We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.
The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ...
Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.
Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.
Links to presentations I’m giving/have given. Event hashtag will usually be among the tags
A few weeks ago I presented on “ORCID and GDPR” at a UK Consortium event. I hope this was reassuring: I’ve always been very impressed with ORCID’s approach to Data Protection (in the European sense of “managed processing”, not the more limited one of “security”), but take it from the German Consortium’s lawyers, back in […]
A few weeks ago I was invited to contribute to Team Cymru’s Future of Cyber Risk podcast. As I hope is apparent from the resulting recording, it was a fun conversation about working with regulators and how apparently different risks often turn out to be the same after all.
Following my Networkshop talk on logfiles, I was asked at what point logfiles can be treated as “anonymous” under data protection law. Since the GDPR covers all kinds of re-identification, as well as data that can “single out” an individual even without knowing their name, that’s a good CompSci/law question: the work of Paul Ohm […]
Two common concerns in incident response are (a) not having the data needed to investigate an incident and (b) not being able to find signs of incidents in a mass of other data. My Networkshop talk (see “Making IT Safer… Safely”) looked at how the GDPR principles might help us to get it, like Goldilocks’ […]
[Script for a presentation at a recent Westminster Education Forum event…] Back in February 2020 we knew what assessment looked like. Jisc had just published “The Future of Assessment”, setting five targets – Authentic, Accessible, Appropriately Automated, Continuous, and Secure – to aim for by 2025. Then COVID made us all look at assessment through […]
My Digifest talk yesterday developed a couple of ideas on how we might move Towards Ethical AI, at least as that is defined by the EU High-Level Experts Group. First is that three of the HLEG’s four Principles, and at least five of their seven Requirements, look strikingly similar to the requirements when processing personal […]
Early in 2021 I was invited to give a one-hour presentation on Data Protection and Incident Response, looking at how the demands of the two fields align and support each other, and how law and guidance have come to recognise that over the past decade or so. Incident Response and GDPR: slides Discussion at that […]
[Based on a presentation for the NISO Plus conference, February 22-25, 2021] One thing it seems everyone knows about Europe is that we have a strong privacy law: the General Data Protection Regulation, or GDPR. In this talk I’d like to get you viewing that not just as a law, but as a really useful […]
I was invited to be a “catalyst” or “provocateur” for a discussion on Data Ethics, hosted by the Institute for the Ethics of AI in Education. Here goes… This has definitely been my “summer of Ethics”: I’ve read, listened, discussed and learned a lot. Mostly good, but here are four tendencies that concern me. Don’t […]
Thinking through an idea that occurred to me during our SOCITM ShareNational panel on ethical use of data and technology. What happens if we explicitly think about “our spaces, which people use”, rather than “people that use our spaces”? That may seem like a semantic quibble, but I think it leads in three interesting directions: […]