risk AI system: emotion recognition AI other than those prohibited is subject to risk management and monitoring measures. – Art. 5.1 (f), 6 (2).
China: Ethical Guideline for BCI Research (2023)	Affirmative protection: Yes. Specific definition: No (With definition for BCIs).	1. Mandatory ethical review: limited to BCI research with clinical research purposes. 2. Special Ethical review procedure: Scope of neural data collected and authorized access subject to review by an Ethics Committee. – Art.4.4 3. New consent for participation required where new circumstances are discovered involving risky information or possibly influencing the participant's will. – Art.4.3

The Minnesota Neurodata Bill is probably the first legislative attempt of its kind to provide specific rules protecting neural data in addition to incorporating it into sensitive data. China's ethical frameworks specially for neural data is also special in this regard, especially with similar emphasis on consent and pre-examined scope of use purposes, yet with a limited scope only applicable to research activities. EU's AI Act indirectly covers neural data through regulating “emotion recognition system,” but it is based on biometric data defined with condition on “identification” of natural persons.

Specifically, processing involving third-party sharing and further repurposing are extremely influential on neural data. Existing data laws like those of the EU, the United States, and China have provided certain special rules in that regard, while each embodying different approaches.

As shown in Table 3, the GDPR sets an “opt-in” right of consent for processing of any data including sensitive data, with “processing” embracing third-party sharing. It does not require a new consent regarding even sensitive data sharing, yet providing informing obligations and corresponding right to opt out through withdrawal of consent or erasure. Sharply in comparison, China's PIPL asks for a separate consent for any third-party sharing, as well as for any type of processing of sensitive data. The CCPA is somehow in between the previous two approaches. As most American privacy laws do not require consent as a general lawful basis, there is a presumption that personal data may be used or disclosed unless a specific rule forbids it. ⁴⁶ But the CCPA provides strengthened opt-out right to limit use or disclosure of sensitive data only to rather limited scenarios like necessary technical support or maintenance. As for repurposing of data processing, the GDPR only prohibits “incompatibility” for further processing while China's PIPL asks for a new consent for any “changed” purpose. Both the GDPR and CCPA set up research as exception, while the PIPL has no research exception for any data processing. While GDPR imposes it specially on sensitive data processing without specific definition, the CCPA uses a restrictive approach to confine types of research exceptions as well as providing a specific definition for research.

Table 3.

Consent and exceptions in respect of sharing and repurposing.

Data laws	Consent as lawful basis for third-party sharing	Consent for repurposing	Research and other flexible exceptions to consent	Special protection for sensitive data
GDPR (2016)	Yes. 1. Opt-in model at initial collection. – Art.6 2. No requirement for additional or separate consent specially for third-party sharing. 3. Requirement for informing obligations for third-party sharing, coupled with opt-out right to withdraw consent and right to erasure. –Art.7.3, 14, 17.	New consent not required unless with further processing “incompatible” with initial collecting purposes (purpose limitation). – Art.5.1 (b)	1. Two set of exceptions (to consent/prohibition): (1) Non-sensitive data: “contractual necessity,” “legitimate interests,” etc., not including research. (2) Sensitive data: research is exception to general prohibition or explicit consent, subject to flexible safeguards like pseudonymization. Contractual necessity and legitimate interests are not included. –Art.6 (b) (f), 9.2, 89.2 2. Research purpose is exception to “purpose limitation,” not constituting “incompatibility” – Art.5.1 (b). 3. No definition for research.	1. Opt-in right with additional requirement for consent to be “explicit.” – Art. 9.1 2. More specially limited set of exceptions.
CCPA (2024)	No. 1. Limited opt-out model: consumer's right to prohibit sale/sharing upon processor's obligation to notice and to provide “Do Not Sell or Share” weblink. – Sec.1798.120 2. Processing other than sale/sharing is still permitted, unless for sensitive data, or through general right to delete. – Sec. 1798.105	Prohibiting additional purposes “incompatible” with initial collection purposes. – Sec.1798.100	1. Medical or health information under regulations like HIPAA; 2. Clinical trial and biomedical research conforming to good practices, otherwise requiring a separate consent. – Sec.1798.145 3. Clear definition for research: limited to those contributing to public or scientific knowledge, with public interests or operational purposes under additional security control. – Sec.1798.140	Strengthened opt-out right: right to limit disclosure to those necessary for providing services or goods, reasonably expected by an average consumer, in order to perform limited tasks of security, transient use or maintenance– Sec.1798.121, 135
PIPL (2021)	Yes. Additional opt-in right for third-party sharing, with a separate consent required. – Art. 23	Renewed consent required for any “changed” purposes. – Art.14.2	No. 1. One set of exceptions for any data, including contractual necessity. 2. Research is not exception either generally or specially for sensitive data. – Art. 13.2	Separate consent required for any processing of sensitive data. –Art.29

Non-personal data regulations

Another type of data in addition to personal data should not be neglected, involving non-personal neural data which do not contain personal data or have been anonymized in a way not linkable to any individual. The EU has set up preliminary frameworks for non-personal data. Firstly, the Data Governance Act (DGA) adopted in 2022 regulates the use and sharing of “public-sector” held data of both personal and non-personal nature. ⁴⁷ Secondly, EU issued a proposed Regulation on European Health Data Space (the EHDS Proposal), which aims at promoting sharing of personal and non-personal health data. ⁴⁸ The DGA empowers legislative acts to deem certain non-personal data categories to be “highly sensitive,” and imposes requirements and conditions for international transfer of such data. The EHDS Proposal further quoted DGA to pose requirements on international transfer of non-personal health data, especially concerning risk of re-identification.

