Thursday, 30 May 2013

G-Cloud Programme & Major Projects Authority review

The UK G-Cloud programme had an 'Amber/red' rating, according to this article. The article was about the recent report by the Major Projects Authority on the performance of key UK government projects (Government's Major Projects Portfolio, aka GMPP).

But the G-Cloud team has clarified that 'G-Cloud was rated as amber/green for delivery and amber/red for funding'. It would still be helpful, however, to have more info on exactly what's meant by 'for funding'? And if there are different ratings for delivery and funding, why not provide info on both for all projects reviewed?

Also, here's the link to more detailed info about the 5 Cabinet Office projects (Public Services Network Programme,  National Cyber Security Programme, National Citizen Service, Electoral Registration Transformation Programme and G-Cloud Programme), from which I've extracted just the part about G-Cloud, below, slightly expanded for clarity. I'm posting it because neither that article nor the MPA's report, which is stated to be based on the GMPP position as at quarter 2 2012/13 (June-September 2012), seems to link to the detailed data, although the article quotes some of it. And here's a link to all the Major Projects data.

Project name

G-Cloud Programme (covers Data Centre Consolidation and Application Store)

Department

Cabinet Office

MPA RAG rating

Amber/Red
(A Delivery Confidence Assessment of the project at a fixed point in time, using a five-point scale, Red – Amber/Red – Amber – Amber/Green – Green; the RAG definitions are explained in the MPA Annual Report)

Description / aims

Implementing the Government Cloud, CloudStore (formerly the Applications Store) and rationalising the number of data centres (programme now known as Hosting Services Consolidation) in order to deliver financial savings. Achieved by the delivery of the following action identified in the Government ICT Strategy published in March 2011:
* Create a online Applications Store by April 2012
* Reduce the cost of data centres across the Government estate leading to a 35% reduction in costs over 5 years. Produce a plan by October 2011
* Publish a Cloud Computing Strategy by October 2011

Departmental narrative, actions on Delivery Confidence Assessment

The Programme has delivered a viable CloudStore supported by an ambitious procurement framework. It has marketed this across a wide range of ICT vendors and the public sector. The concept has clearly generated an enthusiastic response from suppliers, particularly SMEs, that have not previously had access to government. In the last couple of months G-Cloud has started to see exponential growth in sales and anecdotal evidence suggests that it has driven considerable levels of savings through transparent pricing.

The Programme still has a significant number of challenges to overcome to reach its stated savings objectives and its aspiration to fundamentally change central government ICT buying behaviours. In particular, departments have yet to fully change their culture in terms of approach to ICT as old ways of doing things are so deeply engrained. Key to this is a reshaping of the Programme to focus on the commercial aspects of the CloudStore as a retail proposition, improving the user experience and engaging the buying community more directly in the objectives of the programme. Crucial to large scale take-up will be working with departments and the Cabinet Office spending controls team to enforce use of the CloudStore across central government.

Scaling G-Cloud has been difficult to achieve to date due to the team’s focus on the start up activities and the lack of appropriate funds and resources.

Project - start date

31/10/2011

Project - end date

30/06/2015

Departmental narrative on schedule, including any deviation from planned schedule

 

2012/13 Budget (£million)

0.58

2012/13 Forecast (£million)

0.58

Total budgeted whole life costs (£million)
(including non-government costs)

0.58

Departmental narrative on budget/forecast variance for 2012/13
(if variance is more than 5%)

To date the G-Cloud Programme has made considerable progress despite limited resources. The challenge now is to fundamentally change government IT buying behaviours and key to this is reshaping the programme to focus on the commercial aspects of the cloudstore as a retail proposition, improving the user experience and engaging the buying community. A commercial business case is being drafted to release funds and headcount to reach the ambitious cultural and financial objectives.

Departmental narrative on budgeted whole life costs

No formal budget has been agreed for the G-Cloud Programme. Initial business case completed in 2011 suggested a budget of £4.93m.

(Also, here's more about the MPA report generally.)

Monday, 13 May 2013

Article 8 Right to respect for private and family life - UK cases in the European Court of Human Rights

Inforrm noted that the House of Commons Library had published  UK Cases at the European Court of Human Rights since 1975, with links to post-September 1997 judgments, and that a Twitter request by Adam Wagner (UK Human Rights Blog) for a breakdown by category resulted in the production of a Word document from University of Law’s Trevor Jackson and an Excel spreadsheet from David Charlton.

