Whats new in ict law - Networkshop44
•Transferir como PPTX, PDF•
0 gostou•2,233 visualizações
This session will provide an opportunity to discuss the latest legal developments and how they may affect networked services in education. Exact topics will depend on developments in Brussels and Westminster, but may include: Data retention Incident response Data protection Safe harbour.
Recomendados
Recomendados
Mais conteúdo relacionado
Mais procurados
Mais procurados (20)
Destaque
Destaque (20)
Semelhante a Whats new in ict law - Networkshop44
Semelhante a Whats new in ict law - Networkshop44 (20)
Mais de Jisc
Mais de Jisc (20)
Último
Último (20)
Whats new in ict law - Networkshop44
- 1. What’s new in ICT law Andrew Cormack John Kelly
- 2. Safe Harbor/Privacy Shield »EU Data Protection compliance for exports to US private sector »Original Safe Harbor ruled inadequate by ECJ, Sept 2015 › Largely on basis of Snowden revelations of NSA activity »US/EU Commission announce “Privacy Shield”, Feb 2016 › Article 29WP expected to report mid-April on PS and other provisions › Further legal/diplomatic argument likely thereafter »Model clauses, Binding Corporate Rules, Consent more stable »Or keep data in EU 22/03/2016 What's new in network law?
- 3. » Background » So what does it all mean? (Spring 2018) » Controllers and processors » Data that’s covered » Pseudonymisation » Territorial scope » Notification » One stop shop – how laws are supervised » Penalties » Filing and record keeping GDPR - General Data Protection Regulation 22/03/2016 Networkshopp 44 » DPOs » Breach reporting » Consent » Data protection impact assessments » Data subject rights » Privacy by design and purpose limitation » Export outside EU » Transfers » Data processors » Digital consent for minors » Exceptions
- 4. Incident Response/Breach Notification »GDPR says prevention/detection/response = legitimate interests › So OK to process personal data subject to balance of interests »Breach notification a requirement for all controllers & processors › All breaches affecting PD: record breach & response › Risk to rights & freedoms: notify regulator asap (72 hr expectation) – Nature of breach, consequences, #affected, steps taken/proposed › High risk to individuals: notify them, in consultation with regulator – Including what they can do to protect themselves »Also notification requirements on trust services, telcos, infrastructures… 22/03/2016 What's new in network law?
- 5. Investigatory Powers Bill »Covers existing RIPA interception and comms data disclosure »Also data retention, equipment interference, “technical facilities” › Now extended to any “telecommunications operator” › Not just data you generate or process; only limited by feasibility »Creates Government powers, not operator duties › No requirement till you receive an order › Then probably can’t discuss it with anyone else »Lack of clarity much criticised, including by all Parl’t committees »Now at Committee stage in House of Commons 22/03/2016 What's new in network law?
- 6. »2005 - Fees/cost, time limits, exemptions »2015 - Review launched – 3 central proposed changes »2016 - After 10 years FOI is working well – some recommendations »IPR and disclosures under FOI – Guidance Feb 2016 »FOI and research information: guidance for HE - 2015 Freedom of information 22/03/2016 Networkshopp 44
- 7. jisc.ac.uk Find out more… 22/03/2016 Networkshopp 44 Andrew Cormack John Kelly Andrew.Cormack@jisc.ac.uk John.Kelly@jisc.ac.uk
Notas do Editor
- Pseudonymised Data is created by taking identifying fields within a database and replacing them with artificial identifiers, or pseudonyms.
- 1. Some History – Is anyone here directly involved in responding to FOI requests on a regular basis? I confess to being an FOI nerd not just because it causes embarrassment to public officials about the cost of refurbishing their offices or the fact that it is used to prise information out of Government such as the fact that British pilots are bombing Syria – But because it has made us all more conscious of records management and information Governance – good information practice and categorisation. 2. Three central proposed changes: charging for the requests, making it easier to refuse requests on cost grounds and giving ministers more powers to veto disclosures so that Whitehall has a safe place where civil servants and ministers can devise policy out of the public eye 3. We were not kept in suspense very long - Commission instigated by Matthew Hancock, the Cabinet Office minister, found that after 10 years, FoI is working well - Some recommendations publish all requests and responses where they provide information to a requestor publish statistics 4. IPR and disclosures under FOI – Guidance Feb 2016 Once disclosed, the information is still protected by IP Intellectual property rights 5. How FOI should be applied to scientific research – particularly pre-publication research information - Different types of information are held by HEIs – information may be of particular public interest; of commercial interest; provided in confidence; or sometimes controversial This guidance provides practical case examples derived from ICO decision notices and Information Rights Tribunal decisions