Law, ICT and Independent Specialist Colleges

This document is also available in Word and pdf format.

Table of Contents

 

1.            What’s In This Guidance. 2

2.            Benefits of Legal Compliance. 2

3.            Key Legal Areas. 2

4.            Accessibility Law.. 3

5.            Copyright Law.. 4

6.            Data Protection Law.. 6

7.            e-Safety Law.. 7

8.            Interception and Monitoring Law.. 8

9.            Freedom of Information Law.. 9

10.         Hosting Liability and e-Security Law.. 10

11.         In Summary. 10

 

1.     What’s In This Guidance

This guidance is intended for staff in independent specialist colleges that provide further education or training for learners with varying learning needs due to disability issues. You will find summaries of the key legal issues involved in the development and use of information and communications technology (ICT) within an independent specialist college.

Do any of the following activities arise in your college? If so, then the information in this guidance is of relevance to you:

  • Staff using images downloaded from websites in their learning materials
  • Students using their own mobile devices to access websites, including social networks, in their residential accommodation
  • The use of mobile learning tools for students with differing support requirements
  • Staff working at home using laptops, memory sticks and other mobile technologies
  • Comments, sometimes inappropriate, made by staff or students online, in blogs or on social networks
  • Provision for learners to watch DVDs in lunch breaks

2.     Benefits of Legal Compliance

Legally compliant development and use of ICT systems will:

  • Allow you to develop and deploy ICT without doubt as to legal consequences
  • Help you to build a positive reputation for your college
  • Help you provide a positive experience for your students
  • Improve your college’s performance in quality inspections
  • Help to protect you from legal liability
  • Bring you peace of mind

3.     Key Legal Areas

This guide aims to provide you with a helpful overview to the following key legal areas relevant to independent specialist colleges:

  • Accessibility law
  • Copyright law
  • Data protection
  • e-Safety
  • Interception and monitoring law
  • Freedom of information
  • Hosting liability and e-security

4.     Accessibility Law

What’s the Issue?

Staff in your college will be familiar with the need to provide their learners with tools and resources which are accessible to them.  This is, in fact, a legal requirement under the Equality Act 2010, where an education provider is obliged not to discriminate against disabled learners in its provision (including resources and delivery of teaching) and you should have a plan in place for ensuring inclusion which adapts approaches and tools to different learners’ needs. 

Scenario

Your college has a social network policy that bans all access to social network websites, including Facebook. The intention behind the ban is to protect vulnerable learners from the risk of bullying, grooming etc. Parents say other colleges permit access. The ban is purely a policy decision by the college as technical controls are in place. If the college would not have a policy banning access to social networks if the learners were not physically disabled, then the policy may be open to the allegation that it is discriminatory in terms of the Equality Act 2010. The college should consider looking at how access could be managed for the benefit of the students.


Scenario

Your college allows learners online on-demand access to its resources wherever possible.  The college must take steps (as are reasonable in the circumstances) to ensure that e-learning environments and materials are accessible to disabled learners with differing levels of support requirements.  You should evaluate tools for accessibility or adaptability, look at possible adaptations and consider whether there are other ways for a learner with particular support needs to participate without being put at a substantial disadvantage. JISC Techdis has practical tools and resources to help ensure your learners have a positive learning experience using ICT and which also aid compliance with equality law. 

For further information and resources on accessibility law please visit the accessibility law area on our website    http://www.jisclegal.ac.uk/LegalAreas/AccessibilityLaw.aspx

5.     Copyright Law

What’s the Issue?

Staff and learners at your college are likely to make extensive use of materials that belong to others, including books, articles, software, images and multimedia, and the law on copyright applies to this use.  The Copyright, Designs and Patents Act 1988 (CDPA) provides certain exclusive rights to copyright owners, including the right to control copying, communication, distribution, performance and adaptation of their works.  Your staff can perform these actions where

  • The college is the copyright owner (e.g. if college staff have written the materials themselves)
  • They have the copyright owner’s permission (e.g. where a blanket Copyright Licensing Agency licence is in place which covers the use of the material)
  • The use falls into one of the limited exemptions under the CDPA (for example, fair dealing for criticism or review, copying for purpose of preparing or giving examinations, or copies for the private use of visually impaired learners).
  • The work is no longer in copyright

Scenario

Your college makes provision for learners to watch DVDs during lunch breaks.  Showing a DVD on college premises will be considered a ‘public performance’ of a copyright work.  Unless viewing of the film is limited to the purposes of instruction or examination then permission from the copyright owner of the work, or a licence from the relevant collective licensing organisation, should be obtained.  An umbrella licence is the type of licence required to make films available in lunch breaks for student entertainment. The Motion Picture Licensing Company (MPLC) is one example of an organisation which operates an umbrella licensing scheme.  Filmbank, which operates the Public Video Screening Licence (PVSL), is another.   A college should check what films an organisation licenses to ensure they get the correct licence for the films they intend to show.

