I'm Chief Regulatory Advisor at Jisc, responsible for keeping an eye out for places where our ideas, services and products might raise regulatory issues. My aim is to fix either the product or service, or the regulation, before there's a painful bump!
Earlier in the year I wrote about the German ISP Association’s scheme to remove the economic disincentive for ISPs to inform their customers of botnet infections on their PCs by providing a centrally-funded helpdesk. In Latvia a different approach has been taken: providing a “responsible ISP” mark that consumer networks can use on their websites […]
The ASPIRE study on the future of National Research and Education Networks calls for European NRENs to work together on a common approach to cloud computing. The European Commission has just published a Cloud Strategy that also seeks a common European approach, noting that “faced with 27 partly diverging national legislative frameworks, it is very […]
ENISA have published an interesting report on cyber incident reporting. Their scope is wide – incidents range from the failure of a certificate agency to storms creating widespread power (and therefore connectivity) outages. In each of these areas they find a common pattern, where governments are trying to encourage (or mandate) notification of incidents in […]
I participated in an interesting discussion last week at ENISA’s Expert Group on Barriers to Cooperation between CERTs and Law Enforcement. Such cooperation seems most likely to occur with national/governmental CERTs but I’ve been keen to avoid recommendations that they be given special treatment, not least because of the risk that such treatment might actually […]
The US Government’s CIO Council has published an excellent toolkit to help organisations develop appropriate policies for employees to use their own laptops and smartphones for work (known as Bring Your Own Device or BYOD). The toolkit identifies three different technical approaches to controlling the security of the organisation’s information: Use virtualisation so that the […]
The Defamation Bill completed its passage through the House of Commons this week with only minor changes to the provisions for third party postings on websites: A new power (New Clause 1) will be created for a court to order takedown of an article if it has been the subject of a successful defamation case. […]
Last week’s REFEDs and VAMP meetings in Utrecht invited identity federations to move on to the next series of technical and policy challenges. Current federations within research and education were mostly designed to provide access to large commercial publishers and other services procured by universities and colleges for their individual members. Services and arrangements are […]
I’ve sent in a Janet response to the EU’s consultation “A Clean and Open Internet: Procedures for notifying and acting on illegal content hosted by online intermediaries”. At the moment the E-Commerce Directive (transposed into UK law as the Electronic Commerce (EC Directive) Regulations 2002) says that websites aren’t liable for unlawful material (either criminal […]
I’ve made a Janet submission to the joint Parliamentary Committee considering the draft Communications Data Bill. It’s actually quite hard to predict what the effect of the Bill would be, as the Bill creates extremely wide powers for both the Home Secretary and Law Enforcement and the impact will depend on how those powers are […]
Ofcom’s 2010 report on “Site Blocking” to reduce online copyright infringement concluded that using IP addresses to block infringing sites “carries a significant risk of over-blocking given that it is common practice for multiple discrete sites to share a single IP address” (page 5). They have now published a report commissioned from CMSG that shows […]