Categories
Articles

Health Data Partnerships: using trust to build trust

This morning’s discussion – jointly hosted by the All-Party Parliamentary Groups on Data Analytics and Health – suggested that if we want uses of health data to be trusted, we need to trust citizens and patients to think more deeply about benefits and risks than media headlines might suggest. The session was inspired by a […]

Categories
Peacasts

Assessing our security services

Jisc performs a number of different activities to keep Janet and customer sites secure. Here’s a very short video on how we used a Data Protection Impact Assessment and a Legitimate Interests Assessment to check that those activities do not themselves create disproportionate risks. You can read the reports: Security Operations Centre (SOC): Data Protection Impact […]

Categories
Peacasts

Analytics: Using data to improve outcomes

Since it has provided the foundation for most of the work I’ve been doing on data for the past couple of years, I’ve recorded a video explaining our standard model for “analytics”, in both practical and legal terms If you’d like to know more, a couple of papers set out the theory Downstream Consent: a […]

Categories
Articles

Where should I put my data?

After a couple of years when the question of data location had dropped a little down the priority list, two things have pushed it back up again. First, the Schrems II decision of the European Court, which cancelled the US-EU Privacy Shield and added some – but it’s not yet clear how onerous – new […]

Categories
Peacasts

Incident Response and Law

On and off, I’ve been researching the legal aspects of incident detection and response for fifteen years, and published more than 25000 words in law journals. So, can that be summarised in less than five minutes? You judge… And if you’d like to read more, here are the original papers: Processing Data to Protect Data: […]

Categories
Tools

Intelligent Campus DPIA Toolkit

I’m pleased to announce the publication of our Intelligent Campus Data Protection Impact Assessment Toolkit. Intelligent Campuses use existing data and new sensors to deliver better places to study, work, live and socialise. But there’s a risk with any use of data or sensors that even the best-intentioned ideas will be misused or misunderstood: as […]

Categories
Articles

Thinking creatively about COVID-19

Lilian Edwards gave a fascinating keynote at the UK IGF this morning, on Protecting Digital Rights During a Pandemic. Though privacy is the most often discussed right in the context of pandemic response, rights of free speech and free assembly also need to be borne in mind. Although the impact of national schemes (contact tracing […]

Categories
Peacasts

Brexit in 58 seconds…

Colleagues set me the challenge of saying something about my work in one minute. So here (on YouTube) is a “peacast” – my wife says it’s too small to be a “podcast” – on Brexit and GDPR: Comments very welcome on the format and, if you like it, suggestions for any other topics I could […]

Categories
Articles

Machine Learning and Data Protection

Might some of the problems in applying data protection law to machine learning arise because we’re using too simple a model? Sometimes an over-simplified model can be hard to apply in practice. So here’s a model that’s a bit more complex but, I hope, a lot easier to apply. It’s also a lot more informative, […]

Categories
Articles

Wellbeing Analytics Code of Practice

We’re delighted to have launched our Wellbeing Analytics Code of Practice, something we’ve been working on in the ICO’s Regulatory Sandbox for almost exactly a year. The resulting Code builds on Jisc’s widely-used Learning Analytics Code of Practice and includes tools for Data Protection Impact Assessment and Purpose Compatibility assessment. We hope it will give […]