JISC Legal : Cloud Computing

Site Map
Privacy Statement
Copyright Policy
Accessibility
Feedback

COOKIES: This site uses Google Analytics Cookies for performance monitoring only. By using our website you agree that we can place these cookies on your device.

Legal Guidance for ICT Use in Education, Research and External Engagement

Home
My Role
Legal Areas
Themes
Contact Us
- Enquiry Form
About Us
Training
- JISC Legal Plus

Content

Themes

Cloud Computing

You can access the JISC Legal Cloud Computing and the Law Toolkit in our Guidance section below. The aim of this toolkit is to help you, as an educational professional, to make confident, informed decisions about implementing cloud computing solutions in your institution. It's suitable for anyone working in a teaching, research, management or support capacity in UK FE or HE.

Resources

Guidance
FAQs
Law Watch
Links

Mobile Technologies and the Law Overview (19 November 2012)
This paper considers the legal issues likely to arise from the use of mobile devices by colleges and universities. It is relevant for staff with responsibility for planning and managing the introduction and use of mobile technologies in their institution and for lecturers, researchers and support staff using or supporting the use of mobile technologies.

Sharing IT Services and the Law (11 July 2012)
This paper focuses on the main legal areas associated with sharing IT services.

Personal Data and Consent Management: A Briefing Paper (16 November 2011)

This guidance is designed to help institutions deal with consent management when sharing personal data across and between institutions and external service providers.

JISC Legal Cloud Computing and the Law Toolkit (31 August 2011)

Whether you work in a teaching, research, management or support capacity, the toolkit will help you to make confident, informed decisions about implementing cloud computing solutions in your institution.

Consent Management: Handling Personalisation Data Lawfully (21 February 2011)

This JISC Legal study, funded by JISC's Information Environment Programme, addresses clear questions that arise in relation to learners’ access and identity.

Data Protection Code of Practice for FE and HE (9 May 2008)

The Data Protection Code of Practice is designed to provide guidance to the FE and HE sectors on issues pertaining to Data Protection law affecting their day-to-day operations.

What level of security should our institution be using for personal information?
The seventh data protection principle provides that "Appropriate technical and organisational measures shall be taken ... (cont)

Where does liability lie if an e-thesis is found to infringe the copyright of a third party?
Where copyright infringing third party material is included in an ‘e-thesis’, liability will lie with all parties who have taken part in the activity that is infringement.

Can an institution use a cloud service provider that is unable to give assurances that personal data will not be transferred to a country outside the EEA?It is important to recognise that in any situation where a data controller is using a data processor, the data controller remains responsible for compliance with the Data Protection Act 1998 (DPA).

Can a college or university use a cloud computing service if this will mean personal data being transferred outside the EEA?

The Data Protection Act 1988 (DPA) limits the transfer of personal data to countries within the European Economic Area (EEA) (the eighth data protection principle).

Does the US Patriot Act mean that any data stored in the cloud can be accessed by the US intelligence services?

The US Patriot Act is intended to assist terrorism prevention in the US and permits access to data by the US intelligence services in certain circumstances, including, but not limited to, in the interests of national security

Is a college or university liable if it loses personal user data stored using a cloud computing service?

Under the Data Protection Act 1988 (DPA) a college or university must ensure that the personal data relating to its staff, students and others remains secure including protecting such data from accidental loss (the seventh data protection principle)... (cont'd)

What law will apply if we use a cloud computing provider based abroad?

The nature of the cloud is such that it is likely that more than one legal jurisdiction will be involved in relation to any particular external cloud service... (cont'd)

What are the accessibility duty implications when using a cloud computing provider?

The Equality Act 2010 places a legal obligation on institutions not to discriminate against learners with disabilities in their service provision (including resources and delivery of teaching).

Nominet’s Dispute Procedure is Authoritative

Nominet decisions cannot be appealed by the back door to the courts. Rightsholders and registrants must get a DRS action right in the first place.

Websites Forced to Identify Trolls
New government proposals, to be added to the Defamation Bill, state that internet 'trolling' victims have a right to know who is behind the malicious comments made about them.

EU Data Protection Law Update on the Horizon
The EU Commission is tasked with producing proposals to reform the 1995 EU Data Protection Directive by the end of January 2012.

Defamation - Academics to get Increased Protection
Joint Committee report on defamation law recommends new notice and take-down internet procedures as well as increased protection for scientists and academics.

Protection of Freedoms Bill
Proposals in the Protection of Freedoms Bill include amending the Freedom of Information Act 2000 to create a new ‘right to data’ so that government-held datasets can be requested and used by the public.

INSPIRE Regulations 2009

Came into force on 31 December 2009.

Newspaper Headlines Can Attract Copyright Protection

(NLA) v Meltwater - In the particular circumstances of commercial news headlines and their monitoring and copying for commercial gain much of the content will attract copyright protection.

UK to Modernise Intellectual Property Laws

Recommendations made by the Hargreaves review of intellectual property and growth have been accepted by the Government.

What's Personal and What's Anonymous Data?

A data controller is able to anonymise originally-personal data to make it free of data protection law constraints.

Vitae Innovate Social Media Handbook
Vitae Innovate has published a 'Handbook of Social Media for Researchers and Supervisors' which is a resource to assist early career researchers and their supervisors adopt social media tools in their research and develop a social media strategy for research dialogues.

Guide to Social Networking in the Workplace

ACAS guide offers practical tips on the impact of social networking on discipline and grievances, bullying, defamation, data protection and privacy.

New Consultation on Cloud Computing

The European Commission has launched a consultation on cloud computing. This will feed into the European cloud computing strategy due to be presented in 2012.

Guidance to Increase Understanding of FOI rights

A dedicated 'one stop shop' has been produced, telling the public about their FOI rights, and a step by step guide on how to use them.

QMUL Research Papers on Cloud Computing

Queen Mary, University of London, have issued a series of papers on the legal issues associated with Cloud Computing.

Cloud Computing Toolkit Available

This toolkit aims to guide information professionals in assessing cloud computing services for information use and storage, including development of a cloud computing strategy.

EU Report Highlights Pros and Cons of Cloud Computing

The European Network and Information Security Agency (ENISA) has published its report ‘Security and Resilience in Governmental Clouds’ which assesses the operational, legal, and security requirements of cloud computing.

Search Site:

Cloud Computing Newslinks

New Mobile Technologies and the Law Overview Paper

This guidance from JISC Legal considers the legal issues likely to arise from the use of mobile devices by colleges and universities.

Mobile Technologies and the Law Overview (19 November 2012)

This paper considers the legal issues likely to arise from the use of mobile devices by colleges and universities. It is relevant for staff with responsibility for planning and managing the introduction and use of mobile technologies in their institution and for lecturers, researchers and support staff using or supporting the use of mobile technologies.

Google Offers EU-only Cloud

Google now provides institutions with the option to process and store personal data exclusively on servers based in the EU.

View all Cloud Computing news

JISC Legal Events

No articles match criteria.

Social Media