 

Scenario

Your college wishes to make a digital copy of a book or journal article compatible with screen-reading technology to enable access to such material to learners suffering from a visual impairment.  It is possible for educational establishments to make accessible copies of commercially published copyright material to supply to visually impaired people under s.31B CDPA provided that the copies will be used only for educational purposes and the original work is inaccessible without adaptation. The format needed must not be already commercially available, the author of the work must be acknowledged, and making the copy must not interfere with legitimate exploitation of the work.

 

Scenario  

Your college makes provision for learners to listen to CDs in the college’s residential accommodation.  Where a college plays recorded music in any public space through any kind of device for purposes other than teaching and learning a PRS and PPL licence will normally be required.  However, a licence is not required for use of music which is consistent with normal domestic music use.  According to guidance on the PRS website this would include playing music in student bedrooms provided as term time accommodation or in dining/living areas of student accommodation (such as kitchens) where access is limited to students resident in the specific building.  It would not include rooms accessible by other students, rooms used for activities such as clubs, meetings, parties or discos or areas where catering is provided, for example refectories. 

 

Scenario

A student wants to watch a film in his room on his iPad. His carer knows a good website where films are free and helpfully suggests that he downloads it from there. This is a pirated copy and, therefore, copyright infringingThe college is responsible for the actions of its staff including any agency or temporary staff.  Where staff are unable to attend training, other means of reaching them and ensuring they are familiar with the college’s policies and procedures is needed is order to minimise the risk that the college is held liable for their actions.

For further information regarding copyright please visit the copyright area on our website:  http://www.jisclegal.ac.uk/LegalAreas/CopyrightIPR.aspx

6.     Data Protection Law

What’s the Issue?

Independent specialist colleges collect, process, and use information about individuals such as learners and staff for various purposes. Your college has obligations under the Data Protection Act 1998 (DPA) to ensure the accuracy, relevancy and security of such information. Some of this data will be sensitive personal data, for example data relating to the health of individual learners.

Scenario

Your college wants to include photographs of its learners in promotional material on the college website.  If the image is of an identifiable individual, that use will be subject to the DPA, and the consent of the learner should be obtained before inclusion (or the consent of a responsible parent or guardian in the event that the learner is considered not capable of giving consent). The college should ensure the consent covers the proposed use on the website as well as any other future use, such as hard copy promotional material.

 

Scenario

Your college, where learners have a wide range of cognitive impairments, wants to use a website to enable learners to create an e-portfolio. The information contained in the e-folio will be stored off-site with password protected access.  The e-folios may contain sensitive personal information as defined in the DPA. The college should therefore seek the consent of individual learners (or parents/guardians where the learners are considered unable to provide consent), allowing them to opt out of the project if they so wish. The college should ensure the individual learners, parents/guardians are informed of the purpose of collecting and storing this personal data, what type of information will be stored, how long it will be stored for and to whom it may be disclosed. 

 

Scenario

A staff member is working at home and transfers to a memory stick relevant sensitive personal data of students, including family dynamics and medical information to aid him in the preparation of reports. As he gets out of his car at the supermarket on the way home, the memory stick falls out of his pocket.  The college has a responsibility to keep data safe and secure and encryption technologies should be used as standard to protect information in these circumstances.  All staff, including those involved in caring in the residential setting, need training and support in data protection awareness and in use of encryption where personal data is being stored on mobile devices. 

For further information regarding data protection please visit the data protection area on our website: http://www.jisclegal.ac.uk/LegalAreas/DataProtection.aspx 

7.     e-Safety Law

What’s the Issue?

Independent specialist colleges have obligations in both common law and statute to safeguard the welfare of all learners when making use of ICT. There are a variety of legal issues to consider within the e-safety context, including cyberbullying, harassment, defamation, hosting liability and data protection.  In addition some colleges provide residential facilities for students where internet access is provided and is unlikely to be supervised by teaching staff.  It is recognised that the management of these risks in order to both safeguard vulnerable learners whilst at the same time encouraging and promoting independence is difficult with no definitive solutions.

Scenario

Your college wants to use Facebook as a teaching and learning platform.  The college has a duty of care to ensure that the environment is safe for learners and staff.  The college should perform an appropriate risk assessment which includes whether it is appropriate in the particular circumstances, e.g. Facebook probably should not be used where confidential or sensitive information is likely to be disclosed. The college should ensure that any use of Facebook is in line with all existing relevant policies e.g. e-Safety, Disciplinary, and Acceptable Use policies, and should ensure that all staff and learners are aware of what is acceptable and unacceptable conduct when using Facebook. The college may consider that its learners need particular training, supervision or support in order to be safe in an environment such as Facebook. Where students are accessing Facebook in the residential setting, staff involved in their care also need to be aware of their safeguarding responsibilities and of what is and is not behaviour which may result in the student placing himself at risk.