Below I've extracted the Article 8 (privacy-related) cases from Trevor Jackson's Word document (up to 30 April 2013, but cases seem to be covered only to 13 Nov 2012):

 

21 February 1975 Golder Interference with prisoner’s correspondence, Breach of Articles 6.1 and 8

25 April 1978 Tyrer Inhuman and degrading treatment. Judicial corporal punishment. Breach of Article 3. No breach of Article 8 (corporal punishment, destructive of family well-being), Article 13 (no effective remedies), Article 14 (financial and social discrimination)

22 October 1981 Dudgeon Right to respect for private life (existence in criminal law of various offences capable of relating to male homosexual conduct in Northern Ireland). Breach of Article 8

25 March 1983 Silver Control of mail by prison authorities. Right to respect for correspondence and freedom of expression: breach of Article 8. No effective domestic remedy: breach of Article 13. Denied access to the courts on account of refusal of two petitions for permission to seek legal advice: breach of Article 6.1

28 June 1984 Campbell and Fell Conduct of disciplinary proceedings; delay in obtaining legal advice (right of access to court, right to respect for correspondence); refusal of independent medical examination. Breach of Articles 6, 8 and 13. No breach of Article 6

2 August 1984 Malone Interception of telephone conversation and correspondence, telephone calls being ‘metered’ by device recording numbers dialled: Breach of Article 8

28 May 1985 Abdulaziz, Cabales and Balkandali Immigration: discrimination on grounds of sex: breach of Articles 13 and 14 in one respect only. No breach of Articles 3 or 8

17 October 1986 Rees Rights of transsexual: changing sex on birth certificate. No breach of Article 8 or 12

1986 Gillow Interference in right to respect for home in Guernsey: breach of Article 8, regarding application of Housing Control (Extension and Amendment) (Guernsey) Law 1957 by the Housing Authority: no breach of Article 6 or 14

8 July 1987 O Inability to challenge decisions on access rights to children: Breach of Article 6.1. No breach of Article 8

8 July 1987 H,W,B,R Child care decisions (absence of remedy to challenge decisions, denial of hearing within reasonable time): breach of Articles 6.1 and 8

27 April 1988 Boyle and Rice Right to respect for family and private life, home and correspondence. Right to receive visits in prison; right to send

more than one free letter a week; right to have access to telephone and censorship of prison mail: breach of Article 8

30 March 1989 Chappell Terms, content and manner of service of the Anton Pillar Order: no breach of Article 8

7 July 1989 Gaskin Refusal of access to applicants’ child care records; right to respect for private and family life: breach of Article 8. Right to

receive information: no breach of Article 10

30 August 1990 McCallum Various complaints concerning the conditions, correspondence and circumstances of Scottish prisoner’s imprisonment: breach of Article 8

1990 Cossey Birth certificate for transsexual. Under English law applicant cannot claim full recognition of changed status and cannot enter into a valid marriage with a man: no breach of Articles 8 and 12

25 March 1992 Campbell Interference by prison authorities with prisoner’s correspondence: breach of Article 8

25 March 1993 Costello Roberts Corporal punishment: no breach of Article 3. Right to respect for private and family life (as a result of corporal punishment): no breach of Article 8. No effective domestic remedies for the complaints: no breach of Article 13

28 June 1993 Lamguindaz Party Deportation (Article 8 and 14): friendly settlement Details of Case

28 February 1994 Boyle Refusal by local authority to allow access to nephew in care and absence of any possibility before entry into force of the Children Act 1989 of applying to courts for access; right to respect for family life (Article 8): friendly settlement

1994 Fayed State investigation into affairs of private company. Inspectors’ report determined civil right to honour and reputation. Denied effective access to a court in determination of this civil right: no breach of Article 6.1. Not necessary to examine: denied effective domestic remedies to challenge findings of Inspectors (Article 13); presumption of innocence (Article 6.2); unjustifiable interference with honour and reputation, right to respect for private life (Article 8); peaceful enjoyment of possessions (Article 1, Protocol No. 1)

28 October 1994 Murray Arrest and detention of six people in Northern Ireland. Right to respect for private and family life and home: no breach of Article 8. No effective remedy: no breach of Article 13. Arrest and questioning of first applicant and detention of five other applicants: no breach of Article 5.1, 5.2, 5.5