Taking a stronger approach, China passed a Data Security Law in 2021, which covers “important data” referring to certain non-personal data held by not only public bodies but also enterprises, the leak of which would cause potential injuries to national or public interests. A “Catalogue for Important Data” is delegated to list types of important data, and cross-border transfer of such data is subject to security review by competent authorities. ⁴⁹ Although this general catalogue has not been issued due to extreme complexity of identifying types of important data, there have been sectoral regulations in the field of automobile data, indicating such data as covering military geographical locations, operation of electricity charging network as important data. ⁵⁰ As a countervailing balance, the implementing regulation newly issued in 2024 for the Data Security Law prevents a vague interpretation for important data and makes clear that enterprises are not obligated to do self-assessment about whether they are holding such data, thus not bound to apply for a security review unless the data held is within the catalogue or is informed by competent authorities to be of concerns. ⁵¹

Special implications of reformed data laws as compared with the newly proposed “neuroright”

Among the increasing number of regulatory reforms involving neural data which emerged recently, those in the United States have highly important and special implications. Firstly, they are all designed within more enforceable data law frameworks specializing on data regulation in comparison with sectoral rules that usually lack comprehensive measures for data issues. For example, the new prohibited acts for emotion recognition system in the EU AI Act are limited to scenarios of workplace and education institutions. Secondly, two of them have shaped into effective laws in furtherance to ethical guidelines or neurorights which substantially stay at the stage of proposals. An industry report also indicates that policy makers should draft not only standards and best practices but also pragmatic regulations which are neurotechnology specific. ⁵² It is especially necessary to note the special meaning of data law framework and its reforms in comparison with another legal approach in parallel, namely the newly proposed neuroright embracing the proposed right to mental privacy which also closely relates to neural data. ²⁰

As a practice reflecting the spirit of neuroright (but not exactly identical), Chile became the first country to add protection related to neural system by amending its constitution in 2021, which requires that technological development respect mental integrity and that the law must protect brain activity and information related to it. ⁵³ In the case Girardi v. Emotiv Inc, the Chilean Supreme Court referred to that constitutional amendment and held that the State is expected to act “in order to prevent possible effects of new technologies, directly protecting human integrity including privacy and confidentiality.” It thus ordered that the defendant company delete the plaintiff's brain information from its database, and that the product be assessed by relevant authorities before its commercialization. Nonetheless, the plaintiff's claim for the defendant to modify its privacy policies before selling the product was not wholly supported. ⁵⁴ The “Emotiv case” still leaves many important issues unresolved. It only provides protection in principle for fundamental right of mental integrity, not treating specifically issues of data processing. Since neural data is a form of data in addition to fundamental rights, that neuroright-type protection is not yet ready for specific implementing rules, especially those relating to requirements about scope and types of protected neural data, consent for data collection/sharing, and justified exceptions. Consequently, such an approach cannot provide specific data obligations for neurotechnology businesses, particularly unable to regulate their privacy policies which are crucial for protecting neural data. The failure of the Chilean supreme court to rule about the privacy policy issue also reflects the limitation of such protection through human rights or similar fundamental rights.

In contrast, reformed data laws like the CPA and CCPA provide a more suitable legal approach to achieve those regulatory tasks which are left blank by the “Emotiv case.” BCI-generated data involve protection of data rights on the one hand and legitimate data use for public interests on the other hand. Relevant policies should balance the promotion of technological innovation with the imperative to protect mental privacy. ³⁰ This demands sophisticatedly enforceable rules regulating specific aspects of neural data processing as an extension to fundamental human rights, including those measures for control for data sharing and justified exceptions ensuring the above-mentioned balance. As observed, the new human right needs to be introduced through international negotiations, and consensus is not easy to achieve. ⁵⁵ The legislative reform regarding current rights could be a better solution. ⁵⁶ Brain data protection under the new risks may fit within existing legal privacy frameworks such as GDPR, where we can better conceptualize the new risks by applying the latest theories in information privacy. ⁵⁷

Taking account of that important background, the new reforms of CPA and CCPA create an important breakthrough. Being the first two data laws worldwide specifically incorporating neural data as an independent subcategory under data regulatory frameworks, they employ the data privacy rules to protect neural data specifically. Although neural data may have been considered by some in past practices as falling under certain type of existing data, the newly reformed data laws like CPA and CCPA move forward by clearly categorizing it as sensitive data. Notwithstanding the variations between CPA and CCPA regarding sensitive data, they both set stricter requirements for processing such data. A higher standard of “opt-in” ⁴⁰ or strengthened “opt-out” right ³⁹ is required for sensitive data compared with those general “opt-out” right for general data. Besides, the CCPA imposes a more rigid limit on use/disclosure and opt-out preference choices for sensitive data, ³⁹ while the CPA requires the controller to specially conduct a data protection assessment for sensitive data. ⁴⁰

Such regulatory reforms may produce deep influences for neurotechnology companies, as neurotechnology companies in Colorado and California will need to switch their business model and especially their privacy policies which did not treat neural data specially to those recognizing the sensitive status of neural data. According to a report surveying privacy policy of 30 companies prior to the reformed data laws, there is enormous ambiguity regarding whether companies consider neural data even as a form of personal data. Furthermore, their data collection and storage practices are ambiguous, and almost all of the companies can share data with third parties, with the extent to which they can sell data being unclear. ² With the two reformed data laws taking effect, BCI businesses operating in the two states will have to change their data processing practices to treat neural data specifically as sensitive data, as well as to meet those corresponding special requirements. This will particularly involve modifying their privacy policies so as to specifically provide special procedures of data collection and sharing for neural data, an area not addressed by the “Emotive case” in Chile. Those problems regarding neural data in current privacy policy and data practices of BCI companies will at least partially be ameliorated.

