 First question, I think it's for everyone, but I'm going to start with Mary. A new tier or access tier called registered access is emerging for genomic data sharing. Can you talk more about why this might be a useful way to manage access to genomic data? So in my presentation, I tried to convey that participant interests are not just in protection and privacy, but also in sharing and maximizing the scientific benefit from participation. So there's a balance. And it does seem too limited to only have, you know, all or nothing, either fully open and unrestricted or controlled access, which often means available only to qualified researchers. You have to have a well-developed protocol that's been approved by an IRB. And so that doesn't seem consistent, for example, with some more exploratory kinds of research or doing reviews preliminary to developing research plans. It doesn't seem to allow bona fide clinicians who might find value in these resources to access them at anything other than that, you know, fully public open level. So registered access, which I think came out of the Global Alliance, seems like a great idea to recognize that there's a gradient of risk and sensitivity and to say, okay, so we're going to find this middle tier, and we're not going to have to require everything that we need, my understanding, with controlled access, but we are going to do more than just, you know, free to everybody in an open or public tier. I guess that the devil is probably in the details in terms of how you would implement it, but probably, I'm looking at Jonathan, he's nodding. There probably are some technologies that can really help with this process. So maybe I'll turn it over to him next. Yeah, that's a great point. I think we wrestled with this a little bit. And I think the one, not quite a caution, but the suggestion I brought there is that we're very clear with what registered access means, because I think it's exactly that, that one organization might implement it technically a bit different than the other. So I think, you know, certainly if NIH was suggesting a certain way of doing it, that would be very helpful and probably lead a lot of other groups to follow in sync. And I think in that case, we would really want to look for, you know, what are the key things that groups commonly check off or don't check off in order to qualify someone for registered access? I think from a technical perspective, those would be the things that we'd want to look for it. It may be a little bit different, but probably defining a subset and agreeing on what they are or are not in certain places is crucial. Oh, Alyssa, did you want to add something? So it would be interesting to hear feedback from the other panelists, but sometimes from the emerging economy perspective, what's lost in the conversation is there need to be on ramps, there needs to be consideration for countries that don't have the same level of infrastructure already set up around data systems. And without that, this very good approach to encourage collaborative use of data starts to become another area where some countries are left behind. So I think there needs to be careful consideration in the standards that are developed and also then how they're employed to make sure that all can be brought along. Yeah, and I guess speaking from the kind of European legal privacy perspective, I've kind of described how, for example, the GDPR seems to export that very high standard, which could be very taxing to be met in certain other contexts. But at a general level, the kind of regulatory framework in Europe, at least, allows for this sort of proportionate approach. And it allows for proportionate data safeguards and levels of privacy protection. The challenge and the challenge for any interaction between Europe and the rest of the world then is working at how that's operationalized according to all of those specific parts of the European law. And that's a lot of work that I'm sure is going on behind the scenes to make that work. So we have, in following up on that, we have our first question in the chat and I'll direct this to Colin. So how should projects citing GDPR be treated for NIH funding and sort of aligned with the NIH GDS policy? Yeah, I mean, for a proper answer to that, you'd need someone very familiar with the NIH policies and someone who's done the work. And I'm not sure if it's been done yet at cross-analyzing the sort of frameworks between that policy and the European legal framework. But I mean, one thing I would know is that we've recently around some other work been looking at some of the NIH policies, for example, in relation to making data available through DBGAP. And what we noted was actually there was, despite the fact that these are totally different legal frameworks, there was a lot of coherence between the terms that are required under those policies and the requirements of the GDPR around, you know, being able to follow up on requests for deletion or removal of data, how you make certain things transparent. So many, many aspects I think are coherent. But for a precise answer, I'm afraid you'd need a good analysis. Yeah, that's a great comment. And then I think also from the NIH's perspective, it's never too early, especially when initiating a new collaboration, to start those discussions with your collaborators early to get a sense of what those barriers are. Or if, like you said, the example with DBGAP, how much already allows for harmonization, whether or not it's in the data access principles or in the consent form, for example. Thank you, Colin. Okay, next question. This is an interesting one. Regarding studies and data resources that include information about minors, what is your perspective on reconcent upon reaching the age of majority? And maybe again, I'll start with Mary. I think that is a tough one because it's currently being debated often. It depends, for example, whether it's even possible. Are you tracking people as they move around so that you can get in touch to do reconcent? But some work I did with a colleague suggested to me that there may be context where it's really important to try to track people so you can enable reconcent. It actually goes back to autism. So there are several large efforts. One's called Missing with the Two Eyes Missing, intended to signal the missing information about autism. But there are parts of the autism community who took that in a very negative light, that their voices were missing, and that this is another one of those efforts that's focused on curing autism or creating tests that would actually prevent people with autism from being born. But so it's a context in which there are people who, when they become adults, consider