24 February 1995 McMichael Parental rights and right of access to custody documents: breach of Article 8. Re. Mrs McMichael, breach of Article 6.1 and 8. Re. Mr McMichael: no legal right to obtain custody of son or participate in the custody or adoption proceedings: no breach of Article 6.1 or 14

26 September 1996 June Buckley Right to live with family in caravans on own land and follow traditional gypsy lifestyle: no breach of Article 8

22 October 1996 Stubbings and Others Denied access to court regarding compensation claims for psychological injury caused by childhood sexual abuse due to operation of Limitation Act 1980: no breach of Article 6. State’s failure to protect right to respect for private life because no civil remedy for childhood abuse: no breach of Articles 8 or 14

19 February 1997 Laskey, Jaggard and Brown Prosecution and conviction of sado-masochists; interference with right to respect for private life: no breach of Article 8

22 April 1997 X,Y and Z Recognition of trans-sexual father of child; right to respect for family and private life because of lack of recognition of first applicant’s role as father to third applicant; resulting situation in which they were placed was discriminatory. Breach of Article 8

25 June 1997 Halford Right to respect for private life and freedom of expression (telephone tapping): breach of Article 8. No effective domestic remedy in relation to the interceptions: breach of Article 13. Sex discrimination: not necessary to examine Article14

9 June 1998 L.C.B Failure to be warned of effects of exposure to radiation (Articles 2 and 3). Subjection to harassment and surveillance (Article 8). Court has no jurisdiction to consider alleged breaches of Articles 2, 3, 8 and 13

10 July 1998 Tinnelly & Sons Ltd and Others and McElduff and Others Denied access to an independent and impartial tribunal; interference with right to respect for private and family life. No jurisdiction to consider breaches of Articles 8, 13 and 14. Victims of discrimination on religious grounds: breach of Article 6.1

30 July 1998 Sheffield and Horsham Failure of State to recognise post-operative transsexuals: no breach of Articles 8, 12 or 14

28 October 1998 Osman Police Immunity, failure to protect lives and prevent harassment of family. No access to court or effective remedy: breach of Article 6.1. No breach of Articles 2 and 8

27 September 1999 Lustig-Prean and Beckett Dismissal of homosexuals from armed forces following investigation into private life: breach of Article 8

27 September 1999 Smith and Grady Dismissal of homosexuals from armed forces following investigation into private life: breach of Article 8; degrading treatment: no breach of Article 3; availability of effective remedy: breach of Article 13

30 March 2000 J.T Respect for private life of involuntary psychiatric detainee: struck off list [friendly settlement] [application under Article 8]

12 May 2000 Khan Absence of legal basis for interception of conversation by listening device on private property: breach of Article 8. Use in criminal proceedings of evidence obtained in breach of Article 8: no breach of Article 6.1. Absence of effective remedy in respect of complaint about interception of conversation: breach of Article 13

20 June 2000 Foxley Redirection of bankrupt’s mail to the trustee in bankruptcy: breach of Article 8

31 July 2000 A.D.T Conviction for gross indecency between men: breach of Article 8

19 September 2000 Glaser Enforcement in Scotland of contact order of English court granting father access to children: no breach of Article 8. Length and fairness of civil proceedings: no breach of Article 6.1. Alleged failure of courts to respect parent’s freedom of religion in child access proceedings: no breach of Article 9

21 December 2000 Varey Refusal of planning permission for gypsies for residential caravan on land owned by them (Arts. 8 and 14): struck off list (friendly settlement)

18 January 2001 Beard Refusal of planning permission for gypsies for residential caravan on land owned by them (Article 8) and alleged discrimination (Article 14): no breach

6 February 2001 Bensaid Inhuman treatment; threatened expulsion of schizophrenic to Algeria: no breach of Articles 3, 8 or 13

27 March 2001 Sutherland Difference in age of consent for homosexual and heterosexual relations (Article 14+8): struck off list

10 May 2001 T.P. and K.M. Failure of social services to involve a parent in decisions on care of child following removal of child due to suspected sexual abuse: breach of Article 8. Access to court (striking out of claims against local authority on ground that no duty of care in exercising statutory powers in relation to child care): no breach of Article 6.1. Lack of effective remedy: breach of Article 13

