Thoughts on regulatory and ethical issues relating to the use of technology in education and research
The European Council of Ministers have now published a proposed text for the General Data Protection Regulation. This still needs to be edited by the Commission’s “lawyer-linguists” to check for inconsistencies, sort out the numbering of recitals and articles etc. But the working parties of both the Parliament and the Council have recommended that the […]
The European Commission has now published draft texts that could be used to implement an EU/US Privacy Shield to replace the previous Safe Harbor agreement. It appears that the new scheme would only cover “commercial exchanges” of personal data between the EU and US so it is unlikely to be appropriate for export of personal […]
The Article 29 Working Party of European data protection supervisors had hoped to make a full statement on the EU/US Safe Harbor agreement at the end of January. However this has now been postponed, probably until mid-April. The European Court of Justice declared last October that the original Safe Harbor did not guarantee adequate protection […]
[this article is based on the draft text published by the European Council on 28th January 2016. Recital and article numbers, at least, will change before the final text] The final version of the Data Protection Regulation’s breach notification proposals has addressed many of my concerns with the original draft. Rather than applying the same […]
The Higher Education Funding Council for England (HEFCE), as the body given responsibility by the Home Office for monitoring compliance with the Prevent duty in the higher education sector in England, has now announced how it will perform this responsibility. Full details can be found at the links to the HEFCE website below: the following […]
Some very interesting and positive messages came out of this week’s Future of Data Protection Forum. Interestingly the forum didn’t just focus on the draft European Regulation: partly because the final state of that is still unclear, but also because there was general agreement that reputable organisations shouldn’t aim merely to comply with data protection […]
The Government has today published its draft Investigatory Powers Bill. There are 299 pages in the legislation alone, so for now I’ve been looking at the parts most likely to affect Janet and its customers. So far I’ve looked at a bit less than half of the Bill: further implications, if any, will be the […]
The Information Commissioner’s Office has published a new article on how they are responding to the European Court’s Safe Harbor judgment. The overall message is that data controllers should take stock and not panic. While noting that the judgment does remove some of the former legal certainty, the ICO is “certainly not rushing to use […]
The Article 29 Working Party of European Data Protection supervisors has now published its response to the European Court’s ruling that the US-EU Safe Harbor agreement can no longer be relied upon when exporting personal data from the European Economic Area. Like the UK Information Commissioner’s earlier statement, they recognise that data exporters and US […]
[Updated to include UCISA Model Regulations] After short debates in the Houses of Commons and Lords the legal duties on universities and colleges to address risks of radicalisation came into force on 18th September. The Government’s guidance is unchanged from the drafts published in July. In last week’s debates the Government again stressed that measures […]