Last updated: 
1 day 15 hours ago
Blog Manager

One of Jisc’s activities is to monitor and, where possible, influence regulatory developments that affect us and our customer universities, colleges and schools as operators of large computer networks. Since Janet and its customer networks are classified by Ofcom as private networks, postings here are likely to concentrate on the regulation of those networks.

Postings here are, to the best of our knowledge, accurate on the date they are made, but may well become out of date or unreliable at unpredictable times thereafter. Before taking action that may have legal consequences, you should talk to your own lawyers.

NEW: To help navigate the many posts on the General Data Protection Regulation, I've classified them as most relevant to developing a GDPR compliance process, GDPR's effect on specific topics, or how the GDPR is being developed. Or you can just use my free GDPR project plan.

Filter by tags:

Clear filters

Group administrators:

Error message

  • Notice: Undefined index: ja.netprod-jisc-memcache_storage_bin_indexes in MemcacheStorageAPI::getMultiple() (line 236 of /var/www/html/sites/all/modules/contrib/memcache_storage/memcache_storage.api.inc).
  • Notice: Undefined index: ja.netprod-jisc-cache_bootstrap_1-variables in MemcacheStorageAPI::getMultiple() (line 236 of /var/www/html/sites/all/modules/contrib/memcache_storage/memcache_storage.api.inc).
Blog Article

The European Data Protection Board's (EDBP) latest Guidelines further develop the idea that we should not always expect relationships involving personal data to have a single legal basis. Although the subject of the Guidelines is the legal basis "Necessary for Contract", much of the text is dedicated to pointing out the other legal bases that will often be involved in a contractual relationship.

Blog Document

Following on from my previous blog post on the possible uses of wellbeing analytics, we'd very much welcome comments on this latest draft of our Code of Practice. Note that this includes the maximum safeguards from all legal bases that seem likely to apply, so even if our continuing investigations conclude that some of those bases are not appropriate, the Code's recommendations are unlikely to change significantly.

Blog Article

In data protection circles, the phrase "Safe Harbour" doesn't have a great reputation. Wikipedia describes those as setting hard boundaries around an area where "a vaguer, overall standard" applies. Famously, in 2015, the European Court of Justice struck down the data protection Safe Harbor arrangement negotiated between the European Commission and the US Government.

Blog Article

To my ex-programmer ears, phrases like "web 2.0" and "industry 4.0" always sound a bit odd. Sectors don’t have release dates, unlike Windows 10, iOS 12 or Android Oreo. Oddly, one field that does have major version releases is the law: it would be quite reasonable to view 25th May 2018 as the launch of Data Protection 3.0 in the UK. Looking at past release cycles, it seems likely to be fifteen to twenty years before we see version 4.0.

Blog Article

Incident response teams often share information when investigating incidents. Some patterns may only become apparent when data from different networks are compared; other teams may have skills – such as analysing malware – to understand data in ways we cannot. Since much of this information includes IP or email addresses - information classed as Personal under data protection law - concerns have arisen that attackers might be able to use the law to frustrate this sharing.

Prev | Next