25 September 2001 P.G and J.H. Absence of legal basis for installing covert listening device in private property; absence of legal basis for covert recording of voice samples at police station: breach of Article 8. Acquisition by police of information on use of private telephone: no breach of Article 8. Non-disclosure of material by prosecution on grounds of public interest immunity: no breach of Article 6.1. Use in criminal proceedings of evidence obtained in breach of Article 8: no breach of Article 6.1. Absence of effective remedy regarding complaints about use of covert listening devices: breach of Article 13

2 October 2001 Hatton and Others Interference with right to respect for private and family lives and the home (from aircraft noise, causing sleep disturbance): breach of Articles 8 and 13

29 April 2002 Pretty Refusal to give advance undertaking not to prosecute husband for assisting wife to commit suicide: no breach of Articles 2, 3, 8 and 9. Alleged discrimination against those physically incapable of committing suicide: no breach of Article 14

4 June 2002 William Faulkner Interference with prisoner’s correspondence: breach of Article 8

11 July 2002 I. Lack of legal recognition of transsexual: breach of Article 8. Impossibility for transsexual to marry: breach of Article 12

11 July 2002 Christine Goodwin Lack of legal recognition of transsexual: breach of Article 8. Impossibility for transsexual to marry: breach of Article 12. Effective remedy: no breach of Article 13

16 July 2002 P., C. and S. Absence of legal representation in proceedings concerning child care: breach of Article 6.1. Taking of child into care at birth on emergency basis: breach of Article 8. Procedures concerning care and freeing for adoption orders: breach of Article 8

16 July 2002 Armstrong Absence of legal basis for covert audio surveillance by the police: breach of Article 8. Absence of effective remedy: breach of Article 13

24 September 2002 M.G. Refusal of access to records of time spent as child in public care: breach of Article 8

10 October 2002 D.P. & J.C. Alleged failure of social services to protect children from sexual abuse: no breach of Article 3 + 8. Access to court (striking out claims against local authority on ground that no duty of care in exercising statutory powers in relation to child care) : no breach of Article 6.1. Lack of effective remedy: breach of Article 13

22 October 2002 Perkins and R Dismissal of homosexuals from armed forces following investigation into private life: breach of Article 8

22 October 2002 Taylor-Sabori Absence of legal basis for interception by police of pager messages sent via private communications system: breach of Article 8. Lack of effective remedy: breach of Article 13

22 October 2002 Beck, Copp and Bazeley Dismissal of homosexuals from armed forces following investigation into private life: breach of Article 8. Degrading treatment: no breach of Article 3. Availability of effective remedy: breach of Article 13

5 November 2002 Allan Absence of legal basis for covert recording of remand prisoner at police station: breach of Article 8. Use in criminal proceedings of evidence obtained by police informer put in suspect’s cell: breach of Article 6.1. Absence of effective remedy: breach of Article 13

28 January 2003 Peck Disclosure to public of CCTV images recorded in a public place: breach of Article 8. Lack of effective remedy: breach of Article 13

27 May 2003 Hewitson Absence of legal basis for installation of listening device on private property: breach of Article 8

12 June 2003 Chalkley Absence of legal basis for interception of conversation by means of listening device on private property: Breach of Article 8. Absence of effective remedy: breach of Article 13

8 July 2003 Hatton and Others (referral case) Noise nuisance from night flights: no breach of Article 8. Scope of judicial review: breach of Article 13

17 July 2003 Perry Covert filming of suspect at police station for identification purposes: breach of Article 8

29 July 2003 Brown Dismissal of homosexual from the armed forces following investigation into private life; availability of effective remedy; alleged discrimination: struck off list (friendly settlement)

25 November 2003 Lewis Absence of legal basis for installation of listening device on private property: breach of Article 8. Lack of effective remedy: breach of Article 13

10 February 2004 B.B Different treatment of homosexuals and heterosexuals over age of consent: breach of Article 14 + 8

19 February 2004 Martin Covert surveillance of private home by local council: struck off list (friendly settlement)

9 March 2004 Glass Interference by NHS Trust with right to respect for private life (UK law and practice failed to guarantee physical and moral integrity): breach of Article 8

16 November 2004 Wood Interception of covert recordings by police while being held in custody: breach of Article 8; Absence of effective remedy in respect of complaint about interception of conversation: breach of Article 13

