Categories
Articles

AI Regulation – not so new?

Looking at discussions of Regulating Artificial Intelligence it struck me that a lot isn’t new, and a lot isn’t specific to AI. Jisc already has a slightly formal Pathway document to help you identify issues with activities that might involve AI. But here are some topics that seem to often come up in those discussions. […]

Categories
Articles

Data Protection Reform?

Looking at the contents of the Government’s new Bill suggests it may be more about Digital Information than Data Protection: Personal Data Processing (1-23) National Security & Intelligence Services (24-6) Information Commissioner’s Role etc. (27-43) Miscellaneous (44-5) Digital Verification Services (46-60) Customer & Business Data (a general framework for services like Open Banking) (61-77) Privacy […]

Categories
Articles

Cookies: limits of regulation

In going through the new (2023) Data Protection and Digital Information (No.2) Bill I noticed that it does actually make a change to UK law on cookies: according to clause 79(2A), consent will no longer be needed to store or access information in the user’s terminal equipment if this is done by the person who […]

Categories
Articles

Transparency: about Choices, not just Algorithms

Whether you refer to your technology as “data-driven”, “machine learning” or “artificial intelligence”, questions about “algorithmic transparency” are likely to come up. The finest example is perhaps the ICO’s heroic analysis of different statistical techniques. But it seems to me that there’s a more fruitful aspect of transparency earlier in the adoption process: why was […]

Categories
Presentations

Data Protection Benefits with ORCID

A few weeks ago I presented on “ORCID and GDPR” at a UK Consortium event. I hope this was reassuring: I’ve always been very impressed with ORCID’s approach to Data Protection (in the European sense of “managed processing”, not the more limited one of “security”), but take it from the German Consortium’s lawyers, back in […]

Categories
Articles

Goodguys “Possess Illegally Obtained Data” too

The Home Office consultation on Computer Misuse Act (CMA) reform raises the possibility of a new offence of “possessing or using illegally obtained data”. This is presumably in response to the growing complexity of cyber-crime supply chains. It’s good to see immediate recognition that this will need “appropriate safeguards”. This post looks at why someone […]

Categories
Articles

Law of the (AI) Horse?

When the Internet first came to legislators’ notice, there was a tendency to propose all-encompassing “laws of internet” for this apparently new domain. A celebrated paper by Frank Easterbrook argued that (my summary) there wasn’t a separate body of new harms to address and that existing laws might well prove sufficiently flexible to deal with […]

Categories
Articles

Ransomware: Economics for Defenders

The recent rash of ransomware incidents has been linked to the availability of crypto-currencies – as a way that victims can pay ransoms to anonymous attackers – so Trend Micro reviewed the economic models for ransomware and, among many other aspects, whether changes in the crypto-currency world might have knock-on effects. Their conclusions are mixed: […]

Categories
Articles

Online Safety Bill: effect on small services

Over the past few months there has been a lot of discussion of the impact of the Government’s Online Safety Bill on large providers. Ofcom’s July 2022 Implementation Roadmap (p5) estimates that there are 30-40 of those, to be covered by Categories 1, 2a and 2b. However the roadmap mentions a further 25000 UK services […]

Categories
Articles

NIS 2 Directive: cybersecurity improvement for all

The final text of the revised European Network and Information Security Directive (NIS 2 Directive) has now been published. This doesn’t formally apply in the UK, but does have some helpful comments on using data protection law to support network and information security. I’ve blogged about these previously but, since the final version significantly changes […]