Over the past twenty years, I’ve seen a lot of attempts to start information sharing schemes. And a lot of those have failed, some very slowly, despite huge amounts of effort. I wondered if there pointers that could be used, early on, to try to spot those. Story First, what is the story? If you […]
Author: Andrew Cormack
I'm Chief Regulatory Advisor at Jisc, responsible for keeping an eye out for places where our ideas, services and products might raise regulatory issues. My aim is to fix either the product or service, or the regulation, before there's a painful bump!
One striking aspect of the new Ethical Framework for AI in Education is how little of it is actually about AI technology. The Framework has nine objectives and 33 criteria: 18 of these apply to the ‘pre-procurement’ stage, and another five to ‘monitoring and evaluation’. That’s a refreshing change from the usual technology-led discussions in […]
Audience Measurement
To improve websites and other online services, measuring how they are used is a key tool. However the law on measuring visitors to websites is a mess. Nine years ago, when reviewing the types of cookies that do not need consent, the Article 29 Working Party of data protection regulators concluded that requiring consent when […]
Towards Ethical AI
My Digifest talk yesterday developed a couple of ideas on how we might move Towards Ethical AI, at least as that is defined by the EU High-Level Experts Group. First is that three of the HLEG’s four Principles, and at least five of their seven Requirements, look strikingly similar to the requirements when processing personal […]
Where is “AI ethics”?
One of the trickiest questions I’m being asked at the moment is about “the ethics of Artificial Intelligence”. Not, I think, because it is necessarily a hard question, but because it’s so ill-defined. Indeed a couple of discussions at Digifest yesterday made me wonder whether it’s the simply the wrong question to start with. First, […]
Learning in (and from) the pandemic
Priya Lakhani’s Digifest keynote was titled “How COVID-19 has catalysed edtech adoption” but actually ranged much more widely. What has the pandemic shown us about the role of technology in education and, indeed, how does that relate to education’s role in future society. One obvious result of the pandemic is that we have (nearly) all […]
Anyone who works with flows, logs and other sources of information to protect network and information security should already be familiar with Recital 49 of the GDPR, where European legislators explained why that was (subject to a risk-based design) a good thing. Now the European Commission has published its draft of the replacement Network and […]
Early in 2021 I was invited to give a one-hour presentation on Data Protection and Incident Response, looking at how the demands of the two fields align and support each other, and how law and guidance have come to recognise that over the past decade or so. Incident Response and GDPR: slides Discussion at that […]
Data Breach Shanty
To celebrate my 500th blog post, here’s another sea shanty: What shall we do with the stolen data? What shall we do with the stolen data? What shall we do with the stolen data? Early in the morning. Way-hey the fines are rising Way-hey the fines are rising Way-hey the fines are rising Early in […]
Beyond the Future of Assessment?
A fascinating discussion session with colleagues who worked on Jisc’s “Future of Assessment” report. When that was written, in the first months of 2020, its intention was to look at how things might change over the next five years. Little did we know… When the pandemic hit, suddenly many of things we had expected to […]