|
Welcome
Welcome to the JISC Legal newsletter covering what's been happening in February 2011.
We apologise for the errors with the formatting that crept into last month’s newsletter, which may have made it rather difficult to read. There is a more legible version of it available along with all previous issues of the newsletter on our website at the address above.
If you’re a lawyer with relevant experience and are interested in joining the JISC Legal team, we currently have a vacancy for a Legal Information Specialist, based at the University of Strathclyde in Glasgow, to help us provide guidance and support on ICT law to universities and colleges throughout the UK. Closing date for applications is this Friday, 4 March 2011, and more information is available from the University's website at https://kara.mis.strath.ac.uk/vacancies/control/vacancylist?vacCat=APS (job ref JA/25/2011).
As in previous months, this newsletter has three sections:
1. Legal News Digest for FE and HE
2. New JISC Legal Publications
3. Upcoming JISC Legal Events
For up to the minute news, our full range of publications, our events diary and our three-day turnaround legal enquiry service, visit our website at www.jisclegal.ac.uk. Details of what's on offer from JISC Advance can be found at: http://www.jiscadvance.ac.uk/.
News
The Information Commissioner has required a council to give an undertaking that it will encrypt memory sticks used to carry sensitive personal data. In a recent case, an employee lost a memory stick including case notes about vulnerable adults. The member of staff had had technical issues with the use of the encryption system, and had therefore used an unapproved, unencrypted device. Colleges and universities should note that the council avoided more serious sanctions by having promoted its data protection encryption policy widely, and having encouraged its staff to swap unapproved for approved devices. Where use is made of mobile data storing technology in FE and HE institutions, the institution must ensure appropriate levels of support, security measures, and clear terms of use. The full terms of the Cambridgeshire County Council undertaking of 23/02/2011 are available on the ICO website at http://www.ico.gov.uk/what_we_cover/promoting_data_privacy/taking_action.aspx#undertakings.
The Scottish Information Commissioner’s terms and conditions on use of information have been updated with effect from 23 Feb 2011 to permit use of information, including that on their website, under the Open Government Licence for public sector information. This is of relevance to institutions who may use the material for example in staff training and whilst use is keenly encouraged by the Scottish Information Commissioner, acknowledgement of the source of the information is a requirement of the licence. The terms and conditions of use are on the website at http://www.itspublicknowledge.info/home/terms.asp and includes a link to the Open Government Licence at http://www.nationalarchives.gov.uk/doc/open-government-licence/open-government-licence.htm.
According to the UK government, cybercrime is costing the country around £1000 every second. The report, conducted by the Office of Cyber Security and Information Assurance in the cabinet office, focused on cybercrime areas such as identity theft and intellectual property theft as well as crimes against the government. As a result, organisations are spending more and more on cyber security therefore, further and higher education establishments are reminded of the ever increasing need to ensure that their IT infrastructure is well equipped in dealing with the threat posed by sophisticated cyber hackers. For more details on this news story please visit: http://www.bbc.co.uk/news/uk-politics-12492309. Alternatively, you may wish to access the report from the Cabinet Ofiice website athttp://www.cabinetoffice.gov.uk/resource-library/cost-of-cyber-crime. For JISC Legal's guidance on this area, visit http://www.jisclegal.ac.uk/LegalAreas/ComputerMisuse.aspx.
Universities UK has published a report looking at how institutions can promote freedom of speech on campus, while protecting the welfare of staff, students and the wider community. The report examines relevant legislation, looks at institutions' duties to protect freedom of speech and to promote equality and security, and provides examples of how institutions have handled challenges such as controversial external speakers and protests. The report recommends that the sector must remain vigilant and aware of the challenges posed by violent extremism, but it is not their function to impede the exercise of fundamental freedoms, in particular freedom of speech, through additional censorship, surveillance or invasion of privacy. Further details of the report are available on the UUK website at www.universitiesuk.ac.uk.
