[UPDATE 2nd June 2020: thanks for your feedback. Final text has now gone into the Jisc production process :)] Jisc has been providing expert, trusted advice on digital technology in the education sector for more than 30 years. We know that technology and data have the ability to transform the student experience. But, as a […]
Tag: Data Protection Regulation
Posts related to the General Data Protection Regulation. There are a lot of these, so if you want to find out how GDPR affects a particular topic, it’s better to use the topic tag; if you want to know about implementing GDPR, then try “GDPR Howto”
Our university and college buildings already contain a surprising number of sensors that could collect information about those who occupy them. At a recent event I spotted at least half a dozen different systems in a normal lecture room, including motion detectors, swipe card readers, wireless access points, the camera and microphone being used to […]
The latest text in the long-running saga of the draft ePrivacy Regulation contains further reassuring indicators for incident response teams that want to share data to help others. Article 6(1)(b) allows network providers to process electronic communications data (a term that includes both metadata and content) where this is necessary “necessary to maintain or restore […]
Talking to new audiences, who may not share your preconceptions, is a great way to learn new things. So I was delighted to be invited to Dublin to talk about learning analytics as part of their DALTAí project (an English backronym creating the Irish for student: bilingualism creates opportunities!). The audience – and my fellow […]
The European Data Protection Supervisor has just published an interesting paper on the research provisions in the GDPR. The whole thing is worth reading, but some things particularly caught my eye: Stresses (again) that research-consent is not the same as GDPR-consent, though the former may still be an “appropriate safeguard” when using a legal basis […]
Jisc responded to the Information Commissioner’s consultation on draft guidance on explaining AI. The final guidance was published in May 2020. We welcome the ICO/Turing Institute’s draft guidance on Explaining AI Decisions, and believe that it could be useful well beyond the narrow question of when and how decisions need to be explained. However, as […]
[UPDATE: my slides are now available] This week I’ve been presenting at an event on Artificial Intelligence in Education, organised by the Finnish Government in their current role as EU Presidency. Specifically I was asked to look at where we might find building blocks for the ethical use of AI in education. Looking at the […]
A few weeks ago I gave a presentation to an audience of university accommodation managers (thanks to Kinetic for the invitation), where I suggested that we should view Data Protection as an opportunity, rather than a challenge. That may seem strange, given that universities probably have the most complex data flows of any organisation. And […]
Last week I was invited to be a member of a panel at the UN Internet Governance Forum on how law can help security and incident response and, in particular, information sharing. It seems there are still concerns in some places that privacy law is getting in the way of these essential functions. I started […]
GDPR: what’s your justification?
One of the key steps in preparing for the General Data Protection Regulation is to know why you are processing each set of personal data, and which of the six legal justifications applies: consent, contract, legal obligation, vital interest, public interest or legitimate interest. The Regulation significantly tightens the rules on when consent can be […]