Categories
Presentations

Data Protection Benefits with ORCID

A few weeks ago I presented on “ORCID and GDPR” at a UK Consortium event. I hope this was reassuring: I’ve always been very impressed with ORCID’s approach to Data Protection (in the European sense of “managed processing”, not the more limited one of “security”), but take it from the German Consortium’s lawyers, back in […]

Categories
Presentations

Future of Cyber Risk podcast

A few weeks ago I was invited to contribute to Team Cymru’s Future of Cyber Risk podcast. As I hope is apparent from the resulting recording, it was a fun conversation about working with regulators and how apparently different risks often turn out to be the same after all.

Categories
Presentations

Anonymous: why and how, rather than when?

Following my Networkshop talk on logfiles, I was asked at what point logfiles can be treated as “anonymous” under data protection law. Since the GDPR covers all kinds of re-identification, as well as data that can “single out” an individual even without knowing their name, that’s a good CompSci/law question: the work of Paul Ohm […]

Categories
Presentations

Porridge, Bears and Logfiles

Two common concerns in incident response are (a) not having the data needed to investigate an incident and (b) not being able to find signs of incidents in a mass of other data. My Networkshop talk (see “Making IT Safer… Safely”) looked at how the GDPR principles might help us to get it, like Goldilocks’ […]

Categories
Presentations

What’s the Role of Technology in Assessment?

[Script for a presentation at a recent Westminster Education Forum event…] Back in February 2020 we knew what assessment looked like. Jisc had just published “The Future of Assessment”, setting five targets – Authentic, Accessible, Appropriately Automated, Continuous, and Secure – to aim for by 2025. Then COVID made us all look at assessment through […]

Categories
Presentations

Towards Ethical AI

My Digifest talk yesterday developed a couple of ideas on how we might move Towards Ethical AI, at least as that is defined by the EU High-Level Experts Group. First is that three of the HLEG’s four Principles, and at least five of their seven Requirements, look strikingly similar to the requirements when processing personal […]

Categories
Presentations

Data Protection and Incident Response

Early in 2021 I was invited to give a one-hour presentation on Data Protection and Incident Response, looking at how the demands of the two fields align and support each other, and how law and guidance have come to recognise that over the past decade or so. Incident Response and GDPR: slides Discussion at that […]

Categories
Presentations

Thinking with GDPR

[Based on a presentation for the NISO Plus conference, February 22-25, 2021] One thing it seems everyone knows about Europe is that we have a strong privacy law: the General Data Protection Regulation, or GDPR. In this talk I’d like to get you viewing that not just as a law, but as a really useful […]

Categories
Presentations

Care with “Ethics”

I was invited to be a “catalyst” or “provocateur” for a discussion on Data Ethics, hosted by the Institute for the Ethics of AI in Education. Here goes… This has definitely been my “summer of Ethics”: I’ve read, listened, discussed and learned a lot. Mostly good, but here are four tendencies that concern me. Don’t […]

Categories
Presentations

Watch this space

Thinking through an idea that occurred to me during our SOCITM ShareNational panel on ethical use of data and technology. What happens if we explicitly think about “our spaces, which people use”, rather than “people that use our spaces”? That may seem like a semantic quibble, but I think it leads in three interesting directions: […]