An interesting reminder from the European Court of Justice (ECJ) that the Data Protection Directive (95/46/EC) is supposed to make processing and exchanging personal data easier as well as safer. The Directive contains a number of different reasons justifying processing of personal data (gathered together as Schedule 2 of the UK Data Protection Act 1998), […]
Category: Articles
Thoughts on regulatory and ethical issues relating to the use of technology in education and research
Categories
Website Blocking: Copyright
The latest judgment from the BT/Newzbin case sets out what BT will be required to do to prevent its users accessing the Newzbin2 website that an earlier case found to be breaching copyright. From next month, BT will be required to add the Newzbin URLs to the system it already uses to limit access to […]
The report of Parliament’s Joint Committee on the Draft Defamation Bill acknowledges the problems raised in our response to the consultation and proposes some novel solutions. As was noted by the Law Commission in 2002, current defamation law encourages Internet hosts to remove material provided by third parties as soon as they receive a complaint […]
Categories
Website Blocking: Alive or Dead?
Last year’s Digital Economy Act 2010 created a power (s.17) for a court to order a service provider to prevent access to a “location on the Internet” if that location was being used, or likely to be used, to infringe copyright. That power has not been brought into force and last January Ofcom were asked […]
Categories
The Definition of Consent
Although consent is a key concept in Data Protection, discussions of it often seem confused and legal interpretations inconsistent. For example the European Commission has in the past called both for a crackdown on the over-use of consent and for all processing of personal data to be based on consent! A new Opinion on the […]
Categories
Privacy Riskiness for Access Management
On a privacy course I teach for system and network managers I suggest a scale of “privacy riskiness”, the idea there being that if you can achieve an objective using information from lower down the scale then you run less risk of upsetting your users and/or being challenged under privacy law. That scale is very […]
Categories
Explaining Attribute Release
Federated access management can make things nice and simple for both the user and the service they are accessing. By logging in to their home organisation the user can have that organisation release relevant information to the service – “I am a student”, “this is my e-mail address” and so on. And because that information […]
Categories
Re-opening the Internet?
Two recent news stories suggest that the importance of open Internet connectivity is gaining increasing international recognition. The UN’s Special Rapporteur on the promotion and protection of the right to freedom of opinion and expression has published a report stressing the importance both of making internet infrastructure available to as much of the world’s population […]
Categories
Domains with Criminal Purpose
Questions about my last posting on Nominet’s DNS domain suspension discussions, have got me thinking a bit more about my idea of “domains registered for a criminal purpose”. My suggestion is that these should be the only domains that a top-level registry can remove on its own, rather than asking for the decision to be […]
Categories
Phishing trends
Some interesting analysis was presented by Pat Cain at the FIRST conference on trends from APWG (Anti-Phishing Working Group) data including their six-monthly surveys of domain names used in phishing campaigns. There is evidence that concerted campaigns against phishing can be effective – the .hk domain used to be one of the most commonly used […]