Thoughts on regulatory and ethical issues relating to the use of technology in education and research
Reading yet another paper on privacy and big data that concluded that processing should be based on the individual’s consent, it occurred to me how much that approach limits the scope and powers of privacy regulators. When using consent to justify processing, pretty much the only question for regulators is whether the consent was fairly […]
The steady growth in the use of encrypted communications seems likely to increase next year given recent announcements on both web browsers and servers. That’s good news for security people worried that their users may be sending sensitive information such as passwords and credit card numbers over the Internet. However it may also require an […]
Although it’s now almost three years since the European Commission published their proposed General Data Protection Regulation, it seems unlikely that a final text will be agreed even in 2015. That means we’ll be stuck for at least another year with the 1995 Directive, whose inability to deal with the world of 2015 is becoming […]
A long time ago, testing software was part of my job. To help with that I had an initial checklist of questions to pose to any new program: situations where I should check that it behaved as expected. Once it passed those basic checks I could get on to the more detailed testing specific to […]
Herewith first impressions of the Government’s proposal to criminalise “Revenge Pornography” since, if it is passed, this will be another type of material that those offering web or other publishing services for user generated content will need to include in their notice and takedown processes. Comments welcome, especially if you think there’s something I’ve missed. […]
One aspect of the Google Spain judgment I’ve not seen discussed is the incentives it creates for search engines. The European Court of Justice found that under some circumstances Data Protection law entitles an individual to demand that out of date and inaccurate results be removed from the results of a search for their name […]
I had been planning to write up a summary of my thoughts on Bring Your Own Device, but I’m pleased to discover that the UK Government has pretty much done it for me. Their draft guidance, just published for comment, suggests an approach along the following lines: Start by reviewing which information should not be […]
A couple of sessions at the VAMP2013 workshop in Helsinki related to complexity and how best to express it to users. Bob Cowles pointed out that current access management systems can involve a lot of complexity even to reach the binary decision whether or not to allow a user to access a resource. This might, […]
A recent discussion got me thinking about what might be the right number of passwords. There are plenty of references that still say you should have a different password for every service, and breaches such as Adobe’s last year show why. If you use the same password on two different websites and one of those […]
The recent invention of the phrase “Bring Your Own Device” seems to have got educational organisations agonising about something we’ve been doing routinely, indeed relying on, for at least 15 years. Whenever you send a member of staff home with some work to do but no laptop to do it on, or provide a webmail […]