[OSX-Users] OSX upgrade warning

Thu Sep 22 10:46:43 BST 2016

But it's also complicated by what was the Safe Harbour agreement, which 
has been replaced with the EU-US Privacy Shield. There are also other 
agreements such as the "modified clauses" in contracts drawn up with 
US-based companies, which provide additional safeguards so it didn't 
actually matter that Safe Harbour collapsed. There are a lot of 
companies with these modified clauses in their contracts, such as 
Blackboard, the people who run Canvas, Google, Microsoft and a whole 
host of others. Where necessary, JISC Legal have already negotiated 
these clauses into the companies' standard contracts for UK HE customers.

The landscape isn't half as simple as you appear to be painting it.

People might like to read some of this lot:
http://ec.europa.eu/justice/data-protection/international-transfers/eu-us-privacy-shield/index_en.htm
https://community.jisc.ac.uk/blogs/regulatory-developments/article/data-exports-update-2017
https://iconewsblog.wordpress.com/2016/02/11/safe-harbor-calmer-waters-on-the-horizon/
https://www.privacyshield.gov/welcome
and pretty much anything written by Andrew Cormack, who is the Chief 
Regulatory Adviser at JISC (and a bit of a bird-spotter).

Cheers,
Jules.

On 22/09/2016 09:48, Christopher Gutteridge wrote:
> I've written to the security manager in iSolutions. His usual approach 
> is that for non legally protected data, like research etc, he'll help 
> you understand the risk and you can make a choice. However with 
> personal data he's (rightly) much more strict.
>
> I've asked if there's a recommended easy-to-consume page about good 
> practice and any services that are recommended or that we should avoid.
>
> My current understanding is that we shouldn't send people's personal 
> data to countries which do not have suitable data-protection laws. 
> There are exceptions if a specific company complies to rules, but just 
> shoving stuff in the cloud is reckless when it could cause harm if 
> leaked.
>
> Something to think about; would you be happy with the NHS casually 
> using dropbox to move patient records?
>
>
> On 22/09/2016 09:20, Tim Chown wrote:
>> Chris, we’re leaving the EU too, do we need to send all our documents 
>> to France? ;)
>>
>> But more seriously, yes, that sounds like a good idea.
>>
>> Tim
>>
>>> On 21 Sep 2016, at 21:42, Christopher Gutteridge 
>>> <cjg at ecs.soton.ac.uk> wrote:
>>>
>>> If useful I can ask if we can have some guidelines to help people 
>>> apply some basic rules to avoid the most serious risks. The basic 
>>> rule of thumb I work to is that non-public information about people, 
>>> even non-structured data, should not leave the EU. This is pretty 
>>> good stuff, it's to protect people, not profits. We do have a duty 
>>> to protect our staff, students and others who trust us with their data.
>>>
>>> Our staff clearly don't have a good touchstone for knowing what's OK 
>>> and what's really bad. The law is quite clear and the fines for 
>>> serious breaches are quite punitive.
>>>
>>>
>>> On 21/09/2016 16:28, Leslie Carr wrote:
>>>> It looks like (from Chris’ explanation of the institutional 
>>>> sensitivities) the issue is not “which platform” but “what documents”.
>>>>
>>>> So I am checking whether my historic course admin materials (which 
>>>> are on Dropbox) contain any marking information.
>>>> —
>>>> Les
>>>>
>>>>
>>>>> On 21 Sep 2016, at 16:11, Tim Chown <tjc at ecs.soton.ac.uk> wrote:
>>>>>
>>>>> Git is great for certain things.
>>>>>
>>>>> Concurrent joint editing of documents isn’t really one, e.g. 
>>>>> during a telecon (I also use etherpad for this).
>>>>>
>>>>> Easy access to files from a wide variety of platforms is another - 
>>>>> that’s where dropbox is so well integrated into many apps.
>>>>>
>>>>> But it’s a good question Vladi, and maybe some recommendations for 
>>>>> universities would be good to see.
>>>>>
>>>>> Tim
>>>>>
>>>>>
>>>>>
>>>>>> On 21 Sep 2016, at 15:58, Christopher Gutteridge 
>>>>>> <cjg at ecs.soton.ac.uk> wrote:
>>>>>>
>>>>>> We have at least two git repositories but I'm not sure of the 
>>>>>> official rules on access. ECS people can almost certainly use 
>>>>>> gitlab for non public git work.
>>>>>>
>>>>>> http://gitlab.soton.ac.uk/
>>>>>>
>>>>>>
>>>>>> On 21/09/2016 15:47, Vladimiro Sassone wrote:
>>>>>>> On 21 Sep 2016, at 15:35, Jules Field <Jules at ecs.soton.ac.uk> 
>>>>>>> wrote:
>>>>>>>> which incidentally is not good for a lot of purposes
>>>>>>> would you care to elaborate? As I see it, none of them (dropbox, 
>>>>>>> one drive, box, …) is any good for much, google drive and iCloud 
>>>>>>> a little bit better… Wouldnt be nice to just set up a university 
>>>>>>> Git repository…
>>>>>>>
>>>>>>> \vs
>>>>>>>
>>>>>>>
>>>>>> -- 
>>>>>> Christopher Gutteridge -- http://users.ecs.soton.ac.uk/cjg
>>>>>>
>>>>>> University of Southampton Open Data Service: 
>>>>>> http://data.southampton.ac.uk/
>>>>>> You should read our Web & Data Innovation blog: 
>>>>>> http://blogs.ecs.soton.ac.uk/webteam/
>>>>>>
>>> -- 
>>> Christopher Gutteridge -- http://users.ecs.soton.ac.uk/cjg
>>>
>>> University of Southampton Open Data Service: 
>>> http://data.southampton.ac.uk/
>>> You should read our Web & Data Innovation blog: 
>>> http://blogs.ecs.soton.ac.uk/webteam/
>>>
>>
>

Jules

-- 
Jules Field MEng MBCS CITP CEng
email+iMessage: Jules at ecs.soton.ac.uk
Twitter: @JulesFM

Senior Tutor, Electronics and Computer Science
Teaching Systems Manager, Faculty of Physical Sciences and Engineering
University of Southampton SO17 1BJ, UK

'Ever since the dawn of civilization, people have craved for an
  understanding of the underlying order of the world: why it is as
  it is, and why it exists at all. But even if we do find a complete
  theory of everything, it is just a set of rules and equations. What
  is it that breathes fire into the equations, and makes a universe
  for them to describe?' - Stephen Hawking