19 October 2005 Roche Denied adequate access to a court as a result of the certificate issued by the Secretary of State under section 10 of the Crown Proceedings Act 1947: no breach of Article 6.1; denied access to a “possession” (a claim in negligence against the MoD) until deprived of it, in an unjustified manner, when the Secretary of State issued the section 10 certificate: no breach of Article 1 of Protocol No. 1; Section 10 of the 1947 Act was discriminatory: no breach of Article 14 in conjunction with Article 6 and Article 1 of Protocol No.1; lack of effective remedy: no breach of Article 13 in conjunction with Article 6 and Article 1 of Protocol No. 1; failure to provide information regarding tests in Portadown to allay fears linked to private and family life: breach of Article 8; right to receive information: no breach of Article 10

23 May 2006 Grant Rights of transsexual: lack of legal recognition of her change of gender and the refusal of the Department of Social Security (DSS) to pay her a retirement pension at the age of 60: breach of Article 8; refusal to pay State Pension at 60: no breach of Article 1 of Protocol No.1

20 June 2006 Elahi Absence of legal basis for a covert listening device on private property to obtain material which was subsequently relied on by the prosecution: breach of Article 8

18 July 2006 Keegan Failure by police to take reasonable and available precautions “necessary in a democratic society”: breach of Article 8; lack of effective remedy: breach of Article 13

26 September 2006 Wainwright Strip and intimate body searches when seeking to visit a relative in prison was highly distressing and constituted degrading treatment: no breach of Article 3. Breach of Article 8; unavailability effective remedy: breach of Article 13

3 April 2007 Copland Monitoring activity amounting to an interference with the right to respect for private life and correspondence: breach of Article 8

4 December 2007 Dickson Refusal of access to artificial insemination facilities: breach of Article 8

13 May 2008 McCann Lack of adequate procedural safeguards: breach of Article 8

1 July 2008 Liberty and Others The examination, use and storage of intercepted communications constituted an interference: breach of Article 8

30 September 2008 R.K and A.K. Care order constituted an interference with the right to respect for family life: no breach of Article 8; redress was not available at the relevant time: breach of Article 13

4 December 2008 S. and Marper Retention of fingerprints, cellular samples and DNA profiles interfered with the right to respect for private life: breach of Article 8

2 June 2009 Szuluk Monitoring of medical correspondence whilst in prison breached right to respect for correspondence and private life: breach of Article 8

24 November 2009 Omojudi Deportation to Nigeria violated right to respect for family and private life: breach of Article 8

12 January 2010 Gillan and Quinton The powers of stop and search constituted interferences with their right to respect for private life: breach of Article 8

12 January 2010 Khan A.W. Deportation to Pakistan violated right to respect for family and private life: breach of Article 8

16 March 2010 A.D. and O.D. Decision to take the second applicant into local authority care violated their rights: breach of Article 8; absence of effective remedy: breach of Article 13 in conjunction with Article 8 in relation to first applicant; absence of effective remedy: no breach of Article 13 in relation to second applicant

23 March 2010 M.A.K. and R.K. Separation during the ten days that the second applicant was in hospital violated their right to respect for their private and family life: breach of Article 8 in relation to first and second applicant; withdrawal of legal aid deprived second applicant of a effective remedy within the national legal system for the complaint under Article 8: breach of Article 13 in relation to first applicant

18 May 2010 Kennedy Denied effective remedy; alleged interception of applicant’s communications: no breach of Articles 8, 6.1 or 1

21 September 2010 Kay and Others Leases of housing units provided to applicants by charitable housing trust under special scheme terminated by Lambeth B.C. Applicants complained of possession proceedings brought against them and inability to challenge possession orders: breach of Article 8

10 May 2011 Mosley Absence of legal duty on media to notify in advance the subjects of intended publications: no breach of Article 8.

31 May 2011 R. and H. Freeing order a disproportionate interference with the parents’ rights; procedurally improper for a freeing order to be made in advance of an adoption order: no breach of Article 8 and no separate issue arising under Article 6.

19 July 2011 Goggins Collection and retention of DNA and fingerprints despite acquittal or abandoned criminal proceedings: UK Government admitted breach of Article 8.

20 September 2011 A.A. Removal to Nigeria following conviction and release on licence: breach of Article 8 in the event of deportation.

27 September 2011 Bah Local authority refusal to prioritise social housing request of Sierra Leonean national: no breach of Article 14 taken in conjunction with Article 8.

