Last updated: 
4 days 21 hours ago
Blog Manager

One of Jisc’s activities is to monitor and, where possible, influence regulatory developments that affect us and our customer universities, colleges and schools as operators of large computer networks. Since Janet and its customer networks are classified by Ofcom as private networks, postings here are likely to concentrate on the regulation of those networks.

Postings here are, to the best of our knowledge, accurate on the date they are made, but may well become out of date or unreliable at unpredictable times thereafter. Before taking action that may have legal consequences, you should talk to your own lawyers.

NEW: To help navigate the many posts on the General Data Protection Regulation, I've classified them as most relevant to developing a GDPR compliance process, GDPR's effect on specific topics, or how the GDPR is being developed. Or you can just use my free GDPR project plan.

Blog Document

Article 35 of the General Data Protection Regulation introduces a requirement to conduct a formal Data Protection Impact Assessment (DPIA) for any processing that may involve a high risk to individuals. The Article 29 Working Party’s DPIA guidance contains a helpful list of nine factors that may give rise to a high risk. Any activity involving two or more factors is likely to require a DPIA.

Blog Document

Reflecting on the scope chosen by Blackboard for our working group - "Ethical use of AI in Education" - it's worth considering what, if anything, makes education different as a venue for artificial intelligence. Education is, I think, different from commercial businesses because our measure of success should be what pupils/students achieve. Educational institutions should have the same goal as those they teach, unlike commercial settings where success is often a zero-sum game.

Blog Document

I was invited to speak at the Russell Group IT Directors' meeting yesterday, on the Counter-Terrorism and Security Act 2015 and its implications for universities. My slides are attached to this post.

Most of the Act is concerned with human, rather than technology, issues but the Act does require universities and colleges to have "due regard for the need to prevent people being drawn into terrorism". However, as I concluded:

Blog Document

I've done a couple of presentations this week, comparing the risks and benefits of Bring Your Own Device (BYOD) with those that research and education organisations already accept in the ways we use organisation-managed mobile devices. As the title of my talk in Dundee asked, "What’s the Difference?"

Prev | Next