Welcome to the December 2011 JISC Legal Monthly Newsletter (No 77). This month we feature yet more stories about data protection breaches, more developments with regards to the legal issues surrounding social networking sites, and reminders of forthcoming deadlines for compliance on Equality Duty and the use of cookies. Law Watch items this month include items on the new Education Act, and the forthcoming EU update on data protection law. JISC Legal continues to offer great value expert in-house training on FOI, copyright, data protection and e-safety to colleges and universities. If your institution is looking for relevant sector specific expertise in these significant areas then our on-site staff development packages are for you. Find out the details of JISC Legal Plus at -http://www.jisclegal.ac.uk/training/jisc-legal-plus.aspx.
NewsFacebook to Beef Up Privacy Settings Facebook has settled its latest dispute over abuse of user data and has agreed to tighter consent rules on privacy. Colleges and universities in the UK use Facebook as a tool in teaching and learning and although this agreement was reached in the US with the Federal Trade Commission, it should be of benefit to users in the UK. Any tightening of consent and retention settings and rules can only be positive in helping institutions in implementing and maintaining a culture of compliance with EU and UK data protection laws. This news story is available on the BBC Website at http://www.bbc.co.uk/news/business-15953414
BIS Confirms Funding for Sixth Form Colleges Until 2014 JISC Advance announced today that Sixth Form Colleges will continue to benefit from JISC services - including JISC Legal - for the 2012/13 and 2013/14 financial years. The funding, confirmed by BIS (the Department for Business, Innovation and Skills) yesterday, will apply to Sixth Form Colleges in England. It will include cover for all JISC Advance services including Regional Support Centres and Advisory Services as well as JANET and other JISC services. The announcement follows discussions between BIS and the Department for Education (DfE) who now has responsibility for Sixth Form Colleges. In common with other JISC services, JISC Legal welcomes the news which reflects that our services are recognised by both departments as representing good value to the sector.
Email Blunders Cost Councils The Information Commissioner's Office has served monetary penalties on two councils after emails containing highly sensitive personal information were sent to the wrong recipients. The ICO found that appropriate measures to prevent unauthorised processing were not in place. A lack of appropriate and relevant training for staff, inadequate encryption of information held and a failure to distinguish between internal and external communications had led to his conclusions. The ICO also recommended that in such circumstances, managers ought to approve any email distribution list used. FE and HE institutions are reminded to be particularly vigilant when processing sensitive and confidential information. Further details on the decisions are available on the ICO website.
New UK Cyber Security Strategy Unveiled The Government's new plan recognises the value of internet business and aims to increase security and protection of the digital environment. The strategy intends to promote partnerships with the private sector "...to help improve security, build our reputation as a safe place to do business online, and turn threats into opportunities." Proposals include the creation of a new national security hub to enable effective exchanges of information, a Cyber Crime Unit and a new single reporting system for financially motivated cybercrime. In addition, a voluntary code of conduct in partnership with ISPs is planned to assist in situations where computers have been compromised. This document will be of particular relevance to FE and HE staff responsible for IT security.
New Cookie Law - Action Required The law has changed that applies to how cookies are used by websites. Essentially the new legal requirement is that cookies and similar technologies can only be placed on a user's machine where the user has given their consent. Organisations, including FE and HE institutions, have been given up to one year to get their house in order. We are now, on the 25 of November 2011, at the halfway stage of this 'lead in' period. Although there remains some uncertainty as to how best to obtain users' consent, the ICO has signalled that those who choose to do nothing in the mean time will have their lack of action taken into account when formal enforcement of the rules begins. Find out what your institution should be doing about its use of cookies in the JISC Legal article entitled "Cookies - Six months Until Enforcement".
FOI Model Publication Scheme Survey The Information Commissioner's Office (ICO) has launched a campaign to get views about what information public authorities including FE and HE institutions should proactively release. The Freedom of Information Act makes it a legal requirement for all public authorities to proactively publish certain information. This is an opportunity for the public to tell the ICO what they want to know upfront about public authorities. Members of the public are encouraged to complete a survey to help ensure that a model publication scheme that is fit for purpose and reflects their interests is created. Further details of how to complete the survey is available on the ICO website.
