Are you concerned about whether your use of CCTV, whether in the classroom or workplace, is legal? Do you know what information people are legally entitled to request, if you use it? Kate Grimley Evans, solicitor at Stone King LLP, takes you through the basics of how to use CCTV legally and where to look for further advice.
Integrated Cybersecurity and the Internet of ThingsDr David Probert
Presentation given in Madrid at the East-West International Security Conference - October 2015. The topics include Integrated Cybersecurity and Physical Security as well as developments in the Internet of Things. The talk discusses models, architectures and standards for the IoT as well as a survey of some EU work under the IERC Programme. Finally the talk makes suggestions for actions by Chief Security Officers (CSOs) to prepare themselves for IoT Security. It is recommended that CSOs review the security for ALL their legacy networked devices to mitigate the risks of cyber attacks. The talk was given by Dr David Eric Probert on 27th October 2015 at the Security Conference Venue - Melia Galgos Hotel - Madrid, Spain.
Computer , Internet and physical security.Ankur Kumar
It refers to protection of a computer and the information stored in it, from the unauthorised users.
Computer security is a branch of computer technology known as information security as applied to computers and networks.
Integrated Cybersecurity and the Internet of ThingsDr David Probert
Presentation given in Madrid at the East-West International Security Conference - October 2015. The topics include Integrated Cybersecurity and Physical Security as well as developments in the Internet of Things. The talk discusses models, architectures and standards for the IoT as well as a survey of some EU work under the IERC Programme. Finally the talk makes suggestions for actions by Chief Security Officers (CSOs) to prepare themselves for IoT Security. It is recommended that CSOs review the security for ALL their legacy networked devices to mitigate the risks of cyber attacks. The talk was given by Dr David Eric Probert on 27th October 2015 at the Security Conference Venue - Melia Galgos Hotel - Madrid, Spain.
Computer , Internet and physical security.Ankur Kumar
It refers to protection of a computer and the information stored in it, from the unauthorised users.
Computer security is a branch of computer technology known as information security as applied to computers and networks.
The Tsaaro Academy offers CT DPO Intermediate Certification to privacy enthusiasts who want to be certified to handle GDPR and ePrivacy compliance. Click here to learn more and get started today.
What is GDPR and why does it matter to me? Desynit
An introduction to the most radical changes to data protection in the last 10 years. Stephan Chandler-Garcia from Digital Catapult gives you an overview of the General Data Protection Regulation and how you can stay ahead of the curve as a Salesforce user. We will be looking at new ways of thinking about your customers data and new ways of managing consent.
Education law conferences, March 2018, Keynote 2 - 10 steps in 10 weeks to GD...Browne Jacobson LLP
This sessions provides 10 steps schools can take in the 10 weeks leading up to the enforcement of the General Data Protection Regulation on 25 May 2018.
A Complete Guide to Managing the Legal and Ethical Environment of Surveillanc...rajsriinfotek1
Rajsri Infotek - Trusted CCTV camera suppliers, offering a diverse range of security solutions with a commitment to excellence and customer satisfaction.
Security Management in Cloud Computing by Shivani Gogia - Aravali College of ...acemindia
With the adoption of public cloud services, a large part of your network, system, applications, and data will move under third-party provider control.
For this :
What security controls must the customer provide over and above the controls inherent in the cloud platform, and
How must an enterprise’s security management tools and processes adapt to manage security in the cloud.
BYOD and the Law (May I Text You That Writ?)JISC Legal
Presentation on Bring Your Own Device and the Law, delivered by Jason Miles-Campbell at the RSC Scotland Bring Me That Horizon Annual Conference, Edinburgh on 7 June 2013.
Countdown to CCPA: 48 Days Until Your IBM i Data Needs to Be SecuredPrecisely
The California Consumer Privacy Act (CCPA) takes effect on January 1, 2020, mandating that data about consumers be protected against a breach. If your IBM i system contains data for consumers from the state of California, the time to prepare is now.
In this webinar featuring well-known IBM i encryption expert Patrick Townsend, we share information that will help you prepare for CCPA compliance, including:
• Consumer rights granted by CCPA
• Hardening systems to prevent a breach
• Obscuring data to prevent exposure
• How Syncsort can help
CCPA is almost here. View this webinar on-demand and get started down the path to compliance!
General Data Protection Regulation (GDPR) tidal wave that has hit, are you ready? Is your organization prepared for the extensive privacy requirements GDPR puts forth for any organization handling EU Data Subjects' personal Data? At this point, organizations must have a complete inventory of personal data and have conducted a DPIA against it. A handful of supervisory authorities have issued compliance guidelines, but your organizations must be able to assess compliance with this ambiguous regulation at any time.