The Scottish Information Commissioner is now piloting the proposed single model publication scheme approach for public authorities due to submit their Freedom of Information updated schemes from Feb 2011 onwards. The pilot will inform the final guidance which is intended to be available later in the year. The stated key elements of the revised approach are the development of a single model publication scheme suitable for adoption by all public authorities with a duty to publish a scheme; a notification procedure; development by authorities of their own guides to their publication scheme information; and monitoring by OSIC of how the model scheme and guides are working and promotion of best practice. Although colleges and universities schemes will not expire until the end of May 2013, those involved in this area will be interested in seeing how the new approach develops. More information is available from the Scottish Information Commissioner’s website at http://www.itspublicknowledge.info/ScottishPublicAuthorities/PublicationSchemes/PublicationSchemeGuidance.asp.
The Press Complaints Commission (PCC) has ruled that information posted on Twitter should be considered public and publishable despite the claim that this information was private and was only meant to be seen by the user's 700 followers. The decision follows a complaint by a Department of Transport official that the use of her tweets by newspapers constituted an invasion of privacy in what is the regulator's first ruling on the re-publication of information posted on Twitter. The PCC ruled that the publicly accessible nature of the information was a "key consideration" in its ruling and that the articles did not constitute "an unjustifiable intrusion" into the complainant's privacy despite the individual involved having a clear disclaimer that the views expressed by her on Twitter were personal and not representative of her employer. This ruling should serve as a reminder to institutions to have clear policies and practices in place for its Twitter users. The guidance should caution staff and others about the public nature of postings and should describe to users what the permissible limits are concerning posting work related information on Twitter. Further details on the BBC website at http://www.bbc.co.uk/news/technology-12393893.
Universities in Australia, Canada and New Zealand are hoping to achieve "a quantum shift" in open educational resources (OERs) by launching an "OER university". A group of universities plans to draw together existing free online learning materials from around the world and develop new OERs to create whole degree programmes that can be studied via the internet for free. Dr Wayne Mackintosh, director of the Open Education Resource Foundation - http://wikieducator.org/OERF:Home - explained that the universities would work together to develop learning materials under open content licences. Further details on the Times Higher website at http://www.timeshighereducation.co.uk/story.asp?sectioncode=26&storycode=415127&c=1.
Accessibility is an ongoing issue for the use of ICT in further and higher education, as elsewhere, and our sister organisation JISC Techdis, along with the Department for Business Innovation & Skills, has launched two funding competitions for those working with and developing new approaches to assistive technologies. There is a total of £ 250,000 available for each competition, and submissions must be received by the closing date of 15 March 2011. Fuller details are available from the (all-new!) JISC Techdis website at http://www.jisctechdis.ac.uk/techdis/news/detail/2011/SBRI.
We have recently added two law watch notices to our website. The first one deals with the current application of the Public Records (Scotland) Bill to the education sector and the second looks at the implication for institutional training of the first FOI undertaking between the University of East Anglia and the ICO. Both are available the Freedom of Information section of Law Watch at http://www.jisclegal.ac.uk/LawWatch.aspx.
The Information Commissioner’s Office (ICO) has issued two local authorities with monetary penalties for serious breaches of the Data Protection Act after two laptops containing sensitive personal information of around 1,700 individuals were stolen from an employee’s home. Although both laptops were password protected they were unencrypted – despite this being in breach of both councils’ policies. This serves as a reminder to FE and HE institutions to review their practices with regard to the handling of sensitive personal data of learners and others. For example, are there avoidable risks to individual's privacy in the way that information is being processed? Data protection compliance should be designed into systems that are processing personal information from the start. In many cases conducting a Privacy Impact Assessment can be a useful method of gauging the privacy risks to individuals. Further details of the story can be found on the ICO website at http://www.ico.gov.uk/. The Privacy Impact Assessment (PIA) handbook can be accessed on the ICO website at http://www.ico.gov.uk/upload/documents/pia_handbook_html_v2/index.html.
The European Network and Information Security Agency (ENISA) has published its report ‘Security and Resilience in Governmental Clouds’ to aid public administrations in understanding and managing the operational, legal, and security requirements surrounding cloud computing.
