Presenting at the Jisc’s Safer Internet Day event got me thinking a bit more about the shared interests between owners and organisations in a BYOD scheme, and the opportunity that might present. For many years I’ve liked the idea of helping users be safe in their personal Internet lives (where motivation should be a matter […]
The House of Commons has published a useful summary of progress on the Defamation Bill, which will return to Parliament next week. Clause 5 of the Bill proposes changes to the current regime for websites hosting allegedly defamatory postings from third parties. When it was last discussed in the House, before the summer, concerns were […]
At the moment both cloud computing providers and their business customers in Europe have to deal with at least twenty-eight different interpretations of Data Protection law. And there are nearly as many different national rules and formalities when using non-European cloud providers (the UK approach is described in the Information Commissioner’s Guide to Cloud Computing). […]
It has long been a source of frustration that if a Janet connected site wanted to provide connectivity to members of the public this required a separate physical network link to connect those users to a partner Internet Access Provider. Members of the public can’t be given access to the Janet IP service as this […]
There are several situations when it would be useful to have a life-long identifier that doesn’t change when we move house, employer or even country. Most of us already have life-long identifiers to link together all our interactions with the health service and the tax office; in research and education linking together our achievements would […]
I’ve had a few discussions recently where people talked about the ‘new risk’ of Bring Your Own Device (BYOD), but then mentioned risks – loss/theft of device, use in public place, etc. – that already exist on organisation-managed mobile devices. Turning that around, it struck me that one way to develop a BYOD policy might […]
A law that promotes Privacy by Design and Data Minimisation ought to encourage the use of indirectly-linked identifiers, which allow processing to be done separate from, or even without, the ability to identify the person whose information is being processed. However European Data Protection law has never really worked out what these identifiers are. The […]
The amount of information stored in encrypted form is steadily increasing, supported by recommendations from the Information Commissioner and others. When deciding to adopt encryption, it’s worth planning for what might happen if the police or other authorities need to access it in the course of their duties. Normally the existing access rules under section […]
At the VAMP workshop last week I was asked to review legal developments that might affect access management federations. On the legislative side the new European Data Protection Regulation seems to be increasingly mired in politics. The Commission’s proposed law from January 2012 needs to be discussed with the European Parliament and Council of Ministers […]
If you look up “interception” in most dictionaries you’ll find that it happens before an action has completed: in sport a pass can no longer be “intercepted” once it reaches a teammate. In a legal dictionary, however, that turns out not to be true. According to section 2(2) of the Regulation of Investigatory Powers Act […]