+ Post New Thread
Page 5 of 7 FirstFirst 1234567 LastLast
Results 61 to 75 of 95
General Chat Thread, Article: Is DropBox ok to use? in General; I'll continue storing all my money in a big box outside my door. ..and the url for that is? Si...
  1. #61

    SimpleSi's Avatar
    Join Date
    Jun 2005
    Location
    Lancashire
    Posts
    5,829
    Thank Post
    1,476
    Thanked 595 Times in 446 Posts
    Rep Power
    170
    I'll continue storing all my money in a big box outside my door.
    ..and the url for that is?
    Si

  2. #62

    GrumbleDook's Avatar
    Join Date
    Jul 2005
    Location
    Gosport, Hampshire
    Posts
    10,074
    Thank Post
    1,384
    Thanked 1,889 Times in 1,170 Posts
    Blog Entries
    19
    Rep Power
    614
    After speaking with ICO, OFSTED and legal advice I have the following ... again paraphrased until I have agreement on text to stick up.

    As far as the ICO is concerned there is a risk about Safe Harbour and the Patriot Act, but to some extent this is negated because data can be seized / released anyway under section 35 of the DPA. The key thing is that you need to tie in any contract arranged within the EU with companies that might be affected by The Patriot Act with breach of contract should any data be released. It can then become a civil matter, but backed up by DPA should it not fall within section 35 exemptions. As far as OFSTED are concerned they do not deal directly with looking at DPA policies / procedures within Section 5 or Section 8 inspections, and it does not look as if this would change even should an Undertaking be signed between the school and the ICO. They would, however, be looking at other safeguarding aspects so should it be linked in with that (including loss of data about children in care) or should a concern be raised by the Local Safeguarding Children's Board then it would be looked at.

    I have asked OFSTED to confirm that they would not change any approach to inspection should an Undertaking have been signed, and in a manner I can share with schools.

    So ... it looks as if I will have to change some of my stance on this as it seems as if no matter what some bodies say in meetings or seminars, they are not willing to back it up with real authority. Oh well ... I am sure that this would go down well with the Daily Fail!

  3. Thanks to GrumbleDook from:

    CHR1S (17th October 2011)

  4. #63


    Join Date
    Jan 2006
    Posts
    8,202
    Thank Post
    442
    Thanked 1,033 Times in 813 Posts
    Rep Power
    341
    It seems that if any company that stores your private data goes bankrupt - they can just sell off your private data. Not specifically a cloud issue, just thinking about some of those flakey cashless catering systems....

    To perhaps to no one's surprise, Borders bookstore collected a ton of consumer information - such as personal data including records of particular book and video sales - during its normal course of business. Such personal information Borders promised never to share without consumer consent. But now that the company is being sold off as part of its bankruptcy filing, all privacy promises are off.

    Reuters wrote this week that Barnes & Noble, which paid almost $14 million for Borders intellectual assets including customer information at auction last week, said it should not have to comply with certain customer privacy standards recommended by a third-party ombudsman. In court papers, Barnes & Noble said that its own privacy standards are sufficient to protect the privacy of customers whose information it won during the auction.
    Layer 8: Privacy stink erupts over Borders bankruptcy deal

  5. #64

    GrumbleDook's Avatar
    Join Date
    Jul 2005
    Location
    Gosport, Hampshire
    Posts
    10,074
    Thank Post
    1,384
    Thanked 1,889 Times in 1,170 Posts
    Blog Entries
    19
    Rep Power
    614
    Well, I have a few more answers now and it covers a range of areas.


    1 - After some discussions with a Duty Inspector at OFSTED I had a partial response to the theoretical question about what affect having to sign an Undertaking with the ICO would have on an inspection. Unfortunately I am only allowed to paraphrase the response as no individual answer can be published at the risk of it seeming to be policy advice, which can only be gained from the relevant DfE page on Safeguarding Children and Safer Recruitment (which is a reference to the 2006 paper on this subject https://www.education.gov.uk/publica...FES-04217-2006 ). OFSTED do not, for Section 5 or Section 8 inspections, check compliance with the DPA as this is the job of the ICO. However, they will look at how well the governing body and the school leadership fulfils its responsibilities in relation to statutory requirements and/or statutory codes of practice or guidance, including the relevant Health & Safety legislation. They will also evaluate any non-compliance with relevant legislation, including DPA, on pupils' safety, care and well-being. Putting it bluntly, if this leads to Safeguarding to be found to be inadequate, then the 'overall effectiveness' judgment for the school is also likely to be judged inadequate. So ... an Undertaking is not just a slap on the risks but can risk OFSTED judging your school inadequate. I will be watching those schools who have recently had to sign Undertakings to see what happens at their next inspections.


