Categories
Articles

Government Response on Draft Defamation Bill

The Ministry of Justice has published their response to the Joint Parliamentary Committee’s comments on a proposed Defamation Bill. As discussed in a previous post, those comments included a novel suggestion that third party postings on websites be treated differently depending on whether the posting is attributed or anonymous. For organisations that allow such postings […]

Categories
Articles

Copyright blocking – recent UK cases

The latest case brought by rightsholders under the Copyright Designs and Patents Act 1988 has found that bittorrent tracker site The Pirate Bay does infringe copyright according to the Act. Following this decision it seems likely that rightsholders will seek injunctions under s97A of the Act requiring ISPs to “block” access to the site, as […]

Categories
Articles

ECJ on Copyright Injunctions: Hosting Providers

After ruling last year on the balance between the rights of copyright holders, users and network providers, the European Court of Justice has now ruled on the same question applied to the case of a hosting provider, the social network Netlog. As in the earlier Scarlett case, the copyright collecting society (SABAM) had asked the […]

Categories
Articles

Understanding Threats to Mobile Computing

An interesting talk by Ken van Wyk on threats to mobile devices at the FIRST/TF-CSIRT meeting last week. While it’s tempting to treat smartphones just as small-screen laptops (let’s face it, users do!) there are significant differences in the threats to which the two types of devices are exposed. These need to be recognised in […]

Categories
Articles

Data Protection Proposal: Federated Access Management

The European Commission’s proposed Data Protection Regulation supports recent thinking in moving away from using consent as a basis for federated access management systems. The consent of the data subject is still one of the legitimate grounds for processing personal data but it cannot be used “where there is a significant imbalance” between the organisation […]

Categories
Articles

Data Protection Proposal: Privacy Breaches

In dealing with breaches of privacy the Commission’s enthusiasm to protect and reassure Internet users seems to run the risk of having the opposite effect. Article 4(9) of the proposed Regulation defines ‘personal data breach’ means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, […]

Categories
Articles

Data Protection Proposal: Cloud Computing

Cloud computing, whose whole point is to be independent of geography, does not fit comfortably into current data protection law. The Commission’s new proposal at least shows signs that clouds were a use case that was considered during drafting, so it is more obvious which provisions apply to them. These seem to offer a mixture […]

Categories
Articles

Data Protection Proposal: Incident Response

The Commission’s proposed Data Protection Regulation seems very positive for Incident Response. Indeed Recital 39 explicitly supports the work of Incident Response Teams: The processing of data to the extent strictly necessary for the purposes of ensuring network and information security … by public authorities, Computer Emergency Response Teams … providers of electronic communications networks […]

Categories
Articles

Europe’s Data Protection Proposal

Last week the European Commission published their proposed new Data Protection legislation. This will now be discussed and probably amended by the European Parliament and Council of Ministers before it becomes law, a process that most commentators expect to take at least two years. There’s a lot in the proposal so this post will just […]

Categories
Articles

ECJ on Copyright Injunctions

The European Court of Justice has set some limits for the sorts of measures that ISPs can be compelled to implement to discourage copyright breach by their networks. Back in 2004 the Belgian rightsholder representative SABAM sought a court order requiring an ISP, Scarlet, to install devices on its network that inspected the content of […]