Category Archives: Data Protection

Annual Conference 2017 Resources

The Information Law and Policy Centre held its third annual conference on 17th November 2017. The workshop’s theme was: ‘Children and Digital Rights: Regulating Freedoms and Safeguards’.

The workshop brought together regulators, practitioners, civil society, and leading academic experts who addressed and examined the key legal frameworks and policies being used and developed to safeguard children’s digital freedoms and rights. These legislative and policy regimes include the UN Convention on the Rights of the Child, and the related provisions (such as consent, transparency, and profiling) under the UK Digital Charter, and the Data Protection Bill which will implement the EU General Data Protection Regulation.

The following resources are available online:

  • Full programme
  • Presentation: ILPC Annual Conference, Baroness Beeban Kidron (video)
  • Presentation: ILPC Annual Conference, Anna Morgan (video)
  • Presentation: ILPC Annual Conference, Lisa Atkinson (video)
  • Presentation: ILPC Annual Conference, Rachael Bishop (video)

Co-existing with HAL 9000: Being Human in a World with AI

This event will focus on the implications posed by the increasingly significant role of artificial intelligence (AI) in society and the possible ways in which humans will co-exist with AI in future, particularly the impact that this interaction will have on our liberty, privacy, and agency. Will the benefits of AI only be achieved at the expense of these human rights and values? Do current laws, ethics, or technologies offer any guidance with respect to how we should navigate this future society?

Event date:
Monday, 20 November 2017 – 5:30pm

AI trust and AI fears: A media debate that could divide society

File 20180109 83547 1gya2pg.jpg?ixlib=rb 1.1

In this guest post, Dr Vyacheslav Polonski, Researcher, University of Oxford examines the key question of trust or fear of AI.

We are at a tipping point of a new digital divide. While some embrace AI, many people will always prefer human experts even when they’re wrong.

Unless you live under a rock, you probably have been inundated with recent news on machine learning and artificial intelligence (AI). With all the recent breakthroughs, it almost seems like AI can already predict the future. Police forces are using it to map when and where crime is likely to occur. Doctors can use it to predict when a patient is most likely to have a heart attack or stroke. Researchers are even trying to give AI imagination so it can plan for unexpected consequences.

Of course, many decisions in our lives require a good forecast, and AI agents are almost always better at forecasting than their human counterparts. Yet for all these technological advances, we still seem to deeply lack confidence in AI predictions. Recent cases show that people don’t like relying on AI and prefer to trust human experts, even if these experts are wrong.

If we want AI to really benefit people, we need to find a way to get people to trust it. To do that, we need to understand why people are so reluctant to trust AI in the first place.

Continue reading

How websites watch your every move and ignore privacy settings

File 20171122 6055 jrvkjw.jpg?ixlib=rb 1.1

In this guest post, Yijun Yu, Senior Lecturer, Department of Computing and Communications, The Open University examines the world’s top websites and their routine tracking of a user’s every keystroke, mouse movement and input into a web form – even if it’s later deleted.

Hundreds of the world’s top websites routinely track a user’s every keystroke, mouse movement and input into a web form – even before it’s submitted or later abandoned, according to the results of a study from researchers at Princeton University.

And there’s a nasty side-effect: personal identifiable data, such as medical information, passwords and credit card details, could be revealed when users surf the web – without them knowing that companies are monitoring their browsing behaviour. It’s a situation that should alarm anyone who cares about their privacy.

The Princeton researchers found it was difficult to redact personally identifiable information from browsing behaviour records – even, in some instances, when users have switched on privacy settings such as Do Not Track.

Continue reading

On Internet Intermediaries – from Defamation to Directive to Data Protection

In this guest post,  Professor of Law and Innovation at Queen’s University Belfast Daithí Mac Síthigh reviews the recent Information Law and Policy Centre seminar that explored Internet intermediaries and their legal role and obligations.

Taking stock of recent developments concerning the liability and duties associated with being an Internet intermediary (especially the provision of hosting and social media services) was the theme of a recent event at the Information Law and Policy Centre. In my presentation, starting from about 20 years ago, I reviewed the early statutory interventions, including the broad protection against liability contained in US law (and the narrower shield in respect of intellectual property!), and the conditional provisions adopted by the European Union in Directive 2000/31/EC (E-Commerce Directive), alongside developments in specific areas, such as defamation. The most recent 10 years, though, have seen a trend towards specific solutions for one area of law or another (what I called ‘fragmentation’ in 2013), as well as a growing body of caselaw on liability, injunctions, and the like (both from the Court of Justice of the EU and the domestic courts).

