Category Archives: Privacy

Ethical issues in research using datasets of illicit origin

In this guest post Dr Daniel R. Thomas, University of Cambridge reviews research surrounding ethical issues in research using datasets of illicit origin. This post first appeared on “Light Blue Touchpaper” weblog written by researchers in the Security Group at the University of Cambridge Computer Laboratory.

On Friday at IMC I presented our paper “Ethical issues in research using datasets of illicit origin” by Daniel R. Thomas, Sergio Pastrana, Alice Hutchings, Richard Clayton, and Alastair R. Beresford. We conducted this research after thinking about some of these issues in the context of our previous work on UDP reflection DDoS attacks.

Data of illicit origin is data obtained by illicit means such as exploiting a vulnerability or unauthorized disclosure, in our previous work this was leaked databases from booter services. We analysed existing guidance on ethics and papers that used data of illicit origin to see what issues researchers are encouraged to discuss and what issues they did discuss. We find wide variation in current practice. We encourage researchers using data of illicit origin to include an ethics section in their paper: to explain why the work was ethical so that the research community can learn from the work. At present in many cases positive benefits as well as potential harms of research, remain entirely unidentified. Few papers record explicit Research Ethics Board (REB) (aka IRB/Ethics Commitee) approval for the activity that is described and the justifications given for exemption from REB approval suggest deficiencies in the REB process. It is also important to focus on the “human participants” of research rather than the narrower “human subjects” definition as not all the humans that might be harmed by research are its direct subjects.

The paper and the slides are available.

Are we still ‘Amusing Ourselves to Death’ and if so, at what cost to children?

Marion Oswald Senior Fellow at The Centre for Information Rights, University of Winchester contributes to the blog, examining the British and Irish Law Education and Technology Association (BILETA) consultation run by The Centre of Information Rights. The consultation took place on the 7 June 2017 and concerned the impact of broadcast and social media on the privacy and best interests of young children.

In 1985, in his book ‘Amusing Ourselves to Death’, Professor Neil Postman warned us that:

‘To be unaware that a technology comes equipped with a programme for social change, to maintain that technology is neutral…is…stupidity plain and simple.’

Postman was mainly concerned with the impact of television, with its presentation of news as ‘vaudeville’ and thus its influence on other media to do the same. He was particularly exercised by the co-option by television of ‘serious modes of discourse – news, politics, science, education, commerce, religion’ and the transformation of these into entertainment packages.  This ‘trivial pursuit’ information environment, he argued, risked amusing us into indifference and a kind of ‘culture-death.’ Can a culture survive ‘if the value of its news is determined by the number of laughs it provides’?

Continue reading

The Surveillance Triangle: Authorities, Data subjects and Means

Readers of the Information and Law Policy Centre blog may be interested in the following event held by Maastricht University.

The academic conference addresses the question as to how surveillance is perceived from the perspective of three main stakeholders involved in the process of surveillance: surveillance authorities, data subjects and companies. The conference tackles precisely this issue. It brings together the perspective of those stakeholders and provides informative insights of academics from both the EU and the US on how these issues interplay in different contexts.

Programme

9:30-10:00 Registration
10:00-10:30 Keynote speech:
The EU’s approach towards surveillance”, Philippe Renaudière, Data Protection Officer, European Commission
10:30-12:00 Panel I: The perspective of the authorities who exercise surveillance
12:00-13:30 Lunch
13:30-15:00 Panel II: The perspective of Individuals subject to surveillance
15:00-15:30 Coffee break
15:30-17:00 Panel III: Means of Surveillance
17:00-17:30 Closing remarks, Giovanni Buttarelli, EDPS
17:30-18:00 Wrap-up
18:00 Network Cocktail

The Legal Challenges of Social Media

Legal Challenges of social media imageHow has the law adapted to the emergence and proliferation of social media tools and digital technology? Furthermore, how successful has the law been in governing the challenges associated with an ongoing reformulation of our understandings of public and private spaces in the online environment?

These were the key questions discussed by a panel of experts at the Information Law and Policy Centre earlier this month. The event heralded the launch of a new book entitled the ‘Legal Challenges of Social Media’ edited by Dr David Mangan (City Law School) and Dr Lorna Gillies (University of Strathclyde).  A number of the book’s authors provided insights into the contents of their individual chapters.

Social Media and Press Regulation

Professor Ian Walden began proceedings with a discussion of his chapter on press regulation. His chapter was informed by his own experience on the board of the Press Complaints Commission (PCC) between 2009 and 2014.