However, from a view of precaution, the effects of the reformed CPA and CCPA may still be limited. Neural data has unique features and associated risks even compared with other types of sensitive data as discussed earlier. Custom-made regulations not relying on shoehorning brain data into preexisting terms within privacy protection regimes are needed, and new legislation like the CPA highlights the “emerging necessity” for more explicit guidance in privacy laws regarding neural data. ¹³ The CPA and CCPA reforms only stop at bringing neural data under the category sensitive data. Beyond those broadly applicable requirements for all types of sensitive data as a whole, there are no further special rules considering those unique features and risks related to neural data. Thus, the current data law reform approaches may need further development to add strengthened requirements such as those about consent, dynamic disclosure, and security measures, which are responsive to the specialty of neural data as well as new challenges associated with BCIs. In this regard, the Minnesota Neurodata Bill might represent a more revolutionary and precautionary effort than the approaches taken by CPA and CCPA. It is “unique” in that it requires additional measures such as an independent notice and a separate consent for “each use” and each “third party shared with.” ⁴²

Issues with current regulatory approaches: Potential problems considering challenges from BCI applications

Except for the two newly amended data laws of CPA and CCPA, the GDPR and most existing data laws have not covered neural data as an independent type. Even the new CPA and CCPA have not gone further by adding any new special rules considering the special features of neural data. The fast-growing BCI technologies may incur new types of data risks and thus require further regulatory approaches in response from a data regulation perspective. A study expressly asked whether the level of strong protection of medical data is sufficient, demanding that intimate brain data should enjoy stronger protection. ¹⁴ Consistently, some scholars have urged creating legislation specifically designed to protect neural information privacy. ¹³ Accordingly, potential problems of existing legal approaches need to be further explored specifically.

Incomplete coverage for non-medical or non-identifying BCI-generated data

Due to the lack of neural data listed independently in most existing data laws, the complete coverage for neural data is limited despite possible existing types that may partially encompass it. Although health data as a type of sensitive data might partially cover neural data, some are generated in a non-medical context. If brain data stems from consumer neurotech and recordings of the type envisioned by Facebook, Kernel, and Neuralink, the data might seem not to constitute “health data.” ¹⁴ Existing data laws including the HIPAA may not fully apply to data collected outside traditional medical or healthcare contexts. ⁵ Importantly, there have been strict or heightened requirements for medical devices and health privacy. ² However, the recreational and educational BCIs may evade such heightened requirements while they face risks equal to medical BCIs in respect of generating neural data.

As for biometric data as another type of existing sensitive data, current data laws including the new CCPA were framed upon ability to identify an individual based on biometric data, leaving “biometric psychography” and accompanying inferences produced through BCIs potentially not to be interpreted as covered under these laws.⁵² More generally, the CPA's coverage of neural data itself is subject to a limitation of “identification purposes,” commented as “significantly limiting the protections.” ⁵ Even though the new AI Act touches novel regulatory considerations for “emotion recognition,” it is still limited to the “identification” premise of biometric data, and the main measures are limited to specified non-medical scenarios of workplace and education. ⁴⁵ More lenient measures for other high-risk emotion-related AI appear not to extend to the “decoding of non-affective” mental states such as cognitive and conative states. ⁵

Static consent for repurposing and third-party sharing

Although the GDPR has an additional requirement of “explicit” consent specially for sensitive data, it still concerns more about the formality of expressing a consent. The risks for neural data generated by BCIs firstly concern more of the uncertain future uses or the repurposing of processing such data. Health applications may process data for training AI algorithms, ⁵⁸ where app users may not realize that they have given an ambiguous consent to such repurposing. ⁵⁹ As noted, just a “subset” among the large amount of brain data generated by BCIs is directly relevant for operating the devices, with a remainder of “data exhaust,” and the data superfluous to the specific purpose could simply “bypass” the GDPR. ¹⁴

Existing data laws usually do not clearly exclude flexible and broadly inclusive statements about purposes for processing. Although the GDPR has requirements about “freely given” consent based on specified purposes, ¹² the consent is still given in a static and “once for all” manner. As the bill newly amending CPA expressly states in its legislative declaration, neural data collection always involves “involuntary disclosure,” and even if individuals consent to processing for a narrow use, they are unlikely to be fully aware of the content or quantity of the information, or to understand the extent to which their neural data can be decoded in the future; the information collected may even cover those the individual did not know existed. ⁴⁰ It has also been asked earlier, “how a static agreement could account for an open future of possibilities is very unclear.” ¹⁴ This issue is particularly prominent in the context of medical purposes where neurologically hampered individuals face more troubles in understanding the informed purposes on a one-time basis, not to mention the complexly repurposed processing regarding potentially broadened purposes during the complicated BCIs operations. The OECD Recommendation on neurotechnologies also asks for “clear information” about the potential use of personal brain data, as well as consideration of “special cases of limited decision-making capacity.”⁴

The “purpose limitation” under some data laws like GDPR and CCPA might intensify such challenges, with their broad limitation on further purposes only preventing “incompatibility” and thus likely to tolerate a broad scope of repurposing if only not being viewed as incompatible by data controllers. For example, collecting data to optimize the functioning of the device may not be treated as being “incompatible” with the initial purposes, and implicit in the software agreement might be the acceptance of measures to optimize the device, which includes subsequent processing of data amounting to a repurposing. ¹⁴ In the context of BCIs, purpose limitation requirement may be “exceptionally difficult” to implement, and much information beyond the “intended purpose” might be processed “collaterally” with the targeted information under original purpose, without data subjects’ knowledge. ⁶⁰ Such an approach leaves possibilities for vague interpretation or even abuses by data controllers engaging in repurposing without a new consent.