Many aspects of GDPR define the distinction between a data collector and a data processor, their respective responsibilities and compliance requirements. Those responsibilities will have an effect on the contracts you negotiate with third parties, the way in which you evaluate the risks involved with establishing a business relationship and the policies you develop to maintain compliance to the regulations.
Join this webinar to learn:
*More information about GDPR and what the industry is experiencing to date
*What minimum requirements you should have had in place by May 25, 2018
*What you should plan to do for the next 12-18 months if you are not completely ready
*What the SEC Privacy Shield program is and why you should self-certify
*How to continuously monitor vendor risk KPIs
This presentation explores the risk facing all charities and businesses if adequate thought is not given to the protection and security of one of its most treasured assets, its website.
The Tsaaro Academy offers CT DPO Intermediate Certification to privacy enthusiasts who want to be certified to handle GDPR and ePrivacy compliance. Click here to learn more and get started today.
What is GDPR and why does it matter to me? Desynit
An introduction to the most radical changes to data protection in the last 10 years. Stephan Chandler-Garcia from Digital Catapult gives you an overview of the General Data Protection Regulation and how you can stay ahead of the curve as a Salesforce user. We will be looking at new ways of thinking about your customers data and new ways of managing consent.
Education law conferences, March 2018, Keynote 2 - 10 steps in 10 weeks to GD...Browne Jacobson LLP
This sessions provides 10 steps schools can take in the 10 weeks leading up to the enforcement of the General Data Protection Regulation on 25 May 2018.
A Complete Guide to Managing the Legal and Ethical Environment of Surveillanc...rajsriinfotek1
Rajsri Infotek - Trusted CCTV camera suppliers, offering a diverse range of security solutions with a commitment to excellence and customer satisfaction.
Security Management in Cloud Computing by Shivani Gogia - Aravali College of ...acemindia
With the adoption of public cloud services, a large part of your network, system, applications, and data will move under third-party provider control.
For this :
What security controls must the customer provide over and above the controls inherent in the cloud platform, and
How must an enterprise’s security management tools and processes adapt to manage security in the cloud.
BYOD and the Law (May I Text You That Writ?)JISC Legal
Presentation on Bring Your Own Device and the Law, delivered by Jason Miles-Campbell at the RSC Scotland Bring Me That Horizon Annual Conference, Edinburgh on 7 June 2013.
Countdown to CCPA: 48 Days Until Your IBM i Data Needs to Be SecuredPrecisely
The California Consumer Privacy Act (CCPA) takes effect on January 1, 2020, mandating that data about consumers be protected against a breach. If your IBM i system contains data for consumers from the state of California, the time to prepare is now.
In this webinar featuring well-known IBM i encryption expert Patrick Townsend, we share information that will help you prepare for CCPA compliance, including:
• Consumer rights granted by CCPA
• Hardening systems to prevent a breach
• Obscuring data to prevent exposure
• How Syncsort can help
CCPA is almost here. View this webinar on-demand and get started down the path to compliance!
General Data Protection Regulation (GDPR) tidal wave that has hit, are you ready? Is your organization prepared for the extensive privacy requirements GDPR puts forth for any organization handling EU Data Subjects' personal Data? At this point, organizations must have a complete inventory of personal data and have conducted a DPIA against it. A handful of supervisory authorities have issued compliance guidelines, but your organizations must be able to assess compliance with this ambiguous regulation at any time.
Many aspects of GDPR define the distinction between a data collector and a data processor, their respective responsibilities and compliance requirements. Those responsibilities will have an effect on the contracts you negotiate with third parties, the way in which you evaluate the risks involved with establishing a business relationship and the policies you develop to maintain compliance to the regulations.
Join this webinar to learn:
*More information about GDPR and what the industry is experiencing to date
*What minimum requirements you should have had in place by May 25, 2018
*What you should plan to do for the next 12-18 months if you are not completely ready
*What the SEC Privacy Shield program is and why you should self-certify
*How to continuously monitor vendor risk KPIs
Similar to Key Points on The Law Relating To CCTV (20)
This presentation explores the risk facing all charities and businesses if adequate thought is not given to the protection and security of one of its most treasured assets, its website.
Your focus to date is likely to have been on your organisation’s use of personal data. However, it is really important that you don’t forget your contracts – specifically any data processing contracts that you have (or should have) in place with a data processor, such as a payment processor or payroll service.
Social Media and Your Staff by Brian Miller and Jean Boyle, solicitors at Sto...Brian Miller, Solicitor
Brian Miller and Jean Boyle, solicitors at Stone King take you through the legal implication of using social media and how to ensure your staff are aware of the consequences of using it in your organisation.
Brian Miller, a solicitor and partner at Stone King LLP, goes through the new changes in the law as of 1 October 2015 which all businesses and organisations who deal with consumers need to know to ensure they are legally compliant.