Walden started by addressing the question of what constitutes “press law”. Walden highlighted that for the most part journalists and editors are subject to the same law as most people – there is no special ‘public interest’ defence or journalistic exemption for hacking into the voicemail of a mobile phone user for example. At the same time, journalists abide (to varying degrees) to an Editors’ Code which goes beyond the provisions of the law. In this context, the online environment and social media has rendered press regulation even more complex in a number of ways.

Continue reading

Submissions to the Law Commission’s consultation on ‘Official Data Protection’: British Computer Society

The Law Commission has invited interested parties to write submissions commenting on the proposals outlined in a consultation report on ‘official data protection’. The consultation period closed for submissions on 3 May, although some organisations have been given an extended deadline. (For more detailed background on the Law Commission’s work please see the first post in this series). 

The Information Law and Policy Centre is re-publishing some of the submissions written by stakeholders and interested parties in response to the Law Commission’s consultation report (pdf) to our blog. In due course, we will collate the submissions on a single resource page. If you have written a submission for the consultation you would like (re)-published please contact us

Please note that none of the published submissions reflect the views of the Information Law and Policy Centre which aims to promote and facilitate cross-disciplinary law and policy research, in collaboration with a variety of national and international institutions.

The thirteenth submission in our series is the response submitted by the British Computer Society.

Download (PDF, 829KB)

(Previous submissions published in this series: Open Rights GroupCFOI and Article 19The Courage FoundationLibertyPublic Concern at WorkThe Institute of Employment RightsTransparency International UKNational Union of Journalists, and English Pen, Reporters Without Borders and Index on Censorship, the Open Government NetworkLorna Woods, Lawrence McNamara and Judith Townend, and Global Witness.)

Creating International Frameworks for Data Protection: New Handbook on Data Protection in Humanitarian Action

In this guest post, Dr Christopher Kuner and Massimo Marelli highlight the publication of the new ICRC/Brussels Privacy Hub handbook on data protection in humanitarian action. Christopher Kuner is professor of law and co-director of the Brussels Privacy Hub, Vrije Universiteit Brussel (VUB) and Massimo Marelli is Head of Data Protection Office at the International Committee of the Red Cross (ICRC). This post first appeared on EJIL: Talk!, the blog of the European Journal of International Law.   

Introduction

The collection and processing of personally-identifiable data is central to the work of both international organisations working in the humanitarian sector (IHOs) and non-governmental organisations (NGOs) in protecting and delivering essential aid to hundreds of millions of vulnerable individuals. With the increased adoption of new technologies in recent years, and the increased complexity of data flows and the growth in the number of stakeholders involved in the processing, there has been an increasing need for data protection guidelines that IHOs and NGOs can apply in their work. This was highlighted first in the 2013 report by Privacy International entitled: “Aiding Surveillance”, and was also recognised by the International Conference of Privacy and Data Protection Commissioners in its Resolution on Privacy and International Humanitarian Action adopted in Amsterdam in 2015 (Amsterdam Resolution).

This need has led to publication of the new Handbook on Data Protection in Humanitarian Action prepared jointly by the Data Protection Office of the International Committee of the Red Cross (ICRC) and the Brussels Privacy Hub, a research institute of the Vrije Universiteit Brussel (VUB) in Brussels. It has been drafted in consultation with stakeholders from the global data protection and international humanitarian communities, including IHOs and humanitarian practitioners, data protection authorities, academics, NGOs, and experts on relevant topics. The drafting committee for the Handbook also included the Swiss Data Protection Authority; the Office of the European Data Protection Supervisor (EDPS); the French-speaking Association of Data Protection Authorities (AFAPDP); the UN High Commissioner for Refugees (UNHCR); the International Organisation for Migration (IOM); and the International Federation of Red Cross and Red Crescent Societies (IFRC).

Content of the Handbook

The Handbook addresses questions of common concern in the application of data protection in international humanitarian action, and is addressed to staff of IHOs and NGOs who are involved in the processing of personal data, particularly those in charge of advising on and applying data protection standards. It is hoped that it may also prove useful to other parties, such as data protection authorities, private companies, and others involved in international humanitarian action. Continue reading

Submissions to the Law Commission’s consultation on ‘Official Data Protection’: National Union of Journalists (NUJ)

The Law Commission has invited interested parties to write submissions commenting on the proposals outlined in a consultation report on ‘official data protection’. The consultation period closed for submissions on 3 May, although some organisations have been given an extended deadline. (For more detailed background on the Law Commission’s work please see the first post in this series). 