The repurposing problems become more complex when concerning further third-party sharing based on a broad initial consent. Earlier surveys in the United States suggest that the disclosure and trading of personal information are the main topic of internet users’ concern. ⁶¹ Problems are also clearly identified about current practices in pre-checked boxes and assumed consent signed up for use by third parties. ⁶² Especially with the assistance of AI, neural data may result in information disclosures to unintended parties. ⁶³ In the survey for privacy policy of 30 neurotechnology companies, a controversial case was reported where a primary school allegedly used brain-tracking headsets of a company to monitor the concentration levels of students. The data were transferred to the company's server and relevant teachers, yet without providing to the parents. Despite the company's denial about the allegation, the relevant program was suspended after a report in the media about it. ² Although it is still unconfirmed whether the device actually had the function of brain monitoring, the concerns about the third-party sharing are worth noting. It is problematic if such sharing exceeds the presumed scope of an initial consent usually obtained through a pre-set agreement. Even under data laws like the CCPA which provides data subjects with a claim not to sell personal data, it does not preclude companies from using that data to target users with advertisements. ⁵ Considering the above-mentioned risks in repurposing as well as vague room in purpose limitation, data subjects further lack efficient means to continuously monitor the unintended data sharing.

Nonetheless, even the newly amended CPA and CCPA which pioneeringly incorporated neural data into the category of sensitive data have not provided any further measures considering those risks uniquely associated with repurposing and sharing of neural data. The lack of special considerations in current legal approaches and relatively passive status of BCI users, combined with the fast-developing feature of neurotechnologies, pose potentially increasing risks for neural data subjects and further obstruct individuals’ ability to notice and remedy possible neglections through such rights as the “right to erasure” and “right to withdraw” which has no retroactive effect. ¹²

The strict approach of the PIPL might be of relevance to addressing such problems, whereas it requires a separate consent for processing any type of sensitive data as well as for each third-party sharing. But it applies a new consent for all types of sensitive data in an over-restrictive way, and has not taken any special considerations for neural data processing. The Minnesota Neurodata Bill further echoed such considerations, with stronger requirement of a separate consent for each use and third party. ⁴² However, it is still unclear whether the “each use” refers to one type of uses of the same nature or exactly the actual use at each time. Besides, the bill has not seen any further progress, subject to uncertain changes.

Broad and vague research exception

The GDPR and similar data laws sets various exceptions to the general prohibition on processing sensitive data. Among them, scientific research is of particular relevance for neural data as neurotechnologies especially BCIs are highly reliant on research. Under GDPR, research constitutes exceptions in various stages. First, it is excepted from the general prohibition on processing sensitive data when certain safeguard measures proportionate to the aim of research are provided. ¹² Second, scientific research is an exemption to the “purpose limitation” requirement, meaning that further processing for research purposes will not be treated as incompatible notwithstanding their possible departure from initially stated purposes. ¹² Although there is a requirement for safeguard measures to ensure “data minimalization,” the exact scope of such measures is vaguely listed in a inexhaustive way. ¹² Third, research is also legitimate ground for derogations from key data rights such as right of access, right to object, and right to be provided with information. ¹²

With such a strong effect of exemption from data controllers’ key obligations like consent and purpose limitation, research has not been delineated under GDPR. The ambiguity of research under GDPR has been observed by both data enforcement bodies and academia. Even the Recital 33 of GDPR admits in itself that “it is often not possible to fully identify” research purposes upon data collection. ¹² EDPB further interprets this Recital as allowing a purpose described “at a more general level.” ⁶⁴ Multiple studies recognize research as “legal uncertainties,” ⁶⁵ and “without clearly explaining them.” ⁶⁶ Regarding the purpose limitation exempted by research in the context of clinical trial under the Clinical Trials Regulation (CTR), ⁶⁷ EDPB pointed out that there is a “presumption of compatibility” of further purposes for research, which has “horizontal” and “complex” nature requiring attention and guidance in the future. ⁶⁸ As for the right to information in case of data collection not directly from the participant, it is noted that research exception in this regard will cause a participant not to be aware of such processing, and accordingly not to be able to exercise the right to object, causing limited ability to exercise their autonomous choice with regard to potential use of their data. ⁶⁹

Research activities have always been associated with the risks of unexpected data misuse. Earlier in history, there has been case like the Tuskegee Syphilis study, where the collection of individuals’ data from the autopsies once they succumbed, actually prevailed the real goal to cure patients. ⁷⁰ The broad scope of research under the GDPR approach may stimulate the impulse of some research-related activities to explore the room of ambiguity in neural data processing. This is especially noteworthy in scenarios of BCI industry which is highly technology propelled and extremely pioneering, whereas scientific research is more influential as well as being more promoted by and more entangled with commercial or commercially related activities. There is likelihood that brain data processing occurs under “auspices” of “research” by private entities and such data will be used by consumer companies “appealing to” research exemption. ⁶⁰ At least partially relevant, use for “scientific research” under the EU Directive on Biotechnology Invention has been interpreted by the Court of Justice as covering “industrial or commercial purposes.” ⁷¹