20 December 2011 A. H. Khan Deportation to Pakistan following history of offending: no breach of Article 8.

[Added by KH 16 June 2013] 7 February 2012 Axel Springer AG v Germany When right to reputation under Article 8 is engaged, balancing Articles 8 and 10, and when ECHR substitutes its views for domestic courts'. Inforrm write-up

14 February 2012 Hardy and Maile Failure to assess marine pollution risk from operation of liquefied natural gas terminals and to disseminate relevant information: no breach of Article 8.

13 March 2012 Y.C. Failure to order assessment of claimant as sole carer for son and to have regard to all relevant considerations when making placement order: no breach of Article 8.

10 April 2012 Balogun Deportation to Nigeria following serious drugs-related convictions: no breach of Article 8.

17 July 2012 Munjaz Applicant’s placement in seclusion at Ashworth Special Hospital: no breach of Article 5; no breach of Article 8.

18 September 2012 Buckland Upholding of possession order despite applicant’s inability to challenge decision: breach of Article 8.

[Added by KH 16 June 2013] 9 Oct 2012 Alkaya v Turkey (French only) - disclosure of the home address of a Turkish actress in a newspaper article was a breach of Article 8. Inforrm write-up.

6 November 2012 Hode and Abdi Inability of immigrants with limited leave to remain as refugees to be joined by post-flight spouses: breach of Article 14 in conjunction with Article 8.

13 November 2012 M.M. Retention of caution on criminal record for life: breach of Article 8. [Request for referral to Grand Chamber pending.]

13 November 2012 Van Colle Fatal shooting of a prosecution witness by accused in theft proceedings: no breach of Articles 2 or 8. [Request for referral to Grand Chamber pending.]

[Added by KH 16 June 2013] Ageyvey v Russia ([2013] ECHR 346) breaches of Article 8. Allegations of child abuse by parents of an adopted child.  In particular, failure adequately to investigate the unauthorised disclosure of confidential information, and failure to protect the right to reputation of a parent suspected of child abuse. Inforrm write-up.

Wednesday, 8 May 2013

Google Apps - model clauses for personal data export (& data processing amendment)… but what about Analytics?

Summary

Google have introduced optional opt-in model clauses for Google Apps for Business customers (along with a data processing amendment[1]), as heralded by Google in summer 2012. However, it seems that they didn't announce the clauses' availability publicly or directly to Google Apps customers, according to an enterprise Apps customer that I chatted with recently - they just quietly updated their original blog entry, I'm not sure exactly when. So, I'm writing this to publicise the position.

The model clauses option was probably introduced in December 2012, at least according to the lastModified properties of the relevant webpages which I checked using Javascript (I have a bookmarklet for that!). Some other providers already offer the model clauses option, eg Microsoft introduced it for Office 365 in 2011, and Google decided last year that it was sensible to offer them too, to widen the 'palette of EU regulatory compliance options', as Google put it.

What are model clauses?

By way of background, using 'model clauses' as prescribed by the European Commission is one method that a data controller can use to allow it to transfer 'personal data' outside the European Economic Area, eg to store such data in non-EU data centres used by its cloud provider (more on my Venn diagram showing the differences between 'EU', 'EEA' and 'Europe').

How can Google Apps customers be 'data controllers' who process 'personal data' using their Apps accounts? Because stored Gmail email contacts and email addresses, and the bodies of emails, Google Drive spreadsheets and documents etc, might well contain personal data. Also, where the Apps customer is an organisation, the end users of Google Apps will be individuals within the customer's organisation (eg employees or students), or customers of the Apps customer, so the use of Apps by the organisation may involve processing those end users' personal data, too.

If an Apps customer (or its employees etc) uses Apps to store or process any personal data for other than purely personal purposes, then the Apps customer is likely to be a 'controller', and must by law keep that personal data within the EEA (except in certain circumstances).

One of those circumstances is the use of model clauses. These model clauses must be incorporated 'as is' into the contract between the controller, eg Google Apps customer, and the cloud provider, eg Google. They basically put the cloud provider on the hook to its customer to comply with certain privacy and security requirements under EU data protection law.

Safe Harbor

You may well ask, how did Google assure their customers of data protection law compliance before Google provided the option of model clause? The answer is that Google are self-certified under the US Safe Harbor regime (search the Safe Harbor list).

