Home  |  Sarah  |  Services  |  Blog  Contact

Diana Initiative 2020 – Making space for security and data protection governance

Opinion: Paying to play with our personal data – is it ok?

We’ve migrated from ‘Hot or Not?’ to being held virtually hostage by many of the digital platforms we rely on today. In the midst of that a new processing paradigm has emerged. Myriad startups want to pay to play with your personal data. Can that tackle on-going privacy and human rights issues?

Diana Initiative 2020 – Making space for security and data protection governance

In AI we will blindly trust…

…and the architects, designers, data scientists, and developers will think we are nuts. People will buy AI without asking enough questions…it’s human and market nature.

Diana Initiative 2020 – Making space for security and data protection governance

Opinion: Morrisons, vicarious liability, and risk management reality

On the face of it organisations were just made liable for nefarious data doings of any nasty individual they might have had the misfortune to employ... or nice employees who just mess up. Even if organisations do nothing wrong and things happen in spite of 'appropriate' control, they might be...

Data Protection, Security, and the GDPR: Myths and misconceptions #2

Welcome back! This is a shamefully delayed sequel to my first instalment of security themed GDPR thoughts: Data Protection, Security, and the GDPR: A fraught and fuzzy relationship. Here I look back again over my pre-privacy IT and InfoSec career to spot things likely causing both sides most...

Data Protection, Security, and the GDPR: A fuzzy and fraught relationship

Data Protection, Security, and the GDPR: A fuzzy and fraught relationship

There can be no security without data protection There can be no data protection without security Of course neither is true. These kind of click-baity absolutist positions are a pervasive internet blight designed to divert attention from critical detail to exploit and divide us...or...less...

GDPR – The Compliance Conundrum

There is one question related to the General Data Protection Regulation that will arguably cause more ulcers than any other: How much is enough? In some portions of the GDPR 'good' is straightforward. In many others we are asked to respect principles of fairness and transparency while deciding...

Diana Initiative 2020 – Making space for security and data protection governance

Musing: Personal data ownership, virtual employment, and digital symbiotes

This is a post grown from a marmite-ish predecessor. A reaction to the drive to turn our personal data into a market priced commodity. Paying to play with our personal data - is it ok? A segmented unit of product that we are supposed to share for the price of a posh coffee. A price unlikely to...

We welcome the Children’s Commissioner report “Who knows what about me?” which shows how children’s data is routinely collected online. The report points out that children are among the first to be ‘datafied’ from birth, including policy and practice in schools, and comments on the datafication of children in the education sector; school databases, classroom…read the full article on the Defend Digital Me blog

Read more

The IT Asset Disposal Vicious Cycle

Most retired equipment is ground up for minimal financial and recycling return... ...that model is financially, environmentally, and socially unsustainable. The way we all do business is changing. Increasing numbers of staff work flexibly and use their own kit. Corporate smart device and cloud use...