In business practice, the survey report for neurotechnology companies shows that the majority of the surveyed BCI companies share data with third parties especially including research affiliates. For example, privacy policy of Myndlift notes that it may share EEG data, cognitive tests results and data of age and health details with other entities for their academic research purposes, after removing directly identifying data such as name and contact. Muse offers voluntary research programs where participates will consent to the sharing of “Muse Data (including EEG data) on a de-identified basis with third parties for research related to improving products.” Emotive and some other products also have similar voluntary programs involving data sharing with researchers. ² Even if such policies provide for preconditions about deidentification or removing directly identifying data, such techniques (especially the latter) are still vague and cannot guarantee strict standard of anonymization or prevention of reidentification. Besides, such conditions usually only apply to data sharing, leaving other data processing like repurposing and storage uncovered. Most importantly, such common practices in relevant privacy policies all take the form of standard format clauses and provide no definition for exact scope of research purposes. They show the widespread motivations of BCI companies to process data for broad research purposes under vague terms. Although possibly based on consent according to GDPR or on opt-out rights according to CCPA, they leave ambiguity on the specific scope of the informed purposes, and further much room for data controllers to exceed the originally scope and types of informed purposes. Considering those scenarios other than data sharing which are not covered by consents, as well as the strong motivation of processing under broad research grounds, a wide uncertain space is left for unexpected or unconsented uses of neural data, which might yet be justified by equally broad research exceptions under GDPR and similar data laws.

From the perspective of researchers, it may be argued that they have a natural and justified motivation for data sharing including those with a commercial connotation, where researchers might also have commercial interest needing to be balanced against privacy. ⁷² There have been further arguments that individuals in health care system have a “reciprocal duty” for not to oppose credible collection and analysis of their data, ⁷³ or that data-sharing is an “ethical duty” of researchers, in order to “maximise” the contribution of human subjects. ⁷⁴ A survey for researchers in neurological field shows that, even for such researchers themselves, the majority were at least slightly concerned about potential harm if individual's research data were misused (65%). Particularly, investigators with more easily reidentifiable data and neural data were more concerned about the likelihood of misuse of research data. ⁷⁵

Notwithstanding the credit to certain justified interests of researchers, greater transparency for research purposes has been clearly called for in the context of brain data. ⁷⁶ In any event, a vaguely broad scope of research needs to be avoided in the context of BCI-generated data, application of which has growing uncertainty and unpredictability.

Sharing and cross-border transfer of non-personal neural data

Under certain neurotechnologies, the algorithm for machine learning with neural data would only share certain non-personalized, inferences on the data with a central server for further data processing. ⁷⁷ BCI-generated data may be treated as not to be personal data after anonymization under GDPR, ¹² or as “de-identified” information under U.S. privacy statutes, including HIPAA which specially governs health data. ⁶ They may also involve inferred or analyzed data such as outcome of assessment, ⁷⁸ which sometimes do not contain personal data. The earlier ECJ decision also recognized that analysis of an individual is not ‘in itself’ personal data even though it contains personal data. ⁷⁹

Generally, current “privacy laws” carve out de-identified data.⁵² Unlike personal data laws which have shaped into comprehensive systems under the model of GDPR “gold standards”, non-personal data regulations are only at preliminary formation period, with scattered practices in limited number of jurisdictions. Moreover, newly developed non-personal data regulatory frameworks, including DGA and the EHDS Proposal, have not placed any special concerns on non-personal neural data, leaving anonymized inferred data at large. Processing of non-personal neural data concerns special risks in the context of less regulation at a preliminary stage.

First, anonymized or de-identified data still face the possibility of re-identification, especially when AI and algorithms equip neurotechnologies with more power of decoding and inferring. With the advance in machine learning, brain data though appearing not to identify a data subject may, upon repurposing or in combination with other data, identify a subject and ground predictions about sensitive dimensions of their identity. ¹⁴ Such “re-identification” or “sensitive inferences” risks about individuals’ mental states also concern de-identified data aggregated and shared for purposes such as marketing or product development. ⁵ In the consumer product context, the emergence of direct-to-consumer neural devices increases the risks of reidentification and misuse of brain data. ⁸⁰

Second, there are unanticipated challenges about uncontrolled sharing of such data, especially regarding interests of certain groups as a whole. For de-identified and aggregate data, companies often do not need to obtain consumer consent before using these types of data for various purposes. ⁵ The report surveying privacy policies of various neurotechnology companies found that it is common practice to provide that companies may disclose to third parties information that does not identify the users, “without restriction.” For example, Flow Neuroscience informs consumers that in addition to personal information, it “might also store anonymised and aggregated data (which does not identify you) based on the information you provide to us.” The report concluded that it is not clear whether all or only some data is anonymized, nor is it clear whether the anonymized datasets include neural data, with companies possibly considering neural data not a form of personal data, leading to a “concerning picture” of sharing neural data without limitation. ²

Studies have consistently pointed to such problems, observing that preventing the misuse of such derived data (including anonymized data) in unanticipated ways poses a challenge for devising appropriate controls against this phenomenon, ⁸¹ and proposing that stricter controls should be included over how de-identified or aggregated cognitive biometric data can be shared or repurposed, recognizing the unique risks regarding misuse. ⁵