However, many EU regulators are dubious about Safe Harbor, especially in Germany, and especially with cloud computing, even though legally this Safe Harbor arrangement is meant to, well, provide controllers with a safe harbor.

So it seems likely that well-advised EEA-based Google Apps users will adopt the new model clauses if they are data controllers (and, as I explained above, most of those using Google Apps for Business, even if it's for mixed business/personal purposes, will probably be considered to be controllers).

How to adopt Google Apps model clauses?

How can Google Apps customers who are based in the EEA adopt Google's model contract clauses? This involves taking 2 steps after logging in to the Google Apps Control Panel (Domain Settings > General tab), as Google explained:

  1. opt in to the data processing amendment, then
  2. opt in to the model clauses.

Note that these options are only available for non-free Google Apps services, ie Google Apps for Business customers.[2] (I don't know about Google Apps for Education, can anyone who uses that enlighten me as to whether model clauses are now available there?).

Google Analytics model clauses, please…?

Now, what I really really want is for Google to offer model clauses to EEA-based Google Analytics users. I use Google Analytics for my own personal site, and I'm not alone - even the UK data protection regulator, the ICO, uses Google Analytics.

Furthermore, because I use Google's Blogger for this blog, I have no choice - the 'Blogger Stats' feature, ie Google Analytics, is included automatically by Google, and I can't turn that off even if I wanted to. I'd like to think that Google would be therefore be treated as the 'first party' for cookie law purposes, and as the data controller (or at least joint or main data controller) of any personal data collected through Analytics through Blogger / Blogspot,[3] but, in case not, I'd like model clauses for Analytics please, dear Google! I suspect Google won't subject themselves to extra contractual commitments and greater potential legal exposure unless they feel they absolutely have to for legal or market-competitive reasons, but who knows what may transpire?

Notes

[1] Interestingly, this amendment has explicit provisions about Google following 'instructions' (which must be in the contract because of data protection laws, as data protection geeks will know), although some might argue about whether the stated scope of those instructions, while understandable for cloud computing, are sufficient if you apply the laws strictly (see paper on negotiated cloud contracts - issues often negotiated on cloud contracts include the 'instructions' requirement).

The amendment also outlines the scope of processing and, significantly, has detailed provisions relating to security, including information not in the Google Apps Security White Paper published in 2010 (another one, linked to from this page). But there's no information about physical data location, and no link to the information about data centre locations which Google since late 2012 now provide, along with other security and privacy information.

[2] I signed up a while back for Google Apps' free edition, aka Standard Edition, for this domain, most of which I host using Google App Engine PaaS - but the free Google Apps edition was withdrawn, in Dec 2012 (unless you sign up via Google App Engine, which would, at least in Dec 2012, still get you a free Apps account, albeit for one user only). Luckily, existing users of the Standard Edition can continue to use it for free, for now anyway. Also, UK controllers using Google Apps Standard Edition should hopefully nevertheless be able to rely on Safe Harbor, which technically is still legal, and the UK Information Commissioner hasn't officially said you can't.

[3] Whether web analytics data such as IP addresses are 'personal data' is the subject of much fierce, ongoing debate. But, if they are, model clauses would help Analytics users.

Monday, 6 May 2013

New group - Women in Privacy Network

I recently attended the launch of the Women in Privacy Network on 23 April 2013, thanks to the kind invitation of Geraldine Scali of Sidley Austin (where I used to work when I were a mere slip o' a finance and insolvency lawyer).

After an introduction by Nancy Corbett, Lucy McGrath, Chief Privacy Officer at NBCUniversal, gave an interesting and entertaining keynote speech - mainly about big data - with a spirited discussion and canapes and drinks then following.

This is an excellent initiative, and I think it's a sign of the privacy profession coming of age.

The next meeting will be Women in Privacy's first US event: on 26 June 2013, in Washington, DC. FTC Commissioner Julie Brill will be the keynote speaker. (To join future US events, email [email protected]).

The next European event will be in Brussels, during autumn 2013.

Friday, 3 May 2013

'Perfect' privacy, and philosophies for real life

There are five facts that you can't get away from, in real life. Kuan's Rules You have to Live with Whether You Like It or Not, or KRYLWYLIN,[1] if I may be so bold. These facts underpin all my views.

