Data Protection Act

Computers and the Law

Andrew Cormack
Monday, July 16, 2012 - 12:07
Law
Computer Misuse Act
Regulation of Investigatory Powers Act
Data Protection Act
PB/INFO/005 Please note that this factsheet is written with no legal expertise and that no-one should take any action based solely on its content.  In particular, readers outside England and Wales may be subject to different legal systems.
Read more
2 July 2012 at 2:58pm

Pseudonyms and Data Protection

Andrew Cormack
Access Management
Privacy
Data Protection Directive
Data Protection Act
The Information Commissioner’s consultation on an Anonymisation Code of Practice is mainly concerned with the exchange or publication of datasets derived from personal data. However it once again highlights the long-standing confusion around the treatment of pseudonyms under Data Protection law.
Read more

Cookie Law Update

Andrew Cormack
7 June 2012 at 3:10pm
Cookies
ePrivacy Directive
Data Protection Act
Privacy
Cookie Law Update By Andrew Cormack 13 June 2012, 12.30-13.30 In 2009 an apparently minor amendment was made to European telecoms privacy law that turns out to have significant implications for websites using cookies as well as other technologies such as e-mail tracking. The change became UK law in 2011 and will be enforced by the Information Commissioner from May 2012. Programme: Discuss what organisations can do to work towards compliance Discuss some examples of how others have responded to the law Q&A Session
Read more
6 June 2012 at 11:02am

Cloud Computing and Law Toolkit

Andrew Cormack
Cloud computing
Data Protection Act
The JISC Legal Information Service have published a toolkit on the legal issues that should be considered by universities and colleges when planning to use external cloud computing providers, including Data Security, Jurisdiction, Confidentiality, Freedom of Information, Intellectual Property Rights, Equality and Accessibility, and Contracts.
Read more
6 June 2012 at 10:57am

The Definition of Consent

Andrew Cormack
Access Management
Data Protection Act
Data Protection Directive
Privacy
Although consent is a key concept in Data Protection, discussions of it often seem confused and legal interpretations inconsistent. For example the European Commission has in the past called both for a crackdown on the over-use of consent and for all processing of personal data to be based on consent!
Read more
6 June 2012 at 10:20am

Personal Information Online

Andrew Cormack
Data Protection Act
Privacy
The Information Commissioner has now published his Code of Practice on Personal Information Online (also available as PDF), for which we gave early input. It  seems to contain a lot of helpful and pragmatic advice.
Read more
6 June 2012 at 10:18am

Pseudonymous Identifiers and the Law

Andrew Cormack
Access Management
Data Protection Act
Data Protection Regulation
Privacy
For a while I've been trying to understand how pseudonymous identifiers, such as IP addresses and the TargetedID value used in Federated Access Management, fit into privacy law. In most cases the organisation that issues such identifiers can link them to the people who use them, but other organisations who receive the identifiers can't. Indeed Access Management federations spend a lot of effort to make it as difficult as possible for the link to be made, using both technical and legal means to protect the privacy of users.
Read more
6 June 2012 at 9:47am

ICO Draft Guide on personal information online

Andrew Cormack
Data Protection Act
Privacy
The Information Commissioner has now launched a draft text for a new guide on Personal Information Online, with an opportunity to comment on the text over the next three months. It's good to see that some of the issues I raised at a preparatory meeting have been included, so I'd encourage readers to have a look at the draft guide and provide their own comments.
Read more
6 June 2012 at 9:36am

Catchup - Government Data Handing Review

Andrew Cormack
Data Protection Act
Privacy
I've been reminded that at last year's Network Strategy Workshop I promised to keep you informed about Government policy on handling personal data...
Read more
Subscribe to Data Protection Act