    2 - The Patriot Act has been a bit of a concern for a few of us ... after all, there is nothing wrong with a bit of paranoia ... it is what we get paid for ... and just because you aren't paranoid it doesn't mean the world *isn't* out to get you! After a bit more delving with the ICO (again ... that paraphrasing thing) I got the following. The Patriot Act and The DPA do match quite well. We have our own equivalent section, section 35, and co-operation between Law Enforcement Agencies and Governments around the world will mean information is disclosed as required. In fact there was a darned good article which @rayfleming refers to in his blog How safe is my cloud data? And what which links to another good article from Jeff Bullwinkel. Whilst it is related to Australia it does also cover a number of similar concerns from the UK too.


    So ... to summarise. Breaches of DPA are bad, Undertakings are not just a slap on the wrist as they put you at risk of issues during OFSTED inspections, and The Patriot Act is a bit of a Red Herring that should not overshadow the other concerns around Data Protection. Official strategy and guidance is limited, open to interpretation (think 'rope to hang yourself' stuff) and no matter what anyone says you will find people taking on a lot of risk.


    The key messages ... If you want to take a risk then be aware of the possible implications, there is still a matter of the law, but make sure people are as informed as possible because ignorance is no excuse in the eyes of the Law.


    Thanks to everyone who has taken part in this discussion...
    Last edited by ZeroHour; 14th October 2011 at 02:32 PM.

  6. 2 Thanks to GrumbleDook:

    CHR1S (17th October 2011), jpaterson (11th January 2012)

  7. #65
    smithson83's Avatar
    Join Date
    Nov 2007
    Posts
    189
    Thank Post
    14
    Thanked 46 Times in 38 Posts
    Rep Power
    23
    Quote Originally Posted by localzuk View Post
    Kinda expensive... $299 a year for 3 users.
    There is a free option, you just have to look for it, click sign up, go down to the bottom. You get 5GB of storage. It has to be registered to an individuals email account, but as far as I'm aware there nothing stopping each teacher setting up a Free account for themselves.

    https://www.sugarsync.com/signup?startsub=5
    Last edited by smithson83; 14th October 2011 at 01:57 PM.

  8. #66

    Join Date
    Oct 2011
    Location
    Sydney
    Posts
    3
    Thank Post
    0
    Thanked 2 Times in 2 Posts
    Rep Power
    0
    i user it no issues.. works with proxy too !

  9. #67
    gshaw's Avatar
    Join Date
    Sep 2007
    Location
    Essex
    Posts
    2,726
    Thank Post
    176
    Thanked 229 Times in 211 Posts
    Rep Power
    69
    Only seen a few pages of this but what data are people looking to store on Dropbox? I'd never put anything with student names, reports, grades etc up there, too risky but resources and learning materials would be OK... although that relies on users understanding the restrictions which I guess could be as dangerous as allowing anything up there?

  10. #68
    zag
    zag is offline
    zag's Avatar
    Join Date
    Mar 2007
    Posts
    4,002
    Thank Post
    983
    Thanked 477 Times in 398 Posts
    Blog Entries
    12
    Rep Power
    98
    Yeh I can understand not using dropbox for Student details but I use it for everything else.

    I was hoping to do the same for students one day.

  11. #69
    gshaw's Avatar
    Join Date
    Sep 2007
    Location
    Essex
    Posts
    2,726
    Thank Post
    176
    Thanked 229 Times in 211 Posts
    Rep Power
    69
    Quote Originally Posted by zag View Post
    Yeh I can understand not using dropbox for Student details but I use it for everything else.

    I was hoping to do the same for students one day.
    BYOD will make this interesting... if a student brings their own laptop \ tablet and wants to use a personal Dropbox account then at that point the agreement isn't related to the school... only one step removed from the organisation provisioning the accounts but yet in theory completely different application of DPA (or maybe it's not, hence raising the point )

  12. #70

    GrumbleDook's Avatar
    Join Date
    Jul 2005
    Location
    Gosport, Hampshire
    Posts
    10,074
    Thank Post
    1,384
    Thanked 1,889 Times in 1,170 Posts
    Blog Entries
    19
    Rep Power
    614
    The original article was sparked off by a number of folks on twitter and at meetings I had been to talking about how DropBox could replace the USB Memory Stick as a way of storing and transferring files around *including* stuff that would have SIROs fuming!

