Friday 30 November 2012

ICO's code of practice on anonymisation

The Information Commissioner's Office has released its code of practice on anonymisation, following a consultation period earlier in the year.

It's quite a lengthy document, but is worth a look —
  • it reaffirms that anonymising data is an act of processing in itself, but one which is likely to be permitted under the "legitimate use" basis, and thus does not require consent;
  • there's an interesting discussion about the disclosure of anonymous data, and the "motivated intruder" test for determining whether something should be treated as anonymous or not; and
  • the second case study, on mobile footfall analytics, is particularly pertinent to the course here — my view is that the overall privacy harm (and public perception of the activity) would seem to demand more user control over the activity than ICO has seemed to suggest here.
What do you think? Does it set the bar too low, or it is realistic?
Posted by at No comments:

Tuesday 27 November 2012

Unleashing the Potential of Cloud Computing in Europe


I saw this report from the EU commission and thougth to share it. It gives an overview and status of the cloud computing within the EU.

http://ec.europa.eu/information_society/activities/cloudcomputing/docs/com/com_cloud.pdf


Cloud computing requires clarity and knowledge about the applicable legal framework,
by making it easier to signal and verify compliance with the legal framework (e.g. through
standards and certification) and by developing it further (e.g. through a forthcoming
legislative initiative on cyber security).

Posted by at No comments:

Monday 19 November 2012

Judge: Your boss has no right to your emails held by a third party


"Staff emails can’t just be accessed by a company whenever it feels like it, a UK High Court Judge has ruled, in what could be a guiding case on email privacy."

"The only way that emails could belong to a firm is if they contained copyrighted material or confidential information or if the employee’s signed contract with the firm already said so."


This is new to me, having been employed for so long, and it has  always been the case that employees should be careful on how to use their e-mails becuase the company has the right for accessing it.


Full text here.
Posted by at 2 comments:

Friday 16 November 2012

Businesses need more guidance on how to verify cloud providers' data protection compliance, says EU watchdog


Organisations need to be provided with further guidance over how to ensure that the cloud computing providers they wish to contract with deal with personal data in a manner that complies with EU data protection laws, a privacy watchdog has said.

Full text here.

Certainly, personal data protection covers storing and processing within the cloud, therefore compliance with EU data protection laws is required.
Posted by at 3 comments:
Subscribe to: Posts (Atom)