Categories
Peacasts

Think “Big benefits”, not “Big Data”

“Big Data” has – often rightly – had a bad press. Is there a better way to think about it? Starting from potential benefits and discussing how they might be achieved should help us choose the right outcomes to aim for when using data, make it more likely that those aims will be delivered, and […]

Categories
Articles

Adequacy Shanty

Inspired by Gavin Freeguard’s National Data Strategy Sea-Shanty, and in homage to the shanty-makers (I’ve worked the North Atlantic on small ships), here’s my “Adequacy Shanty”… Farewell and adieu to you, fair Spanish data, Farewell and adieu to you data of Spain, For our UK law may be judg-ed inadequate, And we may never see […]

Categories
Articles Tools

Navigating the Temptations of Data

It seems easy to come up with new ways we might re-use data we already have. But harder to work out, in advance, whether an idea is likely to be perceived as unethical, intrusive, or just creepy. In a recent paper – “Between the Devil and the Deep Blue Sea (of Data)” – I explored […]

Categories
Presentations

Thinking with GDPR

[Based on a presentation for the NISO Plus conference, February 22-25, 2021] One thing it seems everyone knows about Europe is that we have a strong privacy law: the General Data Protection Regulation, or GDPR. In this talk I’d like to get you viewing that not just as a law, but as a really useful […]

Categories
Articles

Using Social Media: is it ethical?

In a chat at the DataMatters conference I was asked about the ethics of universities and colleges using social media providers to contact students. In breaking down that question, I think it illustrates a continuum: the more we interfere with individuals’ own choices of what and how to use, the more thinking we need to […]

Categories
Articles

WHOIS access and the NIS2 Directive

The European Commission’s proposed update of the Network and Information Security Directive may revive discussions about access to WHOIS data. When a domain name is registered, contact details are typically requested for various purposes, including billing, administrative and technical questions. For most of the history of the DNS this ‘WHOIS’ data – including names, postal […]

Categories
Articles

How to become an expert phish-spotter

We’ve all been trained how to spot phishing emails: check the sender address, hover over links to see where they go, etc. But that’s a lot of work and mental effort. And, given that most emails aren’t phish, almost all wasted. So can we do it better? A fascinating paper by Rick Wash looked at […]

Categories
Peacasts

Thinking (using COVID-19) about location data

During the pandemic, a lot of ideas have come up – not just contact tracing! – where useful information might be derived from location data. It struck me that a selection of those might be an interesting illustration of how intrusiveness isn’t just about the data we use, but what we use it for. Here’s […]

Categories
Articles

Sandbox Tales: Public Interest and Privacy Notices

The latest report on ICO sandbox participation contains a rapid pivot, and some useful discussion of the “public interest” justification for processing. Back in mid-2019, NHS Digital was awarded a sandbox place for a system for recruiting volunteers into clinical trials (the actual conduct of trials is out of scope). A few months into 2020 […]

Categories
Articles

Online Harms White Paper

Tertiary educational institutions have a very specific role in promoting free speech, whether verbal, in writing or on-line. This is set out in general in the Education (No.2) Act 1986, with specific limitations – monitored by the sector regulators – to manage the risk of radicalisation in the Counter-Terrorism and Security Act 2015 and, for […]