COMP1205 Data protection and security

Published on Jun 7, 2012 by icocomms This ICO training video helps answer questions about the Data Protection Act, its impact on the working environment and how to handle and protect people's information. (Produced by Central Office of Information, Crown Copyright 2006)

Mass Surveillance of Personal Data by EU Member States and its Compatibility with EU Law. CEPS Liberty and Security in Europe No. 61, 6 November 2013

In the wake of the disclosures surrounding PRISM and other US surveillance programmes, this paper assesses the large-scale surveillance practices by a selection of EU member states: the UK, Sweden, France, Germany and the Netherlands. Given the large-scale nature of these practices, which represent a reconfiguration of traditional intelligence gathering, the paper contends that an analysis of European surveillance programmes cannot be reduced to a question of the balance between data protection versus national security, but has to be framed in terms of collective freedoms and democracy. It finds that four of the five EU member states selected for in-depth examination are engaging in some form of large-scale interception and surveillance of communication data, and identifies parallels and discrepancies between these programmes and the NSA-run operations. The paper argues that these programmes do not stand outside the realm of EU intervention but can be analysed from an EU law perspective via i) an understanding of national security in a democratic rule of law framework where fundamental human rights and judicial oversight constitute key norms; ii) the risks posed to the internal security of the Union as a whole as well as the privacy of EU citizens as data owners and iii) the potential spillover into the activities and responsibilities of EU agencies. The paper then presents a set of policy recommendations to the European Parliament.

The Political and Judicial Life of Metadata: Digital Rights Ireland and the Trail of the Data Retention Directive. CEPS Paper in Liberty and Security No. 65, May 2014

This paper examines the challenges facing the EU regarding data retention, particularly in the aftermath of the judgment Digital Rights Ireland by the Court of Justice of the European Union (CJEU) of April 2014, which found the Data Retention Directive 2002/58 to be invalid. It first offers a brief historical account of the Data Retention Directive and then moves to a detailed assessment of what the judgment means for determining the lawfulness of data retention from the perspective of the EU Charter of Fundamental Rights: what is wrong with the Data Retention Directive and how would it need to be changed to comply with the right to respect for privacy? The paper also looks at the responses to the judgment from the European institutions and elsewhere, and presents a set of policy suggestions to the European institutions on the way forward. It is argued here that one of the main issues underlying the Digital Rights Ireland judgment has been the role of fundamental rights in the EU legal order, and in particular the extent to which the retention of metadata for law enforcement purposes is consistent with EU citizens’ right to respect for privacy and to data protection. The paper offers three main recommendations to EU policy-makers: first, to give priority to a full and independent evaluation of the value of the data retention directive; second, to assess the judgment’s implications for other large EU information systems and proposals that provide for the mass collection of metadata from innocent persons, in the EU; and third, to adopt without delay the proposal for Directive COM(2012)10 dealing with data protection in the fields of police and judicial cooperation in criminal matters.

‘Wrong number?’ The Use and Misuse of Asylum Data in the European Union. CEPS Paper in Liberty and Security in Europe No. 69/December 2014

The Common European Asylum System (CEAS) is an EU policy area that is particularly evocative of the ‘politics of numbers’. The European Union has at its disposal a wide array of sources providing detailed information about the capacities and pressures of its member states’ asylum systems. This paper discusses the content of asylum data and the evolving interaction between its different sources, ranging from the United Nations High Commissioner for Refugees to the European Commission’s EUROSTAT and DG HOME, the European Asylum Support Office, FRONTEX, the European Migration Network (EMN) and national databases. However, the way in which such data are often misused, or even omitted, in political debate affects the soundness of policy decisions in the CEAS. Drawing on debates over the contested phenomenon of ‘asylum shopping’ and the exemption of victims of torture and unaccompanied minors from accelerated and border procedures in the recast asylum procedures Directive, this briefing paper argues that solid data-based evidence is often absent from political negotiations on CEAS measures affecting refugees and asylum-seekers.

Safe Harbour or into the storm? EU-US data transfers after the Schrems judgment. Liberty and security in Europe No. 85/November 2015

In its recent Schrems judgment the Luxembourg Court annulled Commission Decision 2000/520 according to which US data protection rules are sufficient to satisfy EU privacy rules regarding EU-US transfers of personal data, otherwise known as the ‘Safe Harbour’ framework. What does this judgment mean and what are its main implications for EU-US data transfers? In this paper the authors find that this landmark judgment sends a strong message to EU and US policy-makers about the need to ensure clear rules governing data transfers, so that people whose personal data is transferred to third countries have sufficient legal guarantees. Without such rules there is legal uncertainty and mistrust. Any future arrangement for the transatlantic transfer of data will therefore need to be firmly anchored in a framework of protection commensurate to the EU Charter of Fundamental Rights and the EU data protection architecture.

Migration and Asylum Data for Policy-making in the European Union – The problem with numbers. CEPS Liberty and Security in Europe No. 89/March 2016

Among many other problems, the migration, humanitarian and policy crises in the European Union in 2015 and early 2016 have highlighted a pressing need for reliable, timely and comparable statistical data on migration, asylum and arrivals at national borders. In this fast-moving policy field, data production and the timeliness of dissemination have seen some improvements but the sources of data remain largely unchanged at national level. In this paper the author examines the reasons for some of the problems with the data for policy and for public discussion, and makes a set of recommendations that call for a complete and updated inventory of data sources and for an evaluation of the quality of data used for policy-making.

Selected data on initial operations under the disability freeze provision of the Social Security Amendments of 1954.

Mode of access: Internet.

Comprehensive security in data processing systems : the state of the art /

"UIUCDCS-R-75-725"

Computer security and the data encryption standard : proceedings of the Conference on Computer Security and the Data Encryption Standard held at the National Bureau of Standards in Gaithersburg, Maryland, on February 15, 1977 /

Mode of access: Internet.

Social Security could improve its management and detection of postentitlement changes by using postadjudication appraisal data /

"January 20, 1984."

Social Security Administration's data communications contracts with Paradyne Corporation demonstrate the need for improved management controls : report to the chairman, Committee on Government Operations, House of Representatives /

"B-213963"--Prelim. p.

Additional information on the Social Security Administration's management of data communications contracts with Paradyne Corporation.

"B-213963."