JISC Legal : Interception and Monitoring

Site Map
Privacy Statement
Copyright Policy
Accessibility
Feedback

COOKIES: This site uses Google Analytics Cookies for performance monitoring only. By using our website you agree that we can place these cookies on your device.

Legal Guidance for ICT Use in Education, Research and External Engagement

Home
My Role
Legal Areas
Themes
Contact Us
- Enquiry Form
About Us
Training
- JISC Legal Plus

Content

Legal Areas

Interception and Monitoring

Monitoring and Interception Introduction

angled scales

Interception and Monitoring of Communications

Welcome to the JISC Legal webpage on Interception and Monitoring Law. This resource consists of guidance on the law and the legal issues relating to the interception and monitoring of communications technology in colleges and universities.

Resources

Guidance
FAQs
Law Watch
Links

Law, ICT and Sixth Form Colleges (20/02/12)
This guidance is intended for staff in sixth form colleges and aims to provide a helpful overview to key legal issues relevant to sixth form colleges in the development and use of ICT.

Law, ICT and Independent Specialist Colleges (12/01/12)
This guidance is intended for staff in independent specialist colleges that provide further education or training for learners with varying learning needs due to disability issues.

Cookies - Six Months Until Enforcement (25/11/2011)
The law has changed that applies to how cookies are used by websites.

Personal Data and Consent Management: A Briefing Paper (16/11/2011)This guidance is designed to help institutions deal with consent management when sharing personal data across and between institutions and external service providers.

JISC Legal Cloud Computing and the Law Toolkit (31/08/2011)

JISC Legal is pleased to present our free Cloud Computing and the Law toolkit for FE and HE professionals.

ICT Law for FE and HE Senior Management (14/07/2011)

An up-to-date, accessible guide for senior managers on ICT law within FE and HE.

The Digital Economy Act 2010: Implications for UK Colleges and Universities (23/07/2010)

This guidance document examines the Digital Economy Act 2010 and its implications for universities and colleges in the UK.

e-Safety Policy Checklist (03/03/2010)

A checklist of questions for institutions to consider when updating or framing an e-safety policy.

Safeguarding: Meeting your e-Safety Duties Webcast (03/03/2010)

This webcast was designed to assist institutions in meeting their legal duties and inspection needs in relation to safeguarding and e-security.

Institutional Access to Staff and Student IT Accounts and IT Equipment - Model Policy (02/11/2007)

The purpose of this Model Policy is to outline the circumstances in which it is permissible for an institution to access the IT accounts of staff members or students.

Data Retention Directive Overview (21/06/2007)
This overview paper briefly clarifies the current situation with regard to retention of communications traffic data by certain UK organisations.

Interception and Monitoring Law Webcast (16/05/2007)

Webcast providing practical guidance on legally accessing user email accounts, computer hard drive or network storage.

Lifelong Learner Record Study - Report 1- The Project Killer Report (01/06/2004)

A JISC study to explore the Legal and Records Management Issues relating to the concept of the Lifelong Learner record.

Inappropriate Use of Computers - the Technical Investigation Process - HEIDS (18/12/2003)

ARCHIVED

This document describes an investigation process, the legal issues to be considered and provides guidance in formulation of an institutions policy in dealing with incidents of computer misuse and their subsequent investigation at institutions.

Monitoring Internet Use (12/12/2003)

This document describes when monitoring is legally permissible.

Legal Risks and Liabilities for IT Services in FE and HE (01/09/2003)

ARCHIVED This paper brings together risks associated with the laws of contract and torts, employment law, privacy and data protection.

Monitoring and Encryption - the Powers of Law Enforcement Agencies - 05/03/2003

This paper outlines the three distinct types of information and the circumstances in which law enforcement agencies may require institutions to disclose them under the provisions in the Regulation of Investigatory Powers Act. 2000 (RIPA).

Duty of Care in the Further and Higher Education Sectors (01/10/2002)

ARCHIVED

An examination of what legal duty of care is required in the ICT environment by FE and HE institutions.