It is also noticed that target of privacy infringement may be a “group” or a “category” involving predispositions including collective features like illnesses and behaviors. ⁸² Such risks beyond individuals especially concern neural data related to behavior patterns, where processing of such data may cause discrimination and stigmatization at the group level. ⁸³ Accordingly, discrimination can occur through non-personal data not assessed on a wide variety of people, leading to biased and incomplete datasets. Further, behavior-related data is also of great concern regarding profiling and automated decision making. Research has observed that inferred brain data may not constitute regulated biometric data (conditioned on identifying purpose), involving extracted behavior data which might be used to target individuals. ⁸⁴ Inferences obtained through neurodata about individuals’ preferences and psychology might be left out of GDPR, and automated decision-making based on such inferred data will impact users’ content choices or addictive effects, further influencing their commercial, social, and even political behaviors. ⁸⁵

Moreover, the cross-border transfer of data is a regulatory issue not limited to personal data, as non-personal data may still involve risks to be controlled like the ones identified under DGA. However, relevant regulatory systems are only emerging and differ much globally. The EDHS Proposal reflected special considerations for international transfer of non-personal health data which may partially involve neural data, but it still lacks whole coverage of neural data in non-medical context like education and recreation. Particularly, the Proposal shows a tendency of promoting non-personal data sharing by stating that “secondary use of non-personal electronic data should also be ensured,” as well as establishing an “unrestricted access” system for such data. ⁴⁸ However, its regulation for relevant risks is limited to the issue of re-identification, ⁴⁸ not covering other potential problems associated with behavior patterns and psychology prediction mentioned above. In this regard, China's Data Security Law establishes a catalogue control system for regulating international transfer of “important data,” which might offer further tool for addressing special risks for certain non-personal neural data. But the comprehensive catalogue has not come up, and existing sectoral catalogues have taken no notion of neural data.

Special cybersecurity measures for BCIs

BCI as a pioneering technology produces new cybersecurity risks about uncontrolled access and unexpected attacks. It is noted that when the users’ neural information is accessed externally, it is uncertain whether it will be used for other purposes. ⁸⁶ Such risks are aggravated by advancing technologies like cloud computing. The lack of interoperability between BCI and cloud computing leads to functional issues of network security, and failure to add new threat defense functions may cause many unpredictable security problems.⁸⁶ As most current BCI deployments do not consider neural data protection, BCIs toward interconnected devices generate security concerns which will increase in the near future, while the field of security oriented to BCIs is not yet mature, generating opportunities for attackers. ⁸⁷ This is further complicated by recent novel BCIs based on nanotechnology, such as Neuralink, attack of which can disrupt the spontaneous activity of neural networks. ⁸⁸ Such nanotechnology miniaturizing the electrodes implanted in the brain, through FLO and SCA attacks discussed previously, further presents vulnerabilities that attackers could exploit to affect neural activity. ¹⁹ Thus, specific emphasis has been raised about what precautions must be taken against brain spyware. ⁸⁹

However, existing regulatory systems have not provided any special measures addressing newly growing risks facing neural data. Technically, there are no specific measures to ensure that applications and external services can access only to the neural information accepted by users, nor any limitation on manufacturers or third parties.⁸⁷ The Data Protection Impact Assessment (DPIA) under GDPR, though especially entailing measures for mitigating new technological risks, is still substantially a self-conducted process, subject to relatively weak supervision. Under the CCPA, businesses have obligations to maintain “reasonable” security procedures, but they apply generally to all personal information, with the “reasonable” standard being vague enough to limit its specificity. Even though the newly adopted Cyber Resilience Act of EU provides new security measures for digital products, it applies to such devices generally, without any specific measures addressing those special risks for neural data. ⁹⁰

Such regulatory gaps may leave ambiguity for some businesses to exploit in avoiding stricter security measures. In a review of privacy policies for certain BCI devices, research found that only a small part of the reviewed policies clearly provided encryption measures for limited types of data like biometric data (covering those for identifying purpose only). Most of such measures do not ensure that the encrypted data are inaccessible to the company and its employees, with the only exception of Apple promising that encrypted data are not accessible by its own employees. ⁵

Ethics guidance and premarket review for consumer BCI devices

As BCI is a new generation of technology, relevant ethical considerations are still at their preliminary stage and have not encompassed comprehensive aspects of regulating such new techniques. Consequently, current regulatory approaches still lack specially designed ethical guidelines providing clear value basis. For example, while we note that neural data is “highly sensitive,” it is still unsettled what are the further sensitivity differentiations for subcategories of neural data like those about emotions, cognition or behaviors. As a neuroscientist observed, there has been little “additional gradation” between non-sensitive data and sensitive data. ⁶³ A regulatory system fully addressing special risks for neural data needs to have building foundations of ethical principles. As mentioned, ethics “shape laws.” ³² The UNESCO Recommendation Draft also states that the ethics recommendation on neurotechnology provides a universal framework of values and principles to guide formulation of national legislation and policies. ³⁰

Furthermore, ethical reviews play a key role in research and clinical activities related to human subjects. For example, the US FDA has IRB review procedures in line with ethical standards respectively on human subject clinical investigations and premarket approval of medical devices. ⁹¹ However, such reviews usually only apply to activities or devices for clinical or medical activities. While medical devices are subject to heightened health data protections, ⁹² non-invasive BCIs not under medical context will be treated as consumer devices and face “almost no oversight.” ² With the increasing capabilities of educational or recreational BCIs for decoding and inferring from neural data, non-medical BCIs products should also be subject to certain premarket reviews.