Continue reading

Transferring personal data outside the EU: Clarification from the ECJ?

In this guest post Lorna Woods, Professor of Internet Law at the University of Essex, explores the EU’s proposed Passenger Name Record (PNR) agreement with Canada. This post first appeared on the blog of Steve Peers, Professor of EU, Human Rights and World Trade Law at the University of Essex.

Opinion 1/15 EU/Canada PNR Agreement, 26th July 2017

Continue reading

Submissions to the Law Commission’s consultation on ‘Official Data Protection’: British Computer Society

The Law Commission has invited interested parties to write submissions commenting on the proposals outlined in a consultation report on ‘official data protection’. The consultation period closed for submissions on 3 May, although some organisations have been given an extended deadline. (For more detailed background on the Law Commission’s work please see the first post in this series). 

The Information Law and Policy Centre is re-publishing some of the submissions written by stakeholders and interested parties in response to the Law Commission’s consultation report (pdf) to our blog. In due course, we will collate the submissions on a single resource page. If you have written a submission for the consultation you would like (re)-published please contact us

Please note that none of the published submissions reflect the views of the Information Law and Policy Centre which aims to promote and facilitate cross-disciplinary law and policy research, in collaboration with a variety of national and international institutions.

The thirteenth submission in our series is the response submitted by the British Computer Society.

Download (PDF, 829KB)

(Previous submissions published in this series: Open Rights GroupCFOI and Article 19The Courage FoundationLibertyPublic Concern at WorkThe Institute of Employment RightsTransparency International UKNational Union of Journalists, and English Pen, Reporters Without Borders and Index on Censorship, the Open Government NetworkLorna Woods, Lawrence McNamara and Judith Townend, and Global Witness.)

Creating International Frameworks for Data Protection: New Handbook on Data Protection in Humanitarian Action

In this guest post, Dr Christopher Kuner and Massimo Marelli highlight the publication of the new ICRC/Brussels Privacy Hub handbook on data protection in humanitarian action. Christopher Kuner is professor of law and co-director of the Brussels Privacy Hub, Vrije Universiteit Brussel (VUB) and Massimo Marelli is Head of Data Protection Office at the International Committee of the Red Cross (ICRC). This post first appeared on EJIL: Talk!, the blog of the European Journal of International Law.   

Introduction

The collection and processing of personally-identifiable data is central to the work of both international organisations working in the humanitarian sector (IHOs) and non-governmental organisations (NGOs) in protecting and delivering essential aid to hundreds of millions of vulnerable individuals. With the increased adoption of new technologies in recent years, and the increased complexity of data flows and the growth in the number of stakeholders involved in the processing, there has been an increasing need for data protection guidelines that IHOs and NGOs can apply in their work. This was highlighted first in the 2013 report by Privacy International entitled: “Aiding Surveillance”, and was also recognised by the International Conference of Privacy and Data Protection Commissioners in its Resolution on Privacy and International Humanitarian Action adopted in Amsterdam in 2015 (Amsterdam Resolution).

This need has led to publication of the new Handbook on Data Protection in Humanitarian Action prepared jointly by the Data Protection Office of the International Committee of the Red Cross (ICRC) and the Brussels Privacy Hub, a research institute of the Vrije Universiteit Brussel (VUB) in Brussels. It has been drafted in consultation with stakeholders from the global data protection and international humanitarian communities, including IHOs and humanitarian practitioners, data protection authorities, academics, NGOs, and experts on relevant topics. The drafting committee for the Handbook also included the Swiss Data Protection Authority; the Office of the European Data Protection Supervisor (EDPS); the French-speaking Association of Data Protection Authorities (AFAPDP); the UN High Commissioner for Refugees (UNHCR); the International Organisation for Migration (IOM); and the International Federation of Red Cross and Red Crescent Societies (IFRC).

Content of the Handbook

The Handbook addresses questions of common concern in the application of data protection in international humanitarian action, and is addressed to staff of IHOs and NGOs who are involved in the processing of personal data, particularly those in charge of advising on and applying data protection standards. It is hoped that it may also prove useful to other parties, such as data protection authorities, private companies, and others involved in international humanitarian action. Continue reading

Submissions to the Law Commission’s consultation on ‘Official Data Protection’: Global Witness

The Law Commission has invited interested parties to write submissions commenting on the proposals outlined in a consultation report on ‘official data protection’. The consultation period closed for submissions on 3 May, although some organisations have been given an extended deadline. (For more detailed background on the Law Commission’s work please see the first post in this series). 

