gdpr: challenges and opportunities - kinetic · gdpr: challenges and opportunities andrew cormack,...
TRANSCRIPT
![Page 1: GDPR: Challenges and Opportunities - Kinetic · GDPR: Challenges and Opportunities Andrew Cormack, Chief Regulatory Adviser (@Janet_LegReg)](https://reader033.vdocuments.net/reader033/viewer/2022052720/5f0929787e708231d425854e/html5/thumbnails/1.jpg)
GDPR: Challenges and OpportunitiesAndrew Cormack, Chief Regulatory Adviser (@Janet_LegReg)
![Page 2: GDPR: Challenges and Opportunities - Kinetic · GDPR: Challenges and Opportunities Andrew Cormack, Chief Regulatory Adviser (@Janet_LegReg)](https://reader033.vdocuments.net/reader033/viewer/2022052720/5f0929787e708231d425854e/html5/thumbnails/2.jpg)
Have you heard?
![Page 3: GDPR: Challenges and Opportunities - Kinetic · GDPR: Challenges and Opportunities Andrew Cormack, Chief Regulatory Adviser (@Janet_LegReg)](https://reader033.vdocuments.net/reader033/viewer/2022052720/5f0929787e708231d425854e/html5/thumbnails/3.jpg)
So now we know…
•People know about Data Protection
•Regulators willing to enforce
•Universities visible
Martinvl [CC BY-SA 4.0 (https://creativecommons.org/licenses/by-sa/4.0)]
![Page 4: GDPR: Challenges and Opportunities - Kinetic · GDPR: Challenges and Opportunities Andrew Cormack, Chief Regulatory Adviser (@Janet_LegReg)](https://reader033.vdocuments.net/reader033/viewer/2022052720/5f0929787e708231d425854e/html5/thumbnails/4.jpg)
It’s (especially) complicated…
Just some of the challenges
Power, not Responsibility
Magic Data Sharing
Agreements
Unclear law e.g. public task Tool support
“only by consent”
Unclear law e.g. cookies
“They do it” Brexit
Research
![Page 5: GDPR: Challenges and Opportunities - Kinetic · GDPR: Challenges and Opportunities Andrew Cormack, Chief Regulatory Adviser (@Janet_LegReg)](https://reader033.vdocuments.net/reader033/viewer/2022052720/5f0929787e708231d425854e/html5/thumbnails/5.jpg)
It’s an opportunity…
Adopt the Accountability Principle
•Distinctive•Plenty of others ignore/deny•GDPR as guide to hard questions
•Plan to do the right thing•Willingly•Openly•Beyond minimum
•Don’t rely on quibbles
Plan by Nick Youngson CC BY-SA 3.0 Alpha Stock Images
![Page 6: GDPR: Challenges and Opportunities - Kinetic · GDPR: Challenges and Opportunities Andrew Cormack, Chief Regulatory Adviser (@Janet_LegReg)](https://reader033.vdocuments.net/reader033/viewer/2022052720/5f0929787e708231d425854e/html5/thumbnails/6.jpg)
E.g. Data Protection Impact Assessments
•Do them to learn•Not just to comply
•Publish them•Great way to build confidence
![Page 7: GDPR: Challenges and Opportunities - Kinetic · GDPR: Challenges and Opportunities Andrew Cormack, Chief Regulatory Adviser (@Janet_LegReg)](https://reader033.vdocuments.net/reader033/viewer/2022052720/5f0929787e708231d425854e/html5/thumbnails/7.jpg)
E.g. Intelligent Campus
•Think/discuss/agree•Purposes•Sensors•Minimisation•Balance•Creep
•Draft DPIA toolkit available…
•Also peer-reviewed paper
![Page 8: GDPR: Challenges and Opportunities - Kinetic · GDPR: Challenges and Opportunities Andrew Cormack, Chief Regulatory Adviser (@Janet_LegReg)](https://reader033.vdocuments.net/reader033/viewer/2022052720/5f0929787e708231d425854e/html5/thumbnails/8.jpg)
E.g. Wellbeing Analytics
•Think/discuss/agree•Legal Basis• Individual Rights•Student & staff support
•Draft Code of Practice available•Working on a DPIA template
•Accepted as ICO Sandbox project J
![Page 9: GDPR: Challenges and Opportunities - Kinetic · GDPR: Challenges and Opportunities Andrew Cormack, Chief Regulatory Adviser (@Janet_LegReg)](https://reader033.vdocuments.net/reader033/viewer/2022052720/5f0929787e708231d425854e/html5/thumbnails/9.jpg)
Challenge• Changing expectations
• Of us• By us
Opportunity
• Trusted DP leaders• New thinking• New practice
GDPR for education/research
![Page 10: GDPR: Challenges and Opportunities - Kinetic · GDPR: Challenges and Opportunities Andrew Cormack, Chief Regulatory Adviser (@Janet_LegReg)](https://reader033.vdocuments.net/reader033/viewer/2022052720/5f0929787e708231d425854e/html5/thumbnails/10.jpg)
References
• ICO Cambridge Analytica report• https://ico.org.uk/about-the-ico/news-and-events/news-and-blogs/2018/07/findings-recommendations-and-actions-
from-ico-investigation-into-data-analytics-in-political-campaigns/
• DPIAs• SOC http://repository.jisc.ac.uk/6847/1/Jisc_security_operations_centre_-_data_protection_impact_assessment.pdf• Learning Analytics http://repository.jisc.ac.uk/7150/1/data_protection_impact_assessment_learning_analytics.pdf
• Intelligent Campus (DPIA and Paper)• https://intelligentcampus.jiscinvolve.org/wp/2019/04/09/intelligent-campus-risks-benefits-and-ethics/
• Wellbeing Analytics Code of Practice• https://community.jisc.ac.uk/blogs/regulatory-developments/document/draft-wellbeing-analytics-code-practice
• Blog https://community.jisc.ac.uk/blogs/regulatory-developments
![Page 11: GDPR: Challenges and Opportunities - Kinetic · GDPR: Challenges and Opportunities Andrew Cormack, Chief Regulatory Adviser (@Janet_LegReg)](https://reader033.vdocuments.net/reader033/viewer/2022052720/5f0929787e708231d425854e/html5/thumbnails/11.jpg)
jisc.ac.uk
Andrew CormackChief Regulatory Adviser
Lumen House, Library Ave, Didcot OX11 0SG
01235 822200