Data retention in the UK: Pragmatic and proportionate,or a step too far?

On 6 April 2009 new legislation came into force, for the first time putting Internet service providers' duty to retain significant amounts of data (relating to customers' email and Internet usage) on a compulsory, as opposed to a voluntary footing. It is a topic which has provoked intense protest from the privacy lobby and fuelled months of “Big Brother” headlines in the press. For the industry it raises operational challenges – how to facilitate storage and retrieval of colossal amounts of data. In this article we consider the policy background to the regime, the detail of the UK implementation and the practical implications for communications service providers. We weigh up the privacy and human rights concerns against the business case put forward by the Government. We also examine the Government's proposals – announced at the end of April – to significantly extend and “future proof” this regime in the form of its Intercept Modernisation Programme.     

Open access to public documents – More secrecy,less transparency!

Prospects are grim for greater access to public documents. The recent initiatives of the Council of Europe to enact a new international convention on access to public documents and recent proposal by the European Commission to revise the law on public access would actually narrow the right of access. The proposed laws would allow governments and the EU Commission to increase its discretionary power to control the flow of information. The draft CoE Convention sets an overly-low standard and restricts information held in electronic databases if the information is not “easily retrievable” or does not “logically belong together”. Similarly, the proposed amendments to the EU Regulation (EC) No 1049/2001 of the European Parliament and of the Council of 30 May 2001 regarding public access to European Parliament, Council and Commission documents would exclude access to documents that do not appear on a register. This would give the EU Commission a wide discretion to share documents informally with a limited number of people, such as interest groups. The Commission's proposal would relieve the EU institutions of its current obligation to show concretely the harm that would occur as a result of disclosure when refusing access to documents. The new proposal has been criticised for subordinating transparency rules to data legislation. The proposals initiated under the Swedish leadership would be a step backwards for transparency.     

隐默知识挖掘导向下高校创业型人才培养模式探讨

高校作为培养创新创业型人才的主战场,如何从传统以传播知识为本位的培养模式转向以能力和素质为本位的现代培养模式,对创业型人才的培养有着极其重要的战略意义。文章在对隐默知识概念进行厘清的基础上,对基于隐默知识挖掘导向的高等院校培养模式的进行了深入剖析,并据此提出了高校创业型人才培养模式的改革方向。     

Measuring the Intensity of Intranational Political Events Data: Two Interval-Like Scales

King, Keohane, and Verba (1994, pp. 27-28) argue that we should "maximize the validity of our measurement," "ensure that data-collection methods are reliable," and make all data and analysis replicable. In an effort to improve the measurement of the events data collected by the Intranational Political Interactions (IPI) project, this extension of the project produces two new valid and reliable interval-like scales. Following Azar (1982), Goldstein (1992), and Moore and Lindstrom (1996), I produce interval-like scales of cooperative and hostile political actions based on a group of experts' judgements. The collective scaling procedure produces data suitable for use in OLS regression models as well as a standardized interval-like scale that more accurately represents the true scores of event types. The paper discusses the procedures taken to derive the new measures, proceeds to argue why the new measures are improvements over existing measures, and reports the findings of statistical analytic comparisons. The statistical comparisons demonstrate that the new scales make a difference in various statistical models using different temporal units of aggregation.     

European National News

This article tracks developments at the national level in key European countries in the area of IT and communications and provides a concise alerting service of important national developments. It is co-ordinated by Herbert Smith Freehills LLP and contributed to by firms across Europe. This column provides a concise alerting service of important national developments in key European countries. Part of its purpose is to complement the Journal's feature articles and briefing notes by keeping readers abreast of what is currently happening “on the ground” at a national level in implementing EU level legislation and international conventions and treaties. Where an item of European National News is of particular significance, CLSR may also cover it in more detail in the current or a subsequent edition.     

European national news

This article tracks developments at the national level in key European countries in the area of IT and communications and provides a concise alerting service of important national developments. It is co-ordinated by Herbert Smith Freehills LLP and contributed to by firms across Europe. This column provides a concise alerting service of important national developments in key European countries. Part of its purpose is to complement the Journal's feature articles and briefing notes by keeping readers abreast of what is currently happening "on the ground" at a national level in implementing EU level legislation and international conventions and treaties. Where an item of European National News is of particular significance, CLSR may also cover it in more detail in the current or a subsequent edition.     

European national news

This article tracks developments at the national level in key European countries in the area of IT and communications and provides a concise alerting service of important national developments. It is co-ordinated by Herbert Smith Freehills LLP and contributed to by firms across Europe. This column provides a concise alerting service of important national developments in key European countries. Part of its purpose is to complement the Journal's feature articles and briefing notes by keeping readers abreast of what is currently happening “on the ground” at a national level in implementing EU level legislation and international conventions and treaties. Where an item of European National News is of particular significance, CLSR may also cover it in more detail in the current or a subsequent edition.     

The ICO and artificial intelligence: The role of fairness in the GDPR framework

The year 2017 has seen many EU and UK legislative initiatives and proposals to consider and address the impact of artificial intelligence on society, covering questions of liability, legal personality and other ethical and legal issues, including in the context of data processing. In March 2017, the Information Commissioner's Office (UK) updated its big data guidance to address the development of artificial intelligence and machine learning, and to provide (GDPR), which will apply from 25 May 2018.This paper situates the ICO's guidance in the context of wider legal and ethical considerations and provides a critique of the position adopted by the ICO. On the ICO's analysis, the key challenge for artificial intelligence processing personal data is in establishing that such processing is fair. This shift reflects the potential for artificial intelligence to have negative social consequences (whether intended or unintended) that are not otherwise addressed by the GDPR. The question of ‘fairness’ is an important one, to address the imbalance between big data organisations and individual data subjects, with a number of ethical and social impacts that need to be evaluated.     

Russian data retention requirements: Obligation to store the content of communications

This paper presents an analysis of Russian data retention regulations. The most controversial point of the Russian data retention requirements is an obligation to keep the content of communications that is untypical for legislation of European and other countries. These regulations that oblige telecom operators and Internet communication services to store the content of communications should come into force on July 1, 2018.The article describes in detail the main components of the data retention mechanism: the triggers for its application, its scope, exemptions and barriers to its enforcement. Attention is paid to specific principles for implementation of content retention requirements based on the concepts of proportionality, reasonableness and effectiveness.Particular consideration is given to the comparative aspects of the Russian data retention legislation and those applying in different countries (mainly EU member states). The article focuses on the differences between the Russian and EU approaches to the question of how to strike a balance between public security interests and privacy. While the EU model of data retention is developing in the context of profound disputes on human rights protection, the Russian model is mostly concentrated on security interests and addresses mainly economic, technological aspects of its implementation.The paper stresses that a range of factors (legal, economic and technological) needs to be taken into account for developing an optimal data retention system. Human rights guarantees play the key role in legitimization of such intrusive measures as data retention. Great attention should be paid to the procedures, precise definitions, specification of entitled authorities and the grounds for access to data, providing legal immunities and privileges, etc. Only this extensive range of legal guarantees can balance intervention effect of state surveillance and justify data retention practices.     

Avoiding the internet of insecure industrial things

Security incidents such as targeted distributed denial of service (DDoS) attacks on power grids and hacking of factory industrial control systems (ICS) are on the increase. This paper unpacks where emerging security risks lie for the industrial internet of things, drawing on both technical and regulatory perspectives. Legal changes are being ushered by the European Union (EU) Network and Information Security (NIS) Directive 2016 and the General Data Protection Regulation 2016 (GDPR) (both to be enforced from May 2018). We use the case study of the emergent smart energy supply chain to frame, scope out and consolidate the breadth of security concerns at play, and the regulatory responses. We argue the industrial IoT brings four security concerns to the fore, namely: appreciating the shift from offline to online infrastructure; managing temporal dimensions of security; addressing the implementation gap for best practice; and engaging with infrastructural complexity. Our goal is to surface risks and foster dialogue to avoid the emergence of an Internet of Insecure Industrial Things.