The Information Law and Policy Centre is re-publishing some of the submissions written by stakeholders and interested parties in response to the Law Commission’s consultation report (pdf) to our blog. In due course, we will collate the submissions on a single resource page. If you have written a submission for the consultation you would like (re)-published please contact us

Please note that none of the published submissions reflect the views of the Information Law and Policy Centre which aims to promote and facilitate cross-disciplinary law and policy research, in collaboration with a variety of national and international institutions.

The twelfth submission in our series is the response submitted by Global Witness.

Download (PDF, 332KB)

(Previous submissions published in this series: Open Rights GroupCFOI and Article 19The Courage FoundationLibertyPublic Concern at WorkThe Institute of Employment RightsTransparency International UKNational Union of Journalists, and English Pen, Reporters Without Borders and Index on Censorship, the Open Government Network, and Lorna Woods, Lawrence McNamara and Judith Townend.)

Any reform to the law on Official Secrets must provide robust protection for public interest disclosures and open justice

Lorna Woods, Lawrence McNamara and Judith Townend – affiliated members of the Information Law and Policy Centre – comment on the Law Commission’s proposals to reform ‘Protection of Official Data’. This blog post accompanies their submission to the Law Commission’s consultation, and is part of our series documenting the submissions.  

With the election now in the past, the wheels of government are beginning to grind again. While most eyes are on Brussels, it is important that the bright lights of Brexit do not draw attention away from other work that is resuming and ongoing. Among it, the Law Commission will continue its project that considers the revision of the laws on Official Secrets, with its final proposals expected later this year.

The initiative to consider existing law on the ‘Protection of Official Data’ – primarily the Official Secrets Acts 1911-1989 – began with the Cabinet Office when it referred the project to the Commission in 2015. A 315-page consultation paper with provisional recommendations was published by the Commission in spring 2017. It will be the Government that will decide how to proceed, and whether to introduce new draft legislation, once the final recommendations are made.  (No reference to Official Data or Official Secrets was made in the Queen’s Speech).

The Law Commission, which came under – perhaps unanticipated – fire from the media and NGOs for the nature of the proposed reform plans and a perceived lack of consultation before the first report was published, has since been engaging with a wider range of groups and individuals through in-person meetings. It has also published a ‘myth-buster’ on Twitter in response to some of the reports, and shared more explanatory material ahead of meetings.

However, this has not assuaged concerns, with strong reservations about the proposals expressed in a range of written industry and third sector written submissions, a number of which are available online.

We are among those who have met with the Law Commission since publication of its report, and in our written submission we focus on aspects of the consultation that relate to freedom of expression and the public interest: the public interest defence; the Independent Statutory Commissioner model; and access to court proceedings. We also address the related issue of the conduct of trials.

In important respects our position on these issues is often substantially at odds with the Law Commission’s provisional views. In summary:

  • We reject the Commission’s view that the difficulties surrounding a public interest defence outweigh its benefits. We recommend that there should be a public interest defence in official secrets offences for all those engaged in journalism in the public interest, including sources;
  • We recommend that any reformed system should not rely solely on an independent Statutory Commissioner (as the Commission suggests). It should instead adopt the Canadian model of an Independent Commissioner in addition to a public interest defence for official secrets offences;
  • We agree that the Commission’s proposed test of necessity for closing public access to proceedings is an improvement on the current law, but we argue that the proposed change alone falls short of what is required to adhere to the rule of law;
  • We disagree with the Commission’s tentative suggestion that the availability of closed material procedures in civil cases, now permitted under the Justice and Security Act 2013, should prompt a wider review of the ways that fair trial rights and safeguarding of secrets is balanced in criminal cases. On the contrary, there is no good reason at this point in time to embark on a wider review of criminal process and national security issues.

Our full submission can be read at this link.

As a research exercise, independent from the official consultation, the Information Law and Policy Centre at the Institute of Advanced Legal Studies is continuing to publish submissions on this topic: if you or your organisation would like to share yours in this way, please contact Dr Daniel Bennett at daniel.bennett@sas.ac.uk.

Professor Lorna Woods is professor in law, University of Essex; Dr Lawrence McNamara is a reader in law, University of York and senior research fellow at the Bingham Centre for the Rule of Law; and Dr Judith Townend, is a lecturer in media and information law at the University of Sussex.

They are also affiliated to the Information Law and Policy Centre (ILPC) at the Institute of Advanced Legal Studies. The views expressed by the authors in this report are made in a personal capacity and do not represent the views of the ILPC.