The stated main objectives of the 146 page report are ‘to highlight the pros and cons, with regard to information security and resilience, of community, private and public cloud computing delivery models; [and] to guide public bodies in the definition of their requirements for information security and resilience when evaluating cloud computing service delivery models.’ Whilst the report is based on analysis of three major groups – healthcare, local government administration, and publicly-owned cloud infrastructure as a business incubator, the issues raised are of relevance to IT management in institutions currently looking to migrate computer systems/services to the cloud. The press release (17/01/2011) and a link to the report is available from the ENISA website at http://www.enisa.europa.eu/.
Those of you concerned with accessibility issues in the use of technology will be interested to visit the new website of our sister organisation, JISC Techdis. The Service specialises in supporting organisations within the education sectors, and are able to offer a wealth of specialist advice on technology and inclusion. The new website improves the accessibility of their advice and has enhanced search features to make navigation easier. It can be found here: http://www.jisctechdis.ac.uk/.
The Scottish Information Commissioner has issued a report advocating Model Publication Schemes. It is proposed that a single model publication scheme is developed suitable for adoption by all Scottish public authorities. FE and HE institutions will not be obliged to adopt the model scheme, but they will be encouraged to do so, given the public benefits of a consistent approach. Further details of the report can be found on the Scottish Information Commissioner website at http://www.itspublicknowledge.info/home/News/PublicationSchemeConsultation.asp.
Publications
If you follow our website or News feed, you’ll see a whole range of new publications coming from JISC Legal over the forthcoming weeks. These will include revised versions of all our Overviews and Essentials documents on a range of legal areas; a paper on the use of images of children in open educational resources; and a series of papers on cloud computing.
In the meantime, please be reminded that we have a series of detailed FAQs on our website, which we are continually adding to and reviewing. They are categorised by subject area, and can be accessed here: http://www.jisclegal.ac.uk/Home/AllFAQs.aspx. We will also be running a new regular 'FAQ of the Week' feature, via Twitter, to highlight areas of particular importance or topical interest each week. If you're not already a subscriber to our Twitter feed, follow us (@JISCLegal) via www.twitter.com/JISCLegal.
Events
Experts from JISC Legal and JISC Digital Media will once again be combining to produce this popular seminar, to be held in London on 9 March 2011. The seminar will use common real-world scenarios to focus on how copyright and other legal issues impact the use of digital media, and will allow participants to gain an understanding of the common issues and challenges facing institutions in the current copyright landscape. For more information and to register, please go to http://www.jiscdigitalmedia.ac.uk/training/courses/jisc-advance-digital-media-and-copyright-seminar.
The JISC Conference 2011 'Financial Challenges - Digital Opportunities' will take place on 14-15 March 2011 at the BT Convention Centre in Liverpool.JISC Legal will be represented, and will be running a session on Outsourcing, Cloud Computing and the Law, while JISC Advance will have a stand. For those unable to attend, you will be able to keep abreast of what is happening remotely, by following and taking part in the conference online throughout the day free of charge. More details are available from the JISC website at http://www.jisc.ac.uk/jisc11.
JISC Advance Recording Lectures and Screencasts – a Webcast (13/4/11, online)
On Wednesday, 13 April 2011, 2pm-4pm, JISC Legal in partnership with JISC Digital Media and JISC Techdis will bring you a free, live-by-internet webcast on the legal, technical and accessibility issues related to recording lectures, other classes, technical demonstrations and screencasts. We’ll be here to answer your questions live on the day, so make it a date for your diary. As long as you’ve got broadband and a browser, you should be able to ‘tune in’. No registration is required – just come along to the JISC Legal website just before the session. A test page will be available in the near future to check you can connect. If you’ve got a question you’d like answered on the day, feel free to send it to us in advance – email info@jisclegal.ac.uk.
Contact Us
For general enquiries, contact us on 0141 548 4939 or send us an email.
JISC Legal, University of Strathclyde, Alexander Turnbull Building, 155 George Street, Glasgow G1 1RD
JISC Legal is hosted by the University of Strathclyde, a charitable body, registered in Scotland, with registration number SC015263.
|