The Information Law and Policy Centre is re-publishing some of the submissions written by stakeholders and interested parties in response to the Law Commission’s consultation report (pdf) to our blog. In due course, we will collate the submissions on a single resource page. If you have written a submission for the consultation you would like (re)-published please contact us

Please note that none of the published submissions reflect the views of the Information Law and Policy Centre which aims to promote and facilitate cross-disciplinary law and policy research, in collaboration with a variety of national and international institutions.

The eighth submission in our series is the response submitted by the National Union of Journalists (NUJ). The NUJ’s submission was accompanied by a press release arguing “that editorial matters relating to national security, official secrets and the public interest are decisions best left to journalists.”

(Previous submissions published in this series: Open Rights Group, CFOI and Article 19, The Courage FoundationLibertyPublic Concern at WorkThe Institute of Employment Rights and Transparency International UK)

Download (PDF, 281KB)

Submissions to the Law Commission’s consultation on ‘Official Data Protection’: The Institute of Employment Rights

The Law Commission has invited interested parties to write submissions commenting on the proposals outlined in a consultation report on ‘official data protection’. The consultation period closed for submissions on 3 May, although some organisations have been given an extended deadline. (For more detailed background on the Law Commission’s work please see the first post in this series). 

The Information Law and Policy Centre is re-publishing some of the submissions written by stakeholders and interested parties in response to the Law Commission’s consultation report (pdf) to our blog. In due course, we will collate the submissions on a single resource page. If you have written a submission for the consultation you would like (re)-published please contact us

Please note that none of the published submissions reflect the views of the Information Law and Policy Centre which aims to promote and facilitate cross-disciplinary law and policy research, in collaboration with a variety of national and international institutions.

The sixth submission in our series is the response submitted by The Institute of Employment Rights. The IER’s submission was written by Catherine Hobby, Senior Lecturer in Law at the University of East London, and was first published here on their website.

(Previous submissions published in this series: Open Rights Group, CFOI and Article 19, The Courage FoundationLiberty and Public Concern at Work)

Download (PDF, 829KB)

Call for Papers – Children and Digital Rights: Regulating Freedoms and Safeguards

We are pleased to announce this call for papers for the Information Law and Policy Centre’s Annual Conference on 17 November 2017 at IALS in London, this year supported by Bloomsbury’s Communications Law journal. You can read about our previous annual events here.

We are looking for high quality and focused contributions that consider information law and policy within the context of children and digital rights. Whether based on doctrinal analysis, or empirical social research, papers should offer an original perspective on the implications posed by the data-driven society for the regulation of the digital rights of children and young adults, and the freedoms and safeguards therein.

Topics of particular interest in 2017 include:

  • Internet intermediary liability
  • Social media
  • Data privacy
  • Internet of Things
  • Cyber security
  • UN Convention on the Rights of the Child
  • Online games/apps
  • Digital education
  • The EU General Data Protection Regulation

The workshop will take place on Friday 17th November 2017 and will be followed by the Information Law and Policy Centre’s Annual Lecture and an evening reception.

Attendance will be free of charge thanks to the support of the IALS and our sponsor, although registration is required as places are limited.

The best papers will be featured in a special issue of Bloomsbury’s Communications Law journal, following a peer-review process. Those giving papers will be invited to submit full draft papers to the journal by 1st November 2017 for consideration by the journal’s editorial team.

How to apply:

Please send an abstract of between 250-300 words and some brief biographical information to Eliza Boudier, Fellowships and Administrative Officer, IALS: eliza.boudier@sas.ac.uk by Friday 14th July 2017 (5pm, BST).

Abstracts will be considered by the Information Law and Policy Centre’s academic staff and advisors, and the Communications Law journal editorial team.

About the Information Law and Policy Centre at the IALS:

The Information Law and Policy Centre (ILPC) produces, promotes, and facilitates research about the law and policy of information and data, and the ways in which law both restricts and enables the sharing, and dissemination, of different types of information.

The ILPC is part of the Institute of Advanced Legal Studies (IALS), which was founded in 1947. It was conceived, and is funded, as a national academic institution, attached to the University of London, serving all universities through its national legal research library. Its function is to promote, facilitate, and disseminate the results of advanced study and research in the discipline of law, for the benefit of persons and institutions in the UK and abroad.

The ILPC’s Annual Conference and Annual Lecture form part of a series of events celebrating the 70th Anniversary of the IALS in November.

About Communications Law (Journal of Computer, Media and Telecommunications Law):

Communications Law is a well-respected quarterly journal published by Bloomsbury Professional covering the broad spectrum of legal issues arising in the telecoms, IT, and media industries. Each issue brings you a wide range of opinion, discussion, and analysis from the field of communications law. Dr Paul Wragg, Associate Professor of Law at the University of Leeds, is the journal’s Editor in Chief.