data protection

8 April 2015 at 7:31pm

Internet regulation after the Google Spain case

Andrew Cormack
Data Protection Regulation
#dpnet15
right to be forgotten
data protection
Yesterday's excellent University of Cambridge conference on Internet Regulation After Google Spain suggested that data protection law will continue to affect a growing range of our activities, but that interpreting its requirements in novel circumstances will continue to be challenging.
Read more
26 February 2015 at 11:00am

Why Google Spain worries me

Andrew Cormack
Intermediary Liability
right to be forgotten
data protection
Next month I'll be going to an academic conference on Google Spain and the "Right to be Forgotten" (actually, "right to be delinked") so I thought I'd better organise my thoughts on why, as a provider and user of communications and information services, the decision worries me. And I am much more worried by the decision itself and the train of proposed law it seems to have created than by how Google has responded.
Read more
8 October 2013 at 9:31pm

Federated Access Management: Legal Developments

Andrew Cormack
#VAMP2013
Access Management
Data Protection Regulation
Privacy
data protection
At the VAMP workshop last week I was asked to review legal developments that might affect access management federations. On the legislative side the new European Data Protection Regulation seems to be increasingly mired in politics.
Read more
3 October 2013 at 8:32am

Managing Incident Response in Identity Federations

Andrew Cormack
Access Management
incident response
data protection
#VAMP2013
In talking with service providers at this week’s conferences on federated access management in Helsinki it’s become apparent that many of them are asking identity providers to supply not only the information that they need for normal operations, but also information that will only actually be needed if a problem occurs. For example it seems that some service providers may request every user’s real name just in case a user mis-behaves and breaks the service provider’s policy.
Read more
2 October 2013 at 8:00am

How much complexity should we see?

Andrew Cormack
#VAMP2013
Access Management
data protection
A couple of sessions at the VAMP2013 workshop in Helsinki related to complexity and how best to express it to users. Bob Cowles pointed out that current access management systems can involve a lot of complexity even to reach the binary decision whether or not to allow a user to access a resource.
Read more
3 January 2013 at 11:39am

ICC Cookie Guide updates

Andrew Cormack
Privacy
data protection
ePrivacy Directive
Cookies
The International Chamber of Commerce has published a revised version of its Cookie Guide, reflecting the new information that has been produced by the Information Commissioner and Article 29 Working Party since
Read more
3 January 2013 at 11:37am

Art.29WP on Cookies - specific and pragmatic advice

Andrew Cormack
Privacy
data protection
ePrivacy Directive
Cookies
The e-Privacy Directive's provisions on cookies exempt two classes of cookies from the requirement to gain consent (though if they relate to individual users, websites still need to inform users about them, under data protection law):
Read more

Data protection

Anonymous
Thursday, February 9, 2012 - 13:55
DNS
data protection
domain name registration
Services
Registrars, their customers, and Jisc Customers should be aware that the information supplied for registering domain names under ac.uk and gov.uk will be held and processed in Jisc's databases. It will be made available as a matter of public record by electronic enquiries made to Jisc and its whois servers. Jisc will also make this information available to other organisations and their legal advisers for the purpose of ascertaining the registrants of domain names. Such disclosure will be made only after checks on the bona fides of the enquirers have taken place.
Read more
Subscribe to data protection