How can we monitor emails remotely? Learners have a right of privacy to personal communications (article 8 of the European Convention on Human Rights) but colleges have ... (cont)

Are there situations where information held in staff private email accounts might be disclosed under FOI?
Emails although sent from a staff member's private email account can still be subject to FOIA.

What should we do if we come across email communications that clearly break the law?
Any monitoring of systems, even if it is minimal, must be done only after consent has been sought from the persons who are subject to monitoring ... (cont)

What Does the New "Cookie" Legislation Require us to do?

The law has changed that applies to how institutions must use cookies.

Can an institution use a cloud service provider that is unable to give assurances that personal data will not be transferred to a country outside the EEA?It is important to recognise that in any situation where a data controller is using a data processor, the data controller remains responsible for compliance with the Data Protection Act 1998 (DPA).

Where can we get practical, relevant staff development training on ICT and law issues such as copyright, data protection and e-safety?

We are pleased to announce the launch of JISC Legal Plus - a new staff development service bringing JISC Legal's expertise to your institution at competitive prices... (cont'd)

How long are colleges and universities required to retain emails?

Firstly it is necessary to try and distinguish between emails which contain information which are business records and emails which are just ... (cont)

Can a college or university covertly monitor its students’ online activity?

Covert monitoring is surveillance of online activity without giving the users involved specific notification that this is going on. It clearly has legal implications relating to ... (cont)

What balance should we strike between a strict internet filter (which can hinder media development), and a more lenient policy?

The simplest way of addressing this is to remind users that it is the institution's responsibility to comply with the JANET Acceptable Use Policy ... (cont)

Is a blanket policy prohibiting personal communications over the college network enough to permit lawful monitoring of all email and internet use?

No, an acceptable use policy does not override the law in relation to monitoring. All monitoring must be carried out ... (cont)

What are our obligations, as an institution, in order to meet email compliance legislation?

Some of the clearest information on disclaimers is available on the 'Business Link' website which is primarily funded by the UK Department of ... (cont)

New Plans for Defamation Law and Communications Data

Improving the protection of freedom of speech and increasing access to vital communications, including internet use, are proposed in the Queen's speech.

Digital Economy Act's Anti-Piracy Measured Delayed

The Digital Economy Act 2010 was given royal assent late on Thursday, 8 April 2010, following the final reading of the Digital Economy Bill in the House of Commons, the previous night.

What Does the New "Cookie" Legislation Require us to do?

The law has changed that applies to how institutions must use cookies.

Updated Guidance by the ICO on Cookies
Guidance has been issued by the ICO on how the rules apply for those operating websites and using cookies.

Personal Opinions Online Subject to the DPA

The High Court states that even where private individuals are expressing their own views online the requirements of lawful processing in the DPA can apply.

Defamation - Academics to get Increased Protection
Joint Committee report on defamation law recommends new notice and take-down internet procedures as well as increased protection for scientists and academics.

New ICO Regulations - Unwanted Emails - Cookies

Fines of up to £500,000 for the most serious incidents of sending unwanted emails.

New Law on Cookies Coming into Force

New law gives individuals more control over what information organisations can store on their computer.

Proposed New EU Rules to have Child Pornography Online Deleted

The EU has taken a step towards common rules for cracking down on those who sexually abuse children and post images of the abuse on the internet.

Defamation Bill 2011

This bill seeks to amend current defamation legislation and is progressing through Parliament. The main focus of the bill is to make sure that defamation legislation is fit for modern times.

Digital Economy Act Progresses Despite Judicial Review

A Statutory Instrument has been set out on costs sharing for rights holders and ISPs in implementing the Digital Economy Act.

EC Consultation on IPR Enforcement- Get Involved

The European Commission has announced a consultation on the Commission report on the enforcement of intellectual property rights.