    Sharing of files as stimulus for curriculum activities is one of several good examples of using dropbox, but staff using it for mark sheets, contact databases, etc ... *shudder*

    On the note of BYOD/BYOT/BYOC (I wish someone would make a definitive choice about which it is) this is linked to a serious of conversations about eSafety law in Education that some folk may have seen or been part of. The idea that if you instruct a child to use a tool or resource, even if it isn't the school's, can mean the school takes on the responsibility for what happens with it. This part of the discussion is around eSafety but I suppose it can readily be pointed to similar issues with data protection.

  13. #71

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,271
    Thank Post
    884
    Thanked 2,749 Times in 2,322 Posts
    Blog Entries
    11
    Rep Power
    785
    Quote Originally Posted by GrumbleDook View Post
    The idea that if you instruct a child to use a tool or resource, even if it isn't the school's, can mean the school takes on the responsibility for what happens with it.
    Off topic but this whole idea (above) is based on the same flawed premise that demands internet filters be 100% and that everything be fixable with technology. A view usually held and promoted by those least qualified to understand the technology and most aversed to people taking responcibility for themselves.

  14. #72

    GrumbleDook's Avatar
    Join Date
    Jul 2005
    Location
    Gosport, Hampshire
    Posts
    10,074
    Thank Post
    1,384
    Thanked 1,889 Times in 1,170 Posts
    Blog Entries
    19
    Rep Power
    614
    Quote Originally Posted by SYNACK View Post
    Off topic but this whole idea (above) is based on the same flawed premise that demands internet filters be 100% and that everything be fixable with technology. A view usually held and promoted by those least qualified to understand the technology and most aversed to people taking responcibility for themselves.
    The discussion being held is purely based on the Law involved, and it is quite extensive. It has been an eye-opener for me and whilst I still view some of the position unrealistic the points of law still have to be looked at and followed.

  15. #73

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,271
    Thank Post
    884
    Thanked 2,749 Times in 2,322 Posts
    Blog Entries
    11
    Rep Power
    785
    Quote Originally Posted by GrumbleDook View Post
    The discussion being held is purely based on the Law involved, and it is quite extensive. It has been an eye-opener for me and whilst I still view some of the position unrealistic the points of law still have to be looked at and followed.
    Ah, yes, some laws do have tend to have that issue, my above point stands just pointed at the lawmakers which seems to be where the blame lies.

  16. #74

    GrumbleDook's Avatar
    Join Date
    Jul 2005
    Location
    Gosport, Hampshire
    Posts
    10,074
    Thank Post
    1,384
    Thanked 1,889 Times in 1,170 Posts
    Blog Entries
    19
    Rep Power
    614
    Quote Originally Posted by SYNACK View Post
    Ah, yes, some laws do have tend to have that issue, my above point stands just pointed at the lawmakers which seems to be where the blame lies.
    The focus on the discussions tends to be around identifying what the Law is, how it is checked for ALARP, where the responsibility lies and what the impact is of breaking the Law or following the Law.

    Dr Bandey is looking to do some stuff at BETT around it (supported by our friends at SmoothWall) so that will be interesting for folk to follow.

  17. #75

    Join Date
    Jun 2009
    Posts
    11
    Thank Post
    9
    Thanked 3 Times in 2 Posts
    Rep Power
    12
    So I guess this helps matters along a lot with Dropbox? The Dropbox Blog » Blog Archive » US-EU Safe Harbor Certification now safe harbor compliant.

  18. 2 Thanks to danielstucke:

    CHR1S (29th February 2012), CyberNerd (16th February 2012)



SHARE:
+ Post New Thread
Page 5 of 7 FirstFirst 1234567 LastLast

Similar Threads

  1. Primary: Is Eprofile 3.2 latest version to use?
    By SimpleSi in forum Educational Software
    Replies: 0
    Last Post: 9th September 2011, 09:49 AM
  2. Is Microsoft beginning to 'lose it'.
    By Dos_Box in forum General Chat
    Replies: 17
    Last Post: 5th February 2008, 11:31 AM
  3. Which Backup Hardware to use
    By Brad in forum Hardware
    Replies: 19
    Last Post: 28th March 2006, 11:16 PM
  4. Five reasons NOT to use Linux. :)
    By Geoff in forum *nix
    Replies: 2
    Last Post: 31st August 2005, 08:38 AM
  5. Parental Consent to use the internet at school
    By mark in forum School ICT Policies
    Replies: 20
    Last Post: 24th June 2005, 12:18 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •