Technology Trends
Subscribe to this community
ECJ rules in favour of security and inci...
The recent European Court case of Breyer v Germany provides welcome support for those who wish to protect the security of on-line services. The case concerned two questions – whether a website's logfiles (typically containing time, client IP address, URL requested and result) constituted personal data and, if so, whether data protection law allowed the site operator t...
European Law on Public Authorities
It's pretty clear from the context and implications that when European legislators wrote "public authority" into the General Data Protection Regulation they didn't mean the same as the drafters of the UK's Freedom of Information Acts. "Public authority" isn't defined in the Regulation and I've not been able to find it in any other Europea...
Networking for Non-Networkers
Here is an archive of an historic working group organised by Mark Leese at the Counci...
GDPR: 12 Steps Illustrated
I've been trying to produce a visual image to capture the twelve steps to GDPR compliance.For details of the individual steps see:AwarenessData Protection by DesignInformation Lifecycle AuditBreach Notification Process [Article 29 Working Party guidance]Legal Basis [Information Commissioner guidance]Privacy Notices [Article 29 Working Party guidance]Individual Rights Proces...
Sensitive/Special Category Data and Lear...
In thinking about the legal arrangements for Jisc's learning analytics services we con...
Sharing Information to Protect Privacy
I was invited to give a presentation on legal and ethical issues around information sharin...
An anthropologist learns about incident ...
If you've been watching movies and TV series, it may come as a surprise that most computer security incident response actually involves a lot of command line interfaces and perl scripts, and rather few graphical interfaces. That wa...
The Benefits of Near Misses
Recently we had one of our regular reviews of security incidents that have affected the co...
Counter-Terrorism and Security Act 2015
The Counter-Terrorism and Security Act 2015, which received Royal Assent last week, has some network-related provisions among its various powers relating to terrorism. Section 21 adds further "relevant internet data" to the l...
Data Protection Regulation - now there a...
After more than three years of discussion, all three components of the European law making...
Janet Customers in Wales
Janet provides services to the following organisations in Wales: ==Higher Education ...
South West Service Report - September 20...
South West Service Report - September 2018...
Are networks data processors?
As the GDPR approaches, several customer organisations have asked us if the Janet network ...
Travelling with encrypted devices
Most portable devices – laptops, smartphones and memory sticks – should be encrypted so that the information they contain is protected if the device is lost or stolen. Many countries (including the UK) give their immigratio...
Reducing your vulnerability to insider t...
Monica Whitty's keynote at the FIRST Conference (recording available on YouTube) used interviews at organisations that had been victims of insider attacks to try to understand these attackers – and possible defences – f...
Big Data: Wrongs and Rights
Last week I gave a seminar at Southampton University on how data protection law could provide support and guidance for universities' use of learning analytics. The next day Jisc launched a Code of Practice on Learning Analytics, wh...
Public traffic backhaul
It has long been a source of frustration that if a Janet connected site wanted to provide connectivity to members of the public this required a separate physical network link to connect those users to a partner Internet Access Provider...
Passive DNS: improving security and priv...
[Updated with further information and suggestions provided by CSIRTs: thanks!]One incident response tool that seems to be growing in value is passive DNS monitoring, described in Florian Weimer's original paper. As described ...
Draft Investigatory Powers Bill - eviden...
Last month the Government published a draft Investigatory Powers Bill for a period of pre-...
Latest activity
The Community group for the Jisc Assent Service launched on 25 March 2015
Jisc, as the service operator, will post things on here relevant to the service but...
JiscCommunity has been this blog's home for eight years, but I'm now moving over to JiscInform. That has many nice features, notably that it works really well on...
[UPDATE: thanks for your feedback. Final text has now gone into the Jisc production process :)]
Jisc has been providing expert, trusted advice on digital...
[with thanks to a former university Head of Examinations for input and discussion]
Recent years, and weeks, have seen a move away from the traditional...
I've been reading a fascinating paper by Julia Slupska – "War, Health and...
[Notes:
- This isn't legal advice, but I hope it will reassure anyone considering supporting the...
[Notes:
- This isn't legal advice, but I hope it will reassure anyone considering supporting the...
The EU High-Level Expert Group's (HLEG) draft Ethics Guidelines for...
New videos
New ideas
Recently updated groups
Recently updated blogs