their condition not a disorder, but an identity. And it seemed to me, I don't know how others feel about this either from work they've done or just kind of at the gut level. But when you can anticipate that that kind of transition might occur, that someone who's enrolled as a minor might develop objections to continued participation. Then you have the strongest case for, again, trying to trap people so that we consent upon age of majority becomes possible. So we have another question. Thank you, Mary, for that. This would be to Jonathan. So given you have some experience now with your Duos pilot, the Duos pilots, do you have any lessons learned that you can share? Have you been able to decrease time for processing the data access request, for example? So, yeah, great question. I think what some people maybe in the community thought was that, you know, there's sort of this idea that the DAC is slow. I think what we learned is that the NIH DACs are actually very fast, especially when compared with the rest of the world of DACs, which tend to be comprised of these other research teams. And I think what we also then realize is that then the efficiency there is at least the current rate of data access requests, not so much on expediting their workflow. They're very, especially at NIH, you know, very defined processes for reviewing DARS. It's actually in structuring the data access requests and helping the researcher give more information more clearly that we found was very important. And then also I would say when you start talking about being able to let a researcher submit a single data access request to multiple DACs, that's something that is very interesting, especially as you go outside of NIH. And again, being able to sign a single agreement like the NIH's data use certification in that library card agreement style, really to help us scale and to help people work together, I think those are some of the biggest wins. And I would just call out again, there's a very DAC focused group at GA4GH that's looking into the next frontier, which is things like, you know, do DACs trust other DACs in their decisions? I think it's a very kind of fascinating question. I think some folks at NCI were bringing this to the table is that they might render a decision, maybe a researcher would be permitted to do any GRU research. Therefore any GRU data set from another DAC may be accessible to them. So ideas like that I think are also on the horizon. Not sure how we'll end up tackling them, but those are some of the things we're taking away. Thanks, Jonathan. Okay. So here's one. It seems as though data privacy is an important topic in general. Do you think more public awareness of large data breaches and scandals such as the Cambridge Analytica Facebook scandal will impact people's willingness to share genomic data for research purposes? And I'll start maybe with Alyssa on that. When you had your conversations with lots of global stakeholders, did you hear any concerns about data privacy? Yeah, certainly. This also, I think brings in the research that Mary was sharing. There is, I think, a great need for the public to be more engaged in understanding both providing their input into data privacy structures that are being developed, as well as understand what it means to have their privacy, to have their data consented, to be used in research both at the academic level or potentially the commercial level. Right now there is a lot of, I think a lot of knowledge of scandals, which are very concerning. There's a lot of mistrust of institutions, both industry institutions and governmental institutions. But to your question about the emerging economy perspective, there are kind of additional layers of mistrust that need to be considered. And this goes back to kind of the idea I mentioned around governance. So, you know, with a significant absence of trust, governance, setting up trustworthy systems becomes really critical and starts to lay the foundation for systems that people can start to believe are going to safeguard their information. So that's a critical step within this process, is not just developing an understanding of what data privacy means, how that data is kept, what's done with it, what your rights are within that, what you're developing trust, but also ensuring that strong systems are in place to enable that data is truly secure and also kept in a way that aligns to the initial concerns. I can just add that in the United States, we have certificates of confidentiality, which were actually strengthened significantly in the 21st Century Cures Act. So they can't prevent hacking or malicious actors doing things without authorization. But they should protect against another kind of concern people have, which is, you know, like the government or law enforcement, getting access to research databases. And some people also mentioned the Golden State Killer case. So I put that up there as potentially spooking people. And it's my understanding that this hasn't been tested in court, but it really should be an effective barrier to that kind of use of genetic information in research databases. Thank you, Mary. I think we have time for one or two quick questions before we close at three. Maybe just one more. So for Jonathan, you had mentioned the data use ontology terms and the project that GA4GH, given that this is a global audience, how easy or hard was it to come to some consensus on a standard set of terms? I don't think it was easy. I think it's taken a number of years and it's an active ontology. So it's actively being developed. We're looking at releasing some updates soon. I think thankfully though, and we'll just invite participation from anyone who's interested in that it's the GA4GH data use and researcher identities work stream, where we constantly groom and refine the ontology, but have a number of representatives from, you know, across all continents, thankfully, who are taking part in contributing. We're even doing a pretty mass effort now to translate the data use ontology into languages other than English. And I think our first one that is finished or near finished is in Japanese. So we're continuing to do that. So definitely a challenge, but thankfully a lot of great collaboration with folks from all around the world at GA4GH. All right. So thank you to all of our viewers who joined us live today. And thank you again to our panelists for your great presentations and for answering all of our questions. Finally, we're grateful to the communications team for all your help with putting this together and streaming it and recording today's session. All right. Thanks again. And I hope you have a great rest of your day. Bye, everyone. Bye now. Thank you.