The annual report of the Internet Watch Foundation was published yesterday. The highlight is news that through closer collaboration with hotlines and Internet industries in other countries, the average time for removal of an illegal indecent image of a child from the Internet has dropped from over a month to twelve days. That is the average world-wide: in the UK such images are removed in hours.
Cambridge University gave a report at Networkshop on their work with Google to make outsourcing of staff and student calendars compliant with UK data protection law. This was achieved through a combination of individual contract terms, obtaining assurances about Google’s security processes, and design of the local Cambridge infrastructure.
I was recently struck by just how new most of the legislation creating duties for operators of electronic communications network is. Compared to the Computer Misuse Act, which has only had one amendment since 1990, these laws seem to be changing a lot faster:
Last year's Digital Economy Act 2010 created a power (s.17) for a court to order a service provider to prevent access to a "location on the Internet" if that location was being used, or likely to be used, to infringe copyright. That power has not been brought into force and last January Ofcom were asked to report to the Government on whether such blocking could be effective. In the past week there have been two, apparently contradictory, developments.
Many of the problems in applying European Data Protection Law on-line arise from uncertainty over whether the law covers labels that allow an individual to be recognised (i.e. "same person as last time") but not - unless you are the issuer of the label - identified (i.e. "Andrew again").
The Regulation of Investigatory Powers (Monetary Penalties and Consents for Interceptions) Regulations 2011 are now in force. These make two changes to the Regulation of Investigatory Powers Act 2000:
The Privacy and Electronic Communications (EC Directive)(Amendment) Regulations 2011 have now been published, amending the previous Privacy and Electronic Communications (EC Directive) Regulations 2003 as required by the new EC Telecommunications Directives.