International framework with legal effect

A special regulatory system for neural data is still at preliminary stage subject to debates.⁵⁷ Legislative progress just begins at tentative steps even at domestic law level, with only two states in the United States passing new laws. This indicates that it might be more difficult to achieve international frameworks with legal force. It has been consistently noticed that there are gaps in supranational and international law, with no mandatory governance framework focused on brain data currently existing, ⁸ and that there are currently no international frameworks that adequately protect against the risks posed by neurotechnologies. ⁹³ The UNESCO Recommendation Draft is an important attempt at international level, yet targeting ethics rather than regulatory rules for data processing as a main subject.

Recommendations

Considering potential problems for regulating neural data processing, especially the remaining regulatory gaps, we propose that specific additional rules need to be introduced through further reform of current data laws. It may also take the form of an independent new type of special regulation with rules for data processing, like those for genetic information issues. ⁹⁴

Recommendation 1: Strengthen consent procedure enabling dynamic monitoring

Considering neural data as highly sensitive, a strengthened dynamic consent procedure is needed especially regarding repurposing and third-party sharing. First, heightened transparency for specified purposes should be ensured in a dynamic way enabling ongoing monitoring. There have been multiple proposals in this regard for “data literacy” ¹⁴ or “transparent view of how brain data is governed.” ⁹⁵

Specifically, the Minnesota Neurodata Bill provides a reference by requiring an independent notice for “each time” connection to a BCI, covering types of potential uses and third parties with which data to be shared. ⁴² While the requirement of “each time” connection might be overly strict, it is suggested to add further purpose specification requirements for neural data in future data laws ensuring: (1) for the first time of collection, notice about all the planned types of uses of data in a detailed and item-by-item manner, as well as all third parties to be shared with for whatever grounds, listed in the same manner; (2) at any time the previous information has any changes (repurposing and new third parties), a new notice meeting the previous requirements. Particularly, the vague “incompatibility” standard under GDPR should be excluded from applicability at least to neural data in future data law reforms.

Second, the consent-giving procedure should also be administered dynamically at least for neural data. Granting consent should have a norm to revise consent over time to review unanticipated future use of the data. ⁷ Dynamic consent (DC) is not a new approach, while its mandatory application in data laws is the specific reform direction for neural data that we recommend. In its earlier stage, a DC has comprised the key element to enable individuals to turn consent decisions on and off “as easily as turning on a tap.” ⁹⁶ Based on the heightened transparency for purposes, the fundamental function of a DC should involve a requirement for separate consent/reconsent for any processing containing any changed purposes or third parties for data to be shared with (including international transfer). Further about the implementation model, there might be various methods to enforce DC requirements. Some key principles about the DC specially required for neural data may include: (1) there should be a mandatory real-time update for each connection of a BCI to its users to check whether there are any notices about changes in purposes or third parties, and such a notice should be displayed in a prominent manner; (2) in case of any such changes, there should be a real-time option for reconsent as condition for continuous use of the BCI device, displayed in a form different from initial consent for collection; (3) technically, the DC settings should allow users to consent to purposes and third parties on a sufficiently granular basis. Such functions should allow users to continuously renew and alter their consent preferences at any time, irrespective whether there have been changes to scope which they previously consented to.

Besides, a relevant key concern is the possible further classification of neural data, which might need to consider different degrees of sensitivity. As mentioned, “additional gradation” is still lacking. Certain subcategories of neural data might have extreme sensitivity such as those related to thoughts or behavior patterns, while others might be less sensitive such as general EEG data without inferences potential. The DC mechanism may need to have more special settings for the former type. However, the exact grading of detailed types of neural data is a complex and independent topic which needs further research in its special context.

Recommendation 2: Define and limit scope of research exception

Taking account of the differing approaches about research exception, it should be subject to policy concerns for each jurisdiction to decide whether or not to treat research as a listed exception to sensitive data processing. However, once research is provided as an exception for neural data, it should be inflicted with clear definition in a restrictive approach, favorably in an exhaustive or more illustrative manner and excluding research activities directly related to commercial purposes. There might be deviations for special research projects involving commercial elements and indeed conducive to public interest, notwithstanding an obligation to undergo ethical review by relevant expert committees.

In this regard, the CCPA's definition for research provides a valuable example, imposing limitative element like “public or scientific knowledge.” Particularly, it incorporates “applicable ethics” as a dimension, where ethical principles may provide more detailed case-by-case standards for those complex research projects involving pioneering aspects of non-medical or commercial applications.

Recommendation 3: Enhance regulations for non-personal neural data

The sharing or cross-border transfer of certain types of non-personal neural data with special features should be subject to a security review procedure conducted by relevant data authorities. Such special non-personal neural data should at least cover those derived from certain data subject groups with shared characteristics (e.g., groups with a collective minority, ethnic, rare disease background), as well as those having the potential of being re-identified due to its special characteristics such as cognitive data. There has been regulatory proposal to include a legal prohibition on the use of inferences drawn from brain data in a way that could harm data subjects, including the reidentification of health data back to personal data.⁸⁰ It has also been proposed to establish review by project-specific or infrastructure-level data access review committees (DAC) for data requests about research on neuroimaging data including de-identified data. ⁹⁷ Importantly, such special measures should not be limited to non-personal data held by public-sector bodies as regulated by the DGA, as relevant risks root in nature of such data themselves rather than their holders.