  1. TANSTAAFL, coined by legendary SF author Heinlein: there ain't no such thing as a free lunch. Selfless individuals do exist, but it's not often that you'll be able to get something for nothing. Because, ultimately, people need money to live on.[2]
  2. Life is a balancing act. Possibly related to rule no. 1. Often, one person's freedom or right comes at the expense of another freedom or right - whether of a different person, or indeed the same person. Normally, I don't 'side' with either extreme. I try to find the middle ground, the half-way house that works, even if that means no one's entirely happy with it. If people call me a fence-sitter as a result, that's fine. I have padding.
  3. Life often involves shades of grey (and not always in the sense of THAT book!). Related to rule no. 2. Many things in life sit on, or are even spread across, a spectrum. They're not clearcut. Like many other people, I wish there were sharp boundaries and clear demarcations between all sorts of things, if only to make life easier for myself as a lawyer who has to try to figure out where the line goes, or more comfortable for me as a Type A person who needs to know exactly where she stands.
    But usually, those nice clean lines don't exist; life just isn't that simple. Instead of binary, all or nothing dichotomies, it's an analogue spectrum, it's shades of grey…

    50shadesGreyPoster-wall
    (Image reproduced by kind permission of Firebox.com)
  4. Absolutes are pretty much impossible. There are exceptions to nearly everything. (Including this rule, hence 'pretty much' and 'nearly'!).
    This also means that (again related to rules no. 2 and 3) life is rarely 100% something or other. It involves relatives, probabilities, risks - eg an 80% risk of something, or 'more likely than not'.
  5. Life isn't fair. Much as we'd like it to be. Related to 2 and 3. Living involves continual compromises, and acceptance of some things that might not be fair to one person or another, but could perhaps be compensated for in another way. Still, I believe strongly that fairness is goal free societies strive for, and should strive for.

Now, I consider myself to be a privacy advocate. Privacy is important to me personally. I try not to post too much that's non-neutral on Twitter. I tend to hide or turn away when people take photos, and I always remove tagged photos of me on Facebook.[3] The only photos of me that I've voluntarily uploaded online are ones that don't actually look like me.

Nonetheless, my views and writings are tempered by KRYLWYLIN. I feel they must be.

Just as one of my heroes, Bruce Schneier, often says that in real life there's no such thing as absolute security, so too, I have to say: in real life, there's no such thing as perfect privacy.

As Schneier says: "There's no such thing as absolute security, and any gain in security always involves some sort of trade-off." If you want 100% security, that will have to come at the expense of something else.

Similarly, if you want to insist on perfect privacy, that too will, inevitably, come at the expense of something else. Often, that something else will be freedom of speech. Or transparency. Or even money.

You can't have both perfect privacy and full freedom of expression. The crucial but complex, continuing challenge for law, and indeed society as a whole, is how to bring about better balances, make more credible compromises, than the ones we have to live with now. And that, I do believe we can achieve - as long as laws are passed in a carefully considered way that's based on evidence and a proper understanding of technology and society, rather than knee-jerk panderings to perceptions that may in fact be false.

So if you disagree with what I say or write, just bear this in mind. I'm not a sado dataprotectionist, as Martin Hoskins puts it (so then perhaps we return to rule 3…). I'm a privacy pragmatist, who believes in doable data protection. I don't advocate privacy as an absolute end in itself, something that must be protected at all costs, at the expense of everything else.

I just want to try to find a better way: not a perfect one, but at least preferable in practice.[4] It's tough, because by nature I'm a perfectionist, but I've learned the hard way that better is better than nothing.

In future, I plan to post further thoughts on this blog about some specific problems that the proposed EU General Data Protection Regulation poses for privacy pragmatists, and some supposed (or real?) privacy 'dichotomies'.

Notes

[1] That's no worse on the eye than WYSIWYG, easier to pronounce than LLANFAIRPWLLGWYNGYLLGOGERYCHWYRNDROBWLLLLANTYSILIOGOGOGOCH, and probably better than KRYLWYLIN-NILLY.

[2] Unless of course you are completely self-sufficient, with your own farm. There are exceptions to nearly everything. See rule no. 4.

[3] Although, as with many other people, there's probably the odd indiscreet photo or video somewhere. If you do come across one, that's not me, honest guv.

[4] I saw a cartoon a while back showing placards sporting slogans along the lines of, "What would we quite like to have, if it's not too much trouble?" and "When do we want it? Whenever is convenient, if that's alright". But even I am not quite that wishy-washy.