Cloud computing is now ubiquitous in all areas of commerce and the third sector and is easy to set up, use and cheap to buy.
But should you just press the button and install, or are there more things to think about?
Brian Miller, solicitor and partner at Stone King LLP, takes a look at the important issues to consider before getting into bed with a cloud provider.
Brian Miller, solicitor and partner at Stone King LLP and Lauren Mitchum, trainee solicitor, provide a useful guide to ensuring your website is compliant with the law in all aspects, including advice on domain names, website content, disability discrimination, online terms, display of mandatory information, the impact of the Consumer Contracts Regulations, privacy policies and cookies, online advertising and the processing of payments
Data Protection and the Cloud (Part 2) by Brian Miller Solicitor and Vicki Bo...Brian Miller, Solicitor
In a more detailed look at data protection, Vicki Bowles takes a look at the new draft EU Data Protection Regulation, disclosure and BYOD (Bring Your Own Device).
Brian Miller then covers ISO certification, how to check whether your vendor’s systems are secure, how US Safe Harbor worked in practice, how it will do so with the new Privacy Shield and the various certification/accreditation systems for cloud computing vendors.
Data Protection in the Age of BYOD and Social Media by Vicki Bowles (Barrister)Brian Miller, Solicitor
In this brief Part 2 introduction to all things data protection, Vicki Bowles looks at issues such as disclosure, BYOD (Bring Your Own Device) and the impact of social media.
Have you lost control of your brand since the arrival of social media? Are people abusing your good name? Is all lost or is there still a way to protect a brand's reputation? Brian Miller of solicitors Stone King takes a look at some of the ways you can effectively stop others from damaging your name and goodwill on social media.
What All Organisations Need to Know About Data Protection and Cloud Computing...Brian Miller, Solicitor
Solicitor Brian Miller and barrister Vicki Bowles explore the legal and security aspects of data protection and putting your data in the cloud. This is part one (basic) of a two part course on data protection and cloud computing.
Brian Miller, solicitor and partner at Stone King LLP takes you through from scratch how to create your profile (see separate video presentation entitled 'Creating Your LinkedIn Profile'*) and network successfully on social media network, LinkedIn.
Feel free to download to receive all of the notes to the presentation.
* on YouTube at http://youtu.be/AIBc9pogk2M
An Introduction to Intellectual Property by Brian Miller, Trademark Lawyer an...Brian Miller, Solicitor
A whistlestop tour to protecting your brand and intellectual property by registration of trademarks, design rights and domain names and the consequences of not doing so. Includes guidance on how to deal with cybersquatters, copyright and its exceptions, how to register trade marks, design rights and patents, use of databases and website compliance.
Protecting your IP and Data Trustee Responsibilities by Brian Miller (Solici...Brian Miller, Solicitor
From Ethics to Fraud. These slides focus on concerns about internet fraud and data protection faced by charities and other not-for-profit organisations. Session 2 of the 23rd Catholic Charity Conference. Chair - Richard Maitland, Sarasins, Melanie Roberts.Sarasins, Brian Miller, Stone King and Vicky Bowles, Stone King.
How to Prevent Your Organisation’s IP from Being Stolen by Brian Miller Solic...Brian Miller, Solicitor
A whistle stop tour on copyright, trade marks, design rights, patents, website compliance, data security and putting your data in the cloud, presented by IP lawyer Brian Miller, Solicitor.
NATURE, ORIGIN AND DEVELOPMENT OF INTERNATIONAL LAW.pptxanvithaav
These slides helps the student of international law to understand what is the nature of international law? and how international law was originated and developed?.
The slides was well structured along with the highlighted points for better understanding .
Military Commissions details LtCol Thomas Jasper as Detailed Defense CounselThomas (Tom) Jasper
Military Commissions Trial Judiciary, Guantanamo Bay, Cuba. Notice of the Chief Defense Counsel's detailing of LtCol Thomas F. Jasper, Jr. USMC, as Detailed Defense Counsel for Abd Al Hadi Al-Iraqi on 6 August 2014 in the case of United States v. Hadi al Iraqi (10026)
3. Which uses are OK?
Answer : It depends!
You must comply with the Data Protection
Act in deciding whether or not to start or
continue the use.
So how?
4. Privacy Impact
Assessment
Information Commissioner
provides a Privacy Impact
Assessment Code of
Practice with a precedent
PIA.
It helps you consider the
Data Protection
Principles.
It isn’t compulsory but
doing one is good practice
and likely to improve your
legal position.
5. Data Protection
Principles
• fair (from Data
Protection Principle 1)
• proportionate in
relation to the purpose
of the system (from Data
Protection Principle 3)
What
you
do
should
be:
6. Data Protection Principles
Principle 1
Personal Data shall be processed fairly and lawfully
and , in particular, shall not be processed unless--
(a) at least one of the conditions in Schedule 2 is
met and
(b) in the case of sensitive personal data, at least
one of the conditions in schedule 3 is also met
Principle 3
Personal data shall be adequate, relevant and not
excessive in relation to the purposes or purposes for
which they are processed.
