Categories
Articles

The Definition of Consent

Although consent is a key concept in Data Protection, discussions of it often seem confused and legal interpretations inconsistent. For example the European Commission has in the past called both for a crackdown on the over-use of consent and for all processing of personal data to be based on consent! A new Opinion on the […]

Categories
Articles

Privacy Riskiness for Access Management

On a privacy course I teach for system and network managers I suggest a scale of “privacy riskiness”, the idea there being that if you can achieve an objective using information from lower down the scale then you run less risk of upsetting your users and/or being challenged under privacy law. That scale is very […]

Categories
Articles

Explaining Attribute Release

Federated access management can make things nice and simple for both the user and the service they are accessing. By logging in to their home organisation the user can have that organisation release relevant information to the service – “I am a student”, “this is my e-mail address” and so on. And because that information […]