On 4/6/2018 12:52 PM, Lee H Badman wrote: > Interesting- I couldn’t tell if rules were different between EU > residents vs visitors. I’m sure a lot of campus legal > departments/