Site Map
Privacy Statement
Copyright Policy
Accessibility
Feedback
Search Site:

Legal Guidance for ICT Use in Education, Research and External Engagement

 

Content

Consent Managment Project - An Introduction

Institutional Consent Management Policy and Processes Supporting Personalisation

What is JISC Legal's consent management project?

Following a successful bid to JISC, JISC Legal conducted research into "Institutional Consent Management Policy and Processes Supporting Personalisation".  The study was intended to assist the use of technologies which, for data protection or other legal reasons, require the consent of a user as to the release of their personal data.  The release of such data may be required in order to verify that a user has the right to access a particular resource, or to allow personalisation features.  The project complements work being done on access management generally, and in particular, federated access management and Shibboleth.  More information on these initiatives can be found on the JISC website: http://www.jisc.ac.uk/.

What is consent management about?

In many cases it may be possible to provide these services without the release of information that identifies a particular person, and in this case, no data protection issues arise.  However, in other circumstances, identity will be necessary to the provision of access or personalisation.  The processing of personal information will only be legal if done in compliance with the principles laid down by the Data Protection Act 1998.  The first, core principle requires processing (including transfer) to be fair and lawful.  In order to meet this requirement, one of the "Schedule 2" conditions for processing must be met.  The most commonly relied on condition is "consent", in other words, that the data subject has agreed to the processing after having reasonable notice of what processing is proposed.

__________________

Previous Projects

Feasibility of a Common Template For Access Management Federations

This JISC-funded project was intended to identify the extent to which a common template is feasible for access management federations across a number of jurisdictions. If a common template is possible, this will make it easier for service providers to sign-up to federations in different coutries, and will make peering between federations easier.

Preliminary Findings Documents

Prior to the publication of the final report, please find below documents related to the preliminary findings:

    * Report on Preliminary Findings
    * PowerPoint Presentation of the Preliminary Findings
    * Outline Report on a Comparison of Attributes

If you require any of these documents in a different format, please contact JISC Legal.

For more details of the project funding, please visit:
http://www.jisc.ac.uk/whatwedo/programmes/programme_am_transition/fedpolicy.aspx.

We hope that representatives of federations, service providers and federation users will all contribute to this study, in order to provide the best framework of agreements to ease transition to the most user-friendly of systems for all.

 Guidance
  • Publications
 Identity Management Newslinks
Data Protection Assessment Notices Code of Practice (12/02/2010)

A Code of Practice for Assessment Notices will be published in April 2010 by virtue of Part 8 of the Coroners and Justice Act 2009.

Data Breaches - ICO Raises the Stakes

Institutions falling to report data breaches can face financial penalties from April 2010

RIPA (Part 2) New Codes of Practice (22/01/2010)

Further to consultation on The Regulation of Investigatory Powers Act 2000, the Home Office has published new Codes of Practice that will come into force on 6 April 2010.

Sorting Out Your Records Collection

A council were found to be in breach of the Data Protection Act after sensitive personal data relating to social work records were found in a filing cabinet bought by a member of the public.

View all Identity Management news
 Recent JISC Legal Events
JISC Legal @ RSC Scotland South & West's Copyright Seminar (25/3/10)

JISC Legal will be at the JISC Regional Support Centre for Scotland South & West, delivering a seminar on copyright, IT and the law. 

Safeguarding - Meeting your e-Safety Duties (03/03/10)

This webcast was designed to assist institutions in meeting their legal duties and inspection needs in relation to safeguarding and e-security.
 

JISC logo

JISC Advance logo

JISC Legal is a JISC Advance service | JISC Legal is hosted by the University of Strathclyde, a charitable body, registered in Scotland, with registration number SC015263 | The contents of this website are provided for information purposes only and do not constitute legal advice. | Login |



 
skip navigation Menu top links JISC Legal home page News Events