 

Scenario

A mature learner with learning difficulties at your college has been sent a text message.  It says “We h8 u.  We r going 2 gt u l8r.” The learner is upset and draws this to your attention. There should be an anti-bullying (or similar) policy in place. The college has a duty of care to provide a safe learning environment and to protect vulnerable adults from abuse, harm and exploitation including abuse using ICT. There should be robust procedures in place to deal with an incident of this type and a designated individual with responsibilities for this in place.  If not dealt with this could result in liability for the college. The college should also have in place appropriate support guidance and training for the learner.

 

Scenario

A student has an iPad which he uses in his room in college residential accommodation. He comes across a gambling site offering three free games. He is delighted and then provides his bank details in order to continue playing. Whilst this is not taking place in an educational setting, but in a home setting, the college safeguarding duties will extend to the college residence in particular as the students are often vulnerable adults. It is unlikely that the college would wish to ban the use of personal mobile devices in its accommodation, but the risks need to be assessed and appropriate training and guidance for both staff and students put in place. This is a difficult situation to manage and the risk is unlikely to be eliminated.  It may be that consultation with all the stakeholders including bank officials, parents, and carers may provide some indicators as to how the risk may be reduced or the financial loss minimised.

Further guidance on e-safety can be found in our webcast: Safeguarding – meeting your e-Safety Duties at

http://www.jisclegal.ac.uk/ManageContent/ViewDetail/tabid/243/ID/1281/Safeguarding--Meeting-your-e-Safety-Duties-03032010.aspx 

8.     Interception and Monitoring Law

What’s the Issue?

Independent specialist colleges may, subject to certain requirements, monitor the use of their network and their facilities to prevent abuse of the systems. Remote monitoring is covered by the Regulation of Investigatory Powers Act 2000 RIPA). Any interception must be carried out within the limits set by legislation, and learners likely to be subjected to interception should be made aware that such interception may take  place, as far as is reasonably possible.

Scenario

Your college wants to carry out monitoring of learner emails.  The stated aim is to ensure that learners are not receiving inappropriate emails or emails which the learner might find distressing.  Learners have a right to privacy of personal communications under Human Rights law but colleges have the right and power to monitor the use of their network and their facilities for example to prevent abuse and to ensure the security of the system.  Any monitoring of systems, even if it is minimal, must be done only after consent has been sought from the persons who are subject to monitoring.  This is usually done by colleges through their Acceptable Use Policy (AUP) or interception and monitoring policy document.  If the intention is to routinely monitor the content of email, this is a clear invasion of privacy and the college would need to have justification for doing so which may prove more problematic on a blanket basis. The college also needs to be clear as to its policy should the learner refuse to consent.  It goes without saying that the policy and procedures need to be understood by the learner and their parents/guardians/helpers (where appropriate) in order for their consent to be given. 

With regard to interception where there is suspicion of criminal conduct or use of illicit material, the JISC Legal webcast on Interception and Monitoring Law http://www.jisclegal.ac.uk/ManageContent/ViewDetail/tabid/243/ID/987/Interception-and-Monitoring-Law-16052007.aspx provides detailed guidance.

Further information is available from the interception and monitoring area on our website http://www.jisclegal.ac.uk/LegalAreas/InterceptionandMonitoring.aspx

9.     Freedom of Information Law

What’s the Issue?

The Freedom of Information Act 2000 (FOIA) applies to any independent specialist college which is a designated institution for the purposes of the Further and Higher Education Act 1992.  Colleges to which FOIA applies are required to have a publication scheme in place which details the information it makes available to requestors.  The college must also respond to freedom of information requests within 20 working days (subject to certain exceptions). This means that college staff should be aware of the FOIA and their responsibilities, and the college should have appropriate mechanisms in place to deal with requests for information.

For further information regarding freedom of information please visit the freedom of information area on our website http://www.jisclegal.ac.uk/LegalAreas/FreedomofInformation.aspx

10.           Hosting Liability and e-Security Law

What’s the Issue?

An independent specialist college may be liable for illegal material hosted on its computers.  This may include music files copied in breach of copyright, pornographic materials or defamatory material.   

Scenario

A learner at your college finds and downloads obscene materials onto your college servers and shares this with friends. Your IT staff are alerted to this but are unsure of the legality of monitoring user accounts. Another learner finds the material and makes a complaint. Your college risks prosecution, investigation into how it runs its IT provision, and serious loss of reputation. As well as technical protections, the college should have an Acceptable Use Policy which has been communicated to learners so that they are aware of good and bad behaviour and communicated in a way which is meaningful and relevant to them.  A “Notice and Takedown Policy” in respect of complaints about material and a procedure for monitoring communications and user accounts is also good practice.

Further information is available from the hosting liability area on our website:  http://www.jisclegal.ac.uk/LegalAreas/HostingLiability.aspx

11.           In Summary

ICT may be a beneficial teaching and learning tool for staff and students, and procedures and practices should be in place in your college to ensure that the legal issues do not become a barrier to the adoption and use of appropriate technologies. This guidance provides a broad outline of some of the issues involved in the use of ICT in your college, and the steps you can take to minimise risk and uncertainty. Further information is available on our website at http://www.jisclegal.ac.uk/.

 

Posted on 12/01/2012