As for international transfer of such data, a catalogue for important/critical non-personal data (similar to that under China's PIPL) may be established under a regulatory system distinct from personal data laws.

Recommendation 4: Mandate additional cybersecurity measures

In response to security risks newly emerging or specially relevant to neural data, technical measures additional to current GDPR requirements should be mandated by data laws or relevant regulatory systems as privacy by design and by default for BCI devices. Firstly, “mandatory encryption” is necessary, ³⁰ wherein enhanced encryption system should be required for any type of BCI device, whether for medical purposes or not. Robust methods may include homomorphic encryption, ⁹⁸ secure multiparty computing ⁹⁹ and differential privacy. ²⁴

Secondly, mandated measures should prevent anyone other than the user from access to neural data, including employees or technical contractors of the BCI operators, unless those who must have access due to performing tasks indispensable for the user's consented use for the BCI. As applicable, it is recommended to take edge-processing ensuring computing on local device rather than external servers or clouds, or to use end-to-end encryption. ⁵

Thirdly, more BCI-responsive security frameworks against cyberattacks need to be introduced. The most discussed framework is distributed computation and decentralized data sharing. ¹⁰⁰ Relevantly, studies also propose objective and verifiable blockchain tracking processing through federated learning rather than centralized processing.⁹⁷ Moreover, data perturbation is proposed to resist privacy attacks by randomly modifying original data or introducing noise to the dataset, and source-free transfer learning is suggested for privacy-preservation to eliminate the need for seeing the data from learning useful knowledge. ¹⁰⁰ Further security measures may include a security lock-in between the EEG recording system and the processing system in order to avoid alteration or attack of the EEG signal during wireless transmission. ¹⁰¹

In a more systematic way, scientists proposed the design of a Radio Frequency Identification (RFID) system, so as to identify brain activities in a secure real-time mode.⁸⁶ Some experts proposed a holistic security strategy involving elements of “Hide” (anonymization, privacy preserving machine learning and unlinking brain data from contextual data) and “separate” (local equipment) and “control” (no “always-on” BCIs). ¹⁰²

Recommendation 5: Establish premarket review procedure for BCI devices

In addition to existing ethical or special review for medical devices, a more comprehensive premarket review procedure needs to be established, further covering marketing of non-medical BCI devices as well as for BCI-R&D activities beyond clinical or research context. This may be a specific regulatory system better achieving the goals of the ordered measures in the Chilean supreme court decision⁵⁴which is still vague and unstable on a case-by-case basis.

Such premarket review may center on assessing the data risks based on ethical guidance specially for neural data. The proposed DAC review committee introduced above is an exemplary approach, but is limited to neuroimaging data for research purpose only, not examining device functions either. The Ethical Guideline for BCI Research of China may also be an advisable model for regulatory approach, providing a mandatory data security review procedure for certain non-invasive BCI-related research which collects neural data, and imposing restrictions on neural data processing. But it is still limited to research activities and lack more specific rules on neural data sharing. Ideally, such an ethical review procedure may be broadened to cover premarket review for all types of BCI devices, applying ethical guidelines specially designed for neural data processing.

Recommendation 6: Promote international frameworks for universal ethics guidelines

Although it has been far from achieving an international treaty for legal rules on neural data, efforts for international frameworks of ethical principles have been developing. The OECD Recommendations made a meaningful preliminary attempt in this regard, and the UNESCO Recommendation Draft has made a further step in shaping a guideline with wide international consensus.

In line with these efforts, we recommend promoting international instruments through declarations or other soft laws specially for ethics principle of neural data protection or BCIs. These may take examples of prior achievements like the Universal Declaration on Bioethics and the Human Rights and International Declaration on Human Genetic Data, ^e which may provide value guidance and universally accepted basic principles for special protection of neural data.

Conclusion

This article provides elaboration on regulating neural data processing through data laws and relevant systems. Data laws may provide detailed and enforceable rules to regulate every stage of neural data use. In furtherance to human rights protection, whether traditional ones or new neurorights, data law approaches offer intricate balancing tools between competing interests of individual's privacy and public welfare related to health and scientific progress. Additional special rules should be established to address special challenges faced up by uniquely sensitive neural data. Reviewing current legal approaches, the GDPR model has been insufficient in this regard. The newest legislative reforms in CPA and CCPA made revolutionary attempts, but stopped at the “symbolic” incorporation of neural data, not stepping forward in introducing specific rules. The Minnesota Neurodata Bill is a more advanced approach and a worth-noting trend, yet still limited to few aspects of notice and consent.

Specific recommendations are made in this article for reforming relevant regulatory systems, suggesting newly designed data law approaches such as dynamic consent mechanism. Considering the sudden and unpredictable development style of BCI and AI, it is not over-vigilant or hasty to design precautionary special rules for regulating neural data processing in advance, as well as to promote relevant discussions, debates, and practices.

Limitations

In reviewing relevant legal approaches in regulatory practices, this article only selected a limited number of typical data laws and rules such as the GDPR of EU, the PIPL of China, and data laws or bills of certain states in the United States. The first constitutional case in Chile was also briefly compared but not the main concern of this research. Due to the fast development of relevant legislative reforms and various forms of data privacy legislations, there might be other legislations or cases particularly relevant to neural data which are not discussed in this article. Besides, the issue of BCI-generated neural data closely involves rapidly developing technical advancement and scientific studies, while this article may not cover the latest findings from scientific and technological fields of BCIs.