Regulatory Developments

Last updated: 
1 week 3 hours ago
Blog Manager

One of Janet’s activities is to monitor and, where possible, influence regulatory developments that affect us and our customer universities, colleges and schools as operators of large computer networks. Since Janet and its customer networks are classified by Ofcom as private networks, postings here are likely to concentrate on the regulation of those networks.

Postings here are, to the best of our knowledge, accurate on the date they are made, but may well become out of date or unreliable at unpredictable times thereafter. Before taking action that may have legal consequences, you should talk to your own lawyers.

NEW: To help navigate the many posts on the General Data Protection Regulation, I've classified them as most relevant to developing a GDPR compliance process, GDPR's effect on specific topics, or how the GDPR is being developed. Or you can just use my free GDPR project plan.

Filter by tags:

Group administrators:

Blog Article

The Article 29 Working Party of European data protection supervisors has published the final version of its Guidelines on Data Protection Impact Assessments (DPIAs). These build on the long-standing concept of Privacy Impact Assessments, being similar to normal risk assessments but looking at risks to the individuals whose data are being processed, rather than to the organisation doing the processing.

Blog Article

It's pretty clear from the context and implications that when European legislators wrote "public authority" into the General Data Protection Regulation they didn't mean the same as the drafters of the UK's Freedom of Information Acts. "Public authority" isn't defined in the Regulation and I've not been able to find it in any other European law, so I'm grateful to David Erdos for pointing out the case where the concept and reason for it, if not the actual phrase, were discussed.

Blog Article

Most of us are familiar with the recorded messages at the start of phone calls that warn "this call may be recorded for compliance and training purposes". Some may recognise it as meeting the requirement to notify callers under the snappily titled Telecommunications (Lawful Business Practice) (Interception of Communications) Regulations 2000. But the data protection implications of call recording are perhaps more interesting.

Blog Article

Jisc provides a lot of different services: too many for us to look at each one from scratch before the General Data Protection Regulation comes into force next May. Instead, we've identified four different patterns that seem to cover the majority of services. We hope that having a common set of expectations for each pattern will simplify discussions with service managers, customers and users.

Prev | Next