Tag Archives: brexit

Copyright issues in HE video use

Matt Goral
Educational Technologist
City, University of London

Media and Learning Conference 2018 – Leuven, Belgium

As a grateful recipient of a UCISA Bursary, I was fortunate enough to travel to Leuven in Belgium for the Media and Learning Conference.
The Media and Learning Conference is jointly organised by the University KU Leuven and the not-for-profit European Media & Learning Association. Around 90% of participants come from academic organisations with contributors coming from a wide range of international organisations. The main themes of this year’s conference were: innovating learning; exploring different video-based formats; scaling up services; improving the effectiveness of video; video as an assessment tool; video-based learning analytics; augmenting video.
These blog posts are a reflection on the presentations and discussions at the conference.  There were a lot of topics, formats, points of view and discussions which makes it difficult to provide a coherent linear narrative, so instead I will discuss a few different topics.

Discussion: Legal and ethical issues affecting video use in higher education
Anna Mazgal and Bartolomeo Meletti

Anna Mazgal from Wikimedia and Bartolomeo Meletti from Learning on Screen, shared their thoughts and advice on dealing with copyright and intellectual property. It’s an intimidating and often ignored topic. Lectures often want black and white answers, but with copyright law the answer is usually ‘it depends’. This means that there is a perception that it’s too complicated and people often avoid the topic entirely, either by refraining from including any copyright material or including it regardless of the law. In reality the law is generally more permissive than we may think, and the many exceptions provide means of including copyrighted material in our lectures, videos, presentations, etc. One useful resource that tried to explain the differences between countries is copyrightexceptions.eu.  It’s worth exploring to get a good overview of what we might be able to use.

Personally, I also wanted to find out if Brexit will have a big impact on this, but Bartolomeo did not think so, which was reassuring. There may be small challenges but overall it’s not likely to change, as many regulations are embedded in UK law already.

Interested in applying for a UCISA bursary? Then visit UCISA Bursary Scheme.

EU-GDPR: Using the fear stick is missing an opportunity

The General Data Protection Regulation is scheduled to come into force in May 2018. As it will be EU Law before the process to leave the EU is completed, it will be one of the pieces of legislation that will roll over into UK law. In this article that was first published on LinkedIn, Craig Clark, Information Security and Compliance Manager at the University of East London, highlights the opportunities GDPR presents.

For those that have worked in privacy for a long time, the path towards the final draft of the General Data Protection Regulation has been incredibly long (2011) and at times frustrating. Now that the count down is well underway, CIO’s, Information Security types and those in IT or legal functions seemingly can’t escape the barrage of GDPR related content on their news feeds and meeting agendas.

I have kept a close eye on how the GDPR compliance issue is being pitched by vendors, lawyers and GRC consultants and in an overwhelming number of cases the key point they want to drive home is the increased penalties for non compliance – usually with a headline similar to : IF YOUR ORGANISATION DOES NOT COMPLY WITH THE GDPR THEY COULD BE FINED €20 MILLION!

While this is technically correct it is entirely misleading, not least because the next line should read (or 4% of annual global turnover, whichever is higher). The GDPR is about much more then penalties, fines and liabilities. While one of the core aims is to enhance the protection of Data Subjects with an significant increase in their rights, there are many potential benefits for organisations. The problem is that by leading with a large negative, there is a serious risk that the advantages the Regulation offers are going to be overlooked.

Lets take a look at some key advantages:

Improved Records Management

Perhaps the most obvious benefit is that the GDPR presents an opportunity to explore and refresh how you gather, store, and use and delete data. This is a chance to unleash real business value out of all that personal information you currently curate, often, at the moment, for no other reason than because it is there. This leads to huge costs of storing unnecessary data and the complex challenge of now trying to unravel what they need to store for business purposes. By employing data minimisation, and ensuring that data subjects data can be kept up to date as a matter of design, organisations could benefit from:

  • improved efficiency in customer interactions
  • reduced data storage costs (electronically and physically)
  • less wasteful marketing campaigns that use out of date information
  • lower security risk due to less personal data on file
  • lower likelihood of regulatory intervention
  • Development of Trust

    For many organisations trust is the hardest virtue to instil in its customers and the first thing to be lost when things go wrong. If we take the TalkTalk data breach as a classic example, their customer base significantly reduced in the immediate aftermath of the data breach and despite major changes to their Information Security practices, this has had a significant impact on their customer numbers and subsequently the forecasts they can make about future performance. Quite simply people no longer trust them.

    By mandating the need for improved security and reporting organisations have the opportunity to show that they take the security of customers data seriously. After all without that data, what would the business be? By actively demonstrating a willingness to comply with and embrace GDPR organisations will demonstrate a strong commitment to their customers and keep them coming back, protecting and growing the organisational brand.

