Privacy

8 October 2012 at 10:29am

Thinking about "Privacy in Context" and Access Management Federations

Andrew Cormack
Access Management
Privacy
Twitter
One of the big challenges in designing policies and architectures for federated access management is to reconcile the competing demands that the system must be both “privacy-respecting” and “just work”. For an international access management system to “just work” requires information about users to be passed to service providers, sometimes overseas.
Read more
4 October 2012 at 6:52pm

Information Commissioner Guide to Cloud Computing

Andrew Cormack
Cloud computing
Data Protection Regulation
Privacy
The Information Commissioner has published new Guidance on the Use of Cloud Computing for organisations who are, or are considering, using cloud services to process personal data. The benefits of clouds are recognised: these may include “increased security, reliability and resilience for a potentially lower cost”. However cloud customer organisations may also “encounter risks to data protection that they were previously unaware of”.
Read more
27 July 2012 at 2:18pm

Ordering hosts to prevent repeat infringements

Andrew Cormack
Privacy
copyright
eCommerce Directive
internet filtering
Article 15 of the European Ecommerce Directive states that Member States shall not impose a general obligation on providers ... to monitor the information which they transmit or store, nor a general obligation actively to seek facts or circumstances indicating illegal activity.
Read more
6 July 2012 at 11:54am

Clouds and Law: Work to Do

Andrew Cormack
Cloud computing
Data Protection Regulation
Privacy
A new Opinion on Cloud Computing from the Article 29 Working Party highlights a number of difficulties in applying current data protection law to the cloud computing model and suggests that changes are needed both to cloud contracts and to European law. The main concerns are over lack of control by the client using the service and lack of information about what the service will involve.
Read more
13 August 2012 at 10:59am

MoJ Summary of Data Protection Responses

Andrew Cormack
Access Management
Breach Notification
Data Protection Regulation
Privacy
incident response
Cloud computing
The Ministry of Justice have published a summary of the responses to their consultation on European Data Protection proposals. On the issues we raised around Internet Identifiers, Breach Notification and Cloud Computing there seems to be general agreement with our concerns.
Read more
2 July 2012 at 2:58pm

Pseudonyms and Data Protection

Andrew Cormack
Access Management
Privacy
Data Protection Directive
Data Protection Act
The Information Commissioner’s consultation on an Anonymisation Code of Practice is mainly concerned with the exchange or publication of datasets derived from personal data. However it once again highlights the long-standing confusion around the treatment of pseudonyms under Data Protection law.
Read more
28 June 2012 at 3:57pm

Draft Communications Data Bill - Joint Committee on Human Rights

Andrew Cormack
Communications Data
Communications Data Bill
Human Rights Act
Privacy
Parliament’s Joint Committee on Human Rights has asked for evidence on the draft Communications Data Bill, so I’ve sent in a Janet submission pointing out the human rights i
Read more

2012 - Ministry of Justice call for evidence on EU Data Protection Proposals

Andrew Cormack
Thursday, June 28, 2012 - 13:39
Data Protection Regulation
Privacy
incident response
Cloud computing
Breach Notification
This is Janet’s response to the Ministry of Justice call for evidence on the European Commission’s data protection proposals. The JNT Association, trading as Janet, is the non-profit company limited by guarantee that operates the Janet network connecting education and research organisations in the UK to each other and to the Internet.
Read more

2010 - Ministry of Justice call for evidence on current data protection framework

Andrew Cormack
Thursday, June 28, 2012 - 13:36
Data Protection Directive
Data Protection Regulation
Privacy
This is JANET(UK)’s response to the Ministry of Justice Call for Evidence on the Current Data Protection Legislative Framework. JANET(UK) is the operator of the UK’s publicly-funded National Research and Education Network, JANET, which connects universities, colleges, research organisations and regional schools networks to each other and to the Internet.
Read more

Data Protection

Andrew Cormack
Thursday, June 28, 2012 - 13:35
Data Protection Directive
Data Protection Regulation
Privacy
Various consultations relate to the European Data Protection Directive and its implementation
Read more
Subscribe to Privacy