7. Being Fair
• What is the effect on
individuals’ privacy?
More likely to be unfair if there is
continuous filming or filming in
areas where people expect
privacy e.g. changing rooms,
private offices
8. Compliance with a schedule
2 Condition
Consent
Implied or express
Legitimate interests condition
The processing is necessary for the purposes
of legitimate interests pursued by the data
controller or by the third party or parties to
whom the data are disclosed, except where the
processing is unwarranted in any particular
case by reason of prejudice to the rights and
freedoms or legitimate interests of the data
subject.
9. Proportionality
Personal data shall
be adequate, relevant
and not excessive in
relation to the
purpose or purposes
for which they are
processed
Is using cameras the
best way to achieve
your objective? Have
you looked at
alternatives?
How good are the
images? If they are
not good enough for
the purpose then you
may not be able to
justify the use
10. Deciding if your use is
compliant
• Do a privacy impact assessment
• Consult the ICO’s Employment Practices
Code
• Consult the ICO’s CCTV Code of Practice
11. What to think about
The ICO CCTV Code will help you comply but think about these things
• Why do you want to use CCTV. Is it the best way to achieve your objective
• Will people know what you are doing?
• Signs
• Privacy Notices (DfE precedents available)
• Do you have a CCTV policy or a Data Protection Policy covering the issue
• How long are you keeping the images?
• What are the data storage arrangements?
• Individual rights of subject access
• Staff training
• Does your registration with the ICO (officially called the ‘Notification’) show that you
have CCTV? You are no longer required to list all the purposes for which you use
CCTV but you do need to say that you have CCTV. There is currently no up to date
guidance on the notification process and no indication of when new guidance will be
issued but there is an ICO notification helpline which is 0303 123 1113.
12. Overlap with other issues
Facial recognition – biometric
technology – follow DfE
Guidance on Biometrics in
schools
Staff Monitoring – refer to the
ICO Employment Practices
Code
13. Employment Practices
Code
Whenever you are filming staff to monitor performance or conduct consult this Code
and also do a Privacy Impact Assessment. There is overlap between this Code and
a PIA but the Code will help you make sure you have asked the right questions.
Whether you should be monitoring in a particular case
Privacy impact
Considering alternatives
14. Practical examples
• Monitoring staff all the time is very privacy
intrusive.
• Can you really justify a camera being on in a
classroom or workplace all the time?
• Is it necessary?
• Can you limit the area covered?
• Private areas are different from corridors.
• Be careful about relying on consent in the
employment context
15. Requests for disclosure of
footage
FOI requests
DPA subject
access requests
DPA disclosures
not under
subject access
16. Subject access requests to
view footage
Balancing the data rights of different people
• Section 7(4) Where the data controller cannot
comply with the request without disclosing
information relating to another individual who can
be identified from that information, he is not
obliged to comply with the request unless—
(a) the other individual has consented to the
disclosure of the information to the person
making the request, or
(b) it is reasonable in all the circumstances to comply
with the request without the consent of the other
individual
18. Useful links
• CCTV Code of practice published by the Information Commissioners
Office. This is available here:
• ICO notification helpline which is 0303 123 1113.
• Formal privacy assessment. See here.
• If you are monitoring staff through a surveillance system then you
should make sure you have complied with the ICO’s Employment
Practices Code.
• Are you using the DfE standard form privacy notices for staff and
students and have you adapted them to cover any issues specific to
your school?
• Is the data secured securely? If you are using Cloud Storage, follow
the ICO’s guidance on Cloud Computing
• Are you using cameras to identify people ie. via facial recognition. If
so, you must follow the DfE guidance on biometric technologies
20. Slide 1 Some rights reserved by charbel.akhras
Slide 2 Some rights reserved by Tulane Public Relations
Slide 3 Some rights reserved by seven_resist
Slide 4 Some rights reserved by vintagedept
Some rights reserved by rpongsaj
Slide 6 Some rights reserved by ssalonso
Slide 7 Some rights reserved by David Maddison
Slide 8 Some rights reserved by MyTudut
Slide 9 Some rights reserved by StockMonkeys.com
Some rights reserved by BlueAndWhiteArmy
Some rights reserved by Bernie Goldbach
Slide 10 Some rights reserved by mollybob
Slide 12 Some rights reserved by Editor B
Some rights reserved by Re-Entry One Stop
Slide 14 Some rights reserved by ChrisGoldNY
Slide 15 Some rights reserved by khairoun
Slide 16 Some rights reserved by winnifredxoxo
Slide 19 Some rights reserved by Raymond Bryson