We’ve just responded to the ICO’s request for feedback on Profiling under the General Data Protection Regulation. Thanks to the work we’ve already done on Learning Analytics, we were able to include several examples of good practice in that area, including the Code of Practice we developed with universities and the National Union of Students.
[UPDATE: the Irish GDPR coalition have a nice infographic on information lifecycles under the GDPR] Anyone who has looked at an information security standard is likely to be familiar with the idea of an Information Asset Register. These cover the What and Where of information that an organisation relies on: what information do we hold, […]
Having had my own concerns that the European Commission’s draft e-Privacy Regulation might prevent some activities that are needed by security and incident response teams, it’s very reassuring to see the Article 29 Working Party recommending an explicit broadening of the scope of permitted Network and Information Security (NIS) activities. Strikingly, this comes in an […]