Download as PDF
Blog Document
Our university and college buildings already contain a surprising number of sensors that could collect information about those who occupy them. At a recent event I spotted at least half a dozen different systems in a normal lecture room, including motion detectors, swipe card readers, wireless access points, the camera and microphone being used to stream the event, and Bluetooth and other transmissions from the many laptops and devices we were all carrying.
Blog Document
[UPDATE: thanks for your feedback. Final text has now gone into the Jisc production process :)]
Blog Document
Following on from my previous blog post on the possible uses of wellbeing analytics, we'd very much welcome comments on this latest draft of our Code of Practice. Note that this includes the maximum safeguards from all legal bases that seem likely to apply, so even if our continuing investigations conclude that some of those bases are not appropriate, the Code's recommendations are unlikely to change significantly.
Blog Document
In a workshop at last week's AMOSSHE conference, we discussed how wellbeing analytics might be able to assist existing Student Support services.
Blog Document
Earlier this week I did a presentation to a group from Dutch Universities on the ethics work that Jisc has done alongside its studies, pilots and services on the use of data.
Blog Document
Shortly after we did out first Data Protection Impact Assessments, on the Janet Security Operations Centre and the Jisc Learning Analytics Service, the ICO published its
Blog Document
With the GDPR having now been in force for more than six months, my talk at this week's EUNIS workshop looked at some of the less familiar corners of the GDPR map. In particular, since EUNIS provided an international audience, I was looking for opportunities to find common, or at least compatible, approaches across the international endeavours of education and research.
Topics covered: What is a University? Network and Information Security; Research; Learning Analytics; Intelligent Campus; and Wellbeing.
Blog Document
I've been asked a number of times whether GDPR affects the sharing of information between incident response teams. This slideset discusses how GDPR encourages sharing to improve security, and provides a rule of thumb for deciding when the benefit of sharing justifies the data protection risk.
Blog Document
Since there was a lot of interest in my keynote presentation at the EUNIS 2018 conference last week, this post collects together the slides and the blog posts that provide further analysis and discussion of the ideas:
Blog Document
Article 35 of the General Data Protection Regulation introduces a requirement to conduct a formal Data Protection Impact Assessment (DPIA) for any processing that may involve a high risk to individuals. The Article 29 Working Party’s DPIA guidance contains a helpful list of nine factors that may give rise to a high risk. Any activity involving two or more factors is likely to require a DPIA.
Prev | Next