Digital Economy Act Subject to Judicial Review

The controversial Digital Economy Act (DEA) is to be reviewed by the High Court and subject to a Parliamentary enquiry

What Constitutes Personal Data?

Data protection law needs to provide more clarity on what actually constitutes personal data.

Wanted - Your Views on New Public Sector Equality Duty

A consultation by the GEO seeks views on proposals for draft regulations on the new public sector equality duty.

Nowhere to Run - EU Online Copyright Infringement Agreement Being Drawn Up

A working party representing 37 EU countries is currently negotiating the Anti-counterfeiting Trade Agreement (ACTA) which intends to tackle online copyright infringements on an international level.

Equality Act Receives Royal Assent

On 8 April 2010 the Equality Act received royal assent after completing its parliamentary process.

EU Cookie Directive - Directive 2009/136/EC

This amendment directive requires consent for the placement of cookies on the Internet by tightening existing legislation in this regard, namely the, e-Privacy Directive, 2002/58/EC.

Watch Out YouTube

A surprise amendment forced through for controversial clause 17 of the Digital Economy Bill could lead to entire sites being forced offline if it becomes law.

Swift Action by Website Beats Defamation (29/01/2010)

Removing potentially libellous material posted by website users as soon as possible can protect from liability

Data Breaches - ICO Raises the Stakes

Institutions falling to report data breaches can face financial penalties from April 2010

RIPA (Part 2) New Codes of Practice (22/01/2010)

Further to consultation on The Regulation of Investigatory Powers Act 2000, the Home Office has published new Codes of Practice that will come into force on 6 April 2010.

ICO Updated Privacy Impact Assessment Guide

ICO issues handbook on handling personal information and managing privacy risks.

E-Privacy Directive to be Reviewed by EU Data Protection Working Party (26/06/2008)

The Data Protection Working Party of the EU proposed to discuss the ePrivacy Directive (2002/58/EC) on 24 and 25 June 2008.

EU Regulatory Framework for Electronic Communications and Network Services (16/01/2008)

The EU Framework for Electronic Communications and Network Services may impact on at least five pieces of existing UK legislation.

Guide to Social Networking in the Workplace

ACAS guide offers practical tips on the impact of social networking on discipline and grievances, bullying, defamation, data protection and privacy.

JANET Guidelines for Handling Illegal Material

Janet Guidelines to assist universities and colleges in handling indecent images of children found on their information systems.

EU Report Highlights Pros and Cons of Cloud Computing

The European Network and Information Security Agency (ENISA) has published its report ‘Security and Resilience in Governmental Clouds’ which assesses the operational, legal, and security requirements of cloud computing.

JANET Factsheet: Providing Email Addresses for Alumni

This JANET factsheet on providing email accounts for alumni is intended to assist in considering all the potential issues involved, with JISC Legal contribution from a legal perspective.

Equality Act 2010 - A Summary Guide for Public Sector Organisations

Guidance for public sector organisationsaims to make current equality law more consistent, clearer and easier to follow in order to make society fairer.

Interception and Monitoring Law Useful Links

The resources on this webpage provide links to information on Interception and Monitoring law available on external websites.

Search Site

Interception & Monitoring Newslinks

Google Analytics Cookies - Provide Information

ICO says that enforcement action for use of Google Analytics cookies without prior consent is unlikely.

New Plans for Defamation Law and Communications Data

Improving the protection of freedom of speech and increasing access to vital communications, including internet use, are proposed in the Queen's speech.

Cookie Compliance Deadline To Be Missed

It is reported today that the majority of the UK government’s many websites will miss the deadline for compliance with the cookie legislation.

Monitoring Social Media in Education

A story published this week in the Higher Education network blog highlights the issue of universities monitoring social media sites.

View all Interception & Monitoring news

Recent JISC Legal Events

Video Introduction - Cloud Computing and the Law Webcast - (30 May 2012, 2pm, Online)

This webcast will examine and clarify the legal challenges for colleges and universities that are using or considering using cloud computing services.

Social Media