Online Accessibility Forum Launched A website designed to allow people to tell Government and businesses how to make the internet more accessible has been launched. The eAccessibility Forum website offers people using and working on the internet, including disabled learners and staff in universities and FE and HE colleges, the opportunity to discuss difficulties they have noticed in accessing websites and other online services and to promote best practice. The site is designed to assist the Forum, a broad coalition of Government, charity and private sector organisations, in developing and sharing ways to improve online accessibility. It will also inform the Forum's eAccessibility Action Plan. For further details on the story visit the DCMS website.
Sound Recordings Copyright Extension Now Law The EU Directive which extends the copyright protection for sound recordings to 70 years has completed its legal process and is now in force. EU members including the UK have two years (and twenty days) from the date of publication of the Directive in the Official Journal of the European Union to implement the Directive in their country i.e. until 01 Nov 2013. JISC Legal has updated the law watch item of 30 September 2011 titled 'Copyright Term in Sound Recordings to be Extended' to reflect these dates. Further information on this new law is available from the JISC Legal Law Watch item
Personal Data Loss in the Spotlight Again A new report finds there have been over 1000 cases of data loss since 2008 in local government in England and Wales. At least 244 laptops and portable computers, 93 mobile devices and 98 memory sticks containing personal data have gone missing. The steady increase in smart phone use in teaching and learning, as well as in access to student records, highlights the need for institutions to have their own data protection policies and procedures under regular review and updated if necessary to include mobile technologies. The full news item is on the BBC website at http://www.bbc.co.uk/news/uk-15840373
UCAS Subject to FOI From the beginning of this month UCAS, the organisation through which applications are processed for entry to UK higher education institutions, became subject to the terms of the Freedom of Information Act 2000 in relation to some of its functions. This move may help institutions, as round-robin FOI enquiries regarding admissions may end up with UCAS rather than each institution. Further details on this story are available from the UCAS website.
Digital Copyright Exchange Feasibility Study Announced The Government today announced the appointment of Richard Hooper, former Deputy Chairman of Ofcom, to lead a feasibility study into the development of a Digital Copyright Exchange for the UK (DCE). The establishment of a DCE, a digital market place where licences in copyright content can be readily bought and sold, was one of the recommendations made by Professor Ian Hargreaves in his review of Intellectual Property and would simplify rights clearance in providing access to materials held in universities and FE and HE colleges. Further details on the announcement can be found on the IPO's website.
Are you an Accidental Outlaw? Take the test .... Take a few minutes out to test your knowledge of the law relating to the use of the internet and social media with this online quiz. More and more of us using the web and communicating through it via a whole range of sites and media, but how many of us really know what you can - and can't - do? You might be surprised by some of the answers ... . Take the quiz here: http://accidentaloutlaw.knowthenet.org.uk/
New IP Court Process for Small Claims The Government recently confirmed that a new small claims service is to be launched at the Patents County Court (PCC), therefore, assisting small to medium sized businesses protect their intellectual property rights. The court will place a limit on fixed costs and permit damages of up to £5000 to be awarded per case. The recommendation for a small claims service was made in the Hargreaves Review of Intellectual Property and Growth. This recommendation is particularly important for colleges and universities involved in research (as well as innovative new business ideas for the future) and is intended to remove obstructions in the patent process which hinder innovation and the commercialisation of new technology. Further details on the new scheme can be found on the IPO's website at http://www.ipo.gov.uk/about/press/press-release/press-release-2011/press-release-20111115.htm
Good Legal Practice on Mobile Learning JISC's online conference Innovating e-Learning 2011 was held from 22 - 25 November, and as part of the pre-conference activity week JISC Legal recorded a short video entitled Mobile Learning - Identifying and Reducing the Legal Risks at your College. The objective is to highlight good legal practice for institutions as they launch and support mobile learning technologies. The video is available here along with a link to the full transcript:
http://www.jisclegal.ac.uk/ManageContent/ManageContent/ID/2197/Mobile-Learning-Good-Legal-Practice--Innovating-e-Learning-2011-Online-15--21112011.aspx.
New Education Act Confirms the Importance of e-Safety The Education Act 2011 has now received royal assent and most of its provisions are likely to be introduced in the next two months. The Act will focus the inspection of schools in what the government is stating are four 'core' areas , one of which is behaviour and safety. It is already established that safety includes e-safety and this highlights the need for schools and colleges to have procedures in place which are regularly reviewed to ensure that e-safety is included as part of safeguarding learners in schools and colleges. The Department of Education general article on the Education Act 2011 is available at http://bit.ly/gFCq3R
Jan 2012 Deadline for Institutions' Compliance with Equality Duty The Equality Act 2010 (Specific Duties) Regulations 2011 came into force on 10 Sep 2011. These apply to HE and FE in England and state that information must be published by the end of January 2012 to demonstrate compliance with the Equality Duty (set out in s149(1) of the Equality Act 2010). The government has published an accompanying quick guide to compliance with the specific duties. The specific duties contain a requirement to publish annually relevant, proportionate information which shows compliance with the Equality Duty and also requires specific measurable equality objectives to be set every four years. The equivalent requirement is by 02 April for FE and HE in Wales and the Scottish regulations have yet to be finalised. The Equality Act 2010 has very limited application to Northern Ireland which has its own legislation. The full Regulations are available at http://www.legislation.gov.uk/uksi/2011/2260/contents/made
W3C's First Draft of Online Privacy Standard Microsoft, Mozilla, Google, Apple, privacy groups, and online advertising associations are working to balance consumers' interests with websites' requirements for user data. The World Wide Web Consortium (W3C), the standards body that develops the protocols and guidelines for the Web, wants to help users control how their personal data is managed. New tools being developed will shield personal data and reveal when sites do not honour privacy requests. "Do Not Track" refers to giving consumers the ability to opt out of having their personal information and online browsing habits tracked by advertisers, marketers, and websites in general. The working group has just started and more than 15 firms and organisations are involved in the "Do Not Track" work. The finished technologies are expected to be implemented by browser makers first in mid-2012 with websites following soon after as they get to grips with the best practices. These tools may be useful to Further and Higher education institutions when revising their data collection practices in line with their obligations under the new cookie regulations - http://tinyurl.com/jisclegalcookies. Further details on the World Wide Web Consortium website at - http://www.w3.org/.
EU Data Protection Law Update on the Horizon Under proposed new EU data protection laws organisations that want to process personal data will have to obtain explicit prior consent from individuals to do so. Individuals would also be able to force organisations to delete the personal information they hold about them. The EU Commission is tasked with producing proposals to reform the 1995 EU Data Protection Directive by the end of January 2012. For full details see the JISC Legal Law Watch data protection item at http://www.jisclegal.ac.uk/LawWatch.aspx
New Open Source Toolkit Published The UK government has published an open source toolkit with the aim of providing high level advice on open source solutions including how to ensure open source software is considered on a fair basis when procuring ICT. It is aimed at government departments but is of interest to the wider public sector and comprises sections on procurement, options, and cost of ownership and may be of interest to those colleges and universities looking at alternative solutions to their ICT requirements. It is available at http://www.cabinetoffice.gov.uk/resource-library/open-source-procurement-toolkit
University of Edinburgh Leads on Online Privacy The ICO announced, today, that the Centre for Research on Families and Relationships at the University of Edinburgh has been selected to lead the research project on embedding information rights in the education system. The aim of the project is to ensure that young people are fully aware of the threats posed to their privacy and how to protect themselves online whilst helping them achieve a better understanding of the practical and legal safeguards that exist to support them. This is of particular relevance to those in the sector who are directly involved in working in the area of e-Safety. For more information on this news story, please refer to the ICO website. If you would like more details on e-Safety then please visit the JISC Legal resources on e-Safety on our website.
Guide to Social Networking in the Workplace A new guide to social networking in the workplace has been published by ACAS (Advisory, Conciliation and Arbitration Service). The guide is aimed at helping employers and staff agree on how to handle employment issues related to the internet, blogs and social media websites such as Twitter and Facebook. The guide offers practical tips on how to manage the impact of social networking on discipline and grievances, bullying, defamation, data protection and privacy amongst others. Further details are available on the ACAS website at - http://www.acas.org.uk/index.aspx?articleid=3375. |