    Improved Operational Effectiveness

    One of the most positive aspects that can be taken from GDPR is that it allows business to fully champion a risk-based approach to Information management. This means that whilst the rules are the same for everyone, how these rules are applied will largely be up to the organisation to decide depending on the level of risk that a given data activity presents for people’s privacy. Many of the obligations in the GDPR can be implemented in varying degrees depending on the risk appetite. This means that organisations can choose to implement procedures and practices based on their business and the level of privacy they need to provide, rather then implementing procedures for the sake of it. This could be regarded as a source of uncertainty for the C-Suite but in practice, the risk-based approach is what will make the GDPR not only effective but fair.

    Pulling it Together

    Once an organisation has looked past the headlines and begins to scope out how they are going to achieve compliance, the obvious question is “Where do I start?” Make no mistake, GDPR compliance will be complex for medium to large enterprises but there is a path through it. One of the first things organisations should look at is the ICO document 12 steps to take now. This guide will allow organisations to being planning and feeding in their specific requirements. Once the initial plan is outlined it is my view that the smoothest path to compliance is to integrate a Personal Information Management System (PIMS) into the current business model. For organisations that utilise an Information Management System (ISMS) such as ISO27001 this will be familiar territory. For those that do not, the current PIMS standard in the UK is BS10012:2009 however BS10012:2016 is being rewritten to include the requirements of the GDPR. Implementing this standard will allow an organisation to benchmark personal information management practices with recognised best practice. Crucially, it will also allow organisations to produce auditable evidence on their data privacy practices and go a long way to satisfying the Information Commissioners Office that organisations take on board that data privacy is no longer ‘best efforts’.

    Scotland and Brexit

    I attended a seminar last week considering the impact of the Referendum result in Scotland. As UCISA is a UK wide organisation it is important to understand the range of views across the UK and the potential impacts on the devolved nations. In Scotland, along with Northern Ireland, the majority cast their votes in favour of remaining in the EU. Nicola Sturgeon has made the Scottish Government view clear – they wish the majority view in Scotland to be respected and for Scotland to remain in the EU. To what extent that can be achieved isn’t clear, partly because the new cabinet at Westminster is still defining its approach to leaving the EU.

    The lack of clarity stems from before the referendum. There was no White Paper to outline the proposed action in the event of a vote to leave – this contrasts with the approach taken with the Scottish independence referendum where options for both outcomes were known. Further it has become evident that there were no plans or contingencies for a leave success. It isn’t clear how the exit will be triggered or who needs to be consulted – and this might not be clear until a number of legal challenges have been addressed later in the year. Finally, the notion of leaving the EU means different things to different people – there remains a great deal of negotiation between constituents within Government for a clear picture to emerge.

    What are the options for Scotland? Given that there appears to be reluctance to hold a further referendum on independence, it will probably be limited to trying to influence a move to a least worst option. David Davies, in his address to Parliament on 5 September, stated that the devolved administrations would have an important role to play (but that they would have no veto). So Scotland will need to lobby hard for a softer Brexit with continued access to free trade against the hard line Brexiteers within the UK Government. An alternative might be for Scotland to build stronger relationships with the EU post exit in certain areas such as agriculture or higher education. However, this may require a further Scotland Act to devolve more powers to Holyrood in order to be achievable. A further option could be for Scotland and Northern Ireland, as the two nations within the UK that voted to remain, to take over the UK’s EU membership but the constitutional challenges that would present within the UK makes that extremely unlikely.

    The result of the Referendum on June 23 will have an immediate impact even before negotiations begin. The demands placed on the Civil Service to inform the negotiations and manage the process will cost, both financially and in terms of time spent away from business as usual. So it may be prudent for those organisations that receive direct or indirect Government funding to budget for a reduction in income. Further, it may mean that some issues that might have occupied parliamentary time will be pushed further down the queue.

    So what will be the impact on higher and further education in Scotland? Whilst education remains a priority for Holyrood, it is way down the list in the Westminster Government’s Brexit considerations and it will be some time before the full impact is understood. The risk to research through the loss of EU funding and collaboration opportunities is well documented. In the short term, there is the risk of further reduction in central funding and a risk to student numbers. Brexit has given added impetus to the Home Office perspective on international students and the potential damage to applications from beyond the EU. EU student numbers may also decline amidst the uncertainty.

    UK universities and their representative bodies will need to be effective in lobbying and influencing Government over the coming months and years. In the short term this will be needed to remove uncertainty (for example, reassuring EU students applying now for 2017 that their fees won’t rise during their course); longer term it will be needed to ensure the continued global success of the sector. What is clear is that the uncertainty means that universities will need to plan for a range of potential scenarios – the need for quality data and systems to support this has never been greater.

    (Previously published on Peter Tinson’s blog page)