Categories
Publications

Incident Detection and GDPR

Great to have my paper – “Processing Data to Protect Data: Resolving the Breach Detection Paradox” – published by ScriptEd. Everything you always wanted to know about logfiles and the GDPR: Why Data Protection requires breach detection; What’s the GDPR “Purpose” of breach detection; What’s “Necessary”, when it comes to breach detection; What Safeguards are […]

Categories
Publications

IDPro Body of Knowledge

I was delighted to be invited to contribute an article to IDPro’s Body of Knowledge for professionals working in the field of digital identity. Mine is (of course) on how the GDPR applies to identity management. But as well as standards and regulation the collection is steadily expanding to cover things like privacy for consumers, […]

Categories
Publications

Maintaining trust in University data handling

WONKHE has published my article on the need to be careful in introducing, and withdrawing, with any post-virus data processing (the absolute sub-head isn’t mine!) Maintaining trust in university data handling

Categories
Publications

Remote Invigilation/e-Proctoring

An article, on “The value of e-proctoring as Exams move on-line”/”Technology can reduce exam stress”, was published in University Business (6/5/20) and the Jisc website (13/5/20).

Categories
Publications

Digital Threats: Research and Practice

Having acted as programme chair for the FIRST Security and Incident response conference last year, I also got to co-edit the special conference issue of the ACM journal Digital Threats: Research and Practice (DTRAP). FIRST sponsored the journal, so our issue is open access, available for anyone to read. Topics covered: Using power consumption to […]

Categories
Publications

Intelligent Campus: Risks, Benefits and Ethics

[Re-purposing an unused introduction to my full paper – “See no… Hear no… Track no..: Ethics and the Intelligent Campus” – that was published in the Journal of Information Rights, Policy and Practice this week] The Intelligent Campus is a microcosm of the Smart City. Smart cities, according to Finch and Tene, may be “more […]

Categories
Publications

Why should non-EU organisations care about GDPR?

I was recently invited by EDUCAUSE to present a webinar on GDPR to their community of mostly North American universities and colleges. The number of participants indicates that European data protection law is a topic of interest. But the most common question was why, as non-EU organisations, they should care about GDPR. So I wrote […]

Categories
Publications

Security, Incident Response, Privacy and Data Protection

The Forum of Incident Response and Security Teams (FIRST) invited me to write a piece on how GDPR affects security and incident response. Summary: it makes them pretty much essential 🙂

Categories
Publications

GDPR and “cyber security”

Education Technology have just published an article I wrote (though I didn’t choose the headline!) on how security and incident response fit into the General Data Protection Regulation. It aims to be an easy read: if you want something more challenging follow the “incident response protects privacy” link to get the full legal analysis.

Categories
Publications

GDPR: How to Prepare

To mark one year to go till the General Data Protection Regulation comes into force, we’ve published an article on “How Universities and Colleges Should be Preparing for New Data Regulations” on the Jisc website.