Download as PDF
Blog Article
[Corrected 28/11: "relevant internet data" is limited to that "generated or processed" (not merely "held") by the telecommunications operator]
Blog Article
A long time ago, testing software was part of my job. To help with that I had an initial checklist of questions to pose to any new program: situations where I should check that it behaved as expected. Once it passed those basic checks I could get on to the more detailed testing specific to that particular program.
With the Government apparently about to "fast-track" another piece of internet law, it seemed worth trying to draw up a similar checklist for legislation. Here’s a second draft:
Blog Article
Herewith first impressions of the Government's proposal to criminalise "Revenge Pornography" since, if it is passed, this will be another type of material that those offering web or other publishing services for user generated content will need to include in their notice and takedown processes. Comments welcome, especially if you think there's something I've missed.
Blog Article
One aspect of the Google Spain judgment I’ve not seen discussed is the incentives it creates for search engines.
Blog Article
I had been planning to write up a summary of my thoughts on Bring Your Own Device, but I'm pleased to discover that the UK Government has pretty much done it for me. Their draft guidance, just published for comment, suggests an approach along the following lines:
Blog Article
I was invited to give a presentation on legal and ethical issues around information sharing at TERENA’s recent security services workshop. The talk highlighted the paradox that sharing information is essential to protect the privacy of our users when their accounts or computers have been compromised, but that sharing can also harm privacy if it’s not done correctly.
Blog Article
Nominet have now started the process of issuing domain names in the two Welsh top level domains, .wales and .cymru. Key dates are now available on their timeline, though there is a note that these may yet change so those intending to apply should subscribe to their mailing list for updates.
Blog Article
A recent discussion got me thinking about what might be the right number of passwords. There are plenty of references that still say you should have a different password for every service, and breaches such as Adobe’s last year show why. If you use the same password on two different websites and one of those gets compromised, either by phishing or loss and cracking of a password file, then both accounts are put at risk.
Blog Article
Earlier this week Parliament passed the Data Retention and Investigatory Powers Act 2014 (DRIP), in response to the European Court of Justice's April 2014 declaration of the invalidity of the 2006 European Data Retention Directive on which the UK data retention law depended.
Blog Article
The recent invention of the phrase "Bring Your Own Device" seems to have got educational organisations agonising about something we’ve been doing routinely, indeed relying on, for at least 15 years. Whenever you send a member of staff home with some work to do but no laptop to do it on, or provide a webmail service for students, or invite a visiting academic connect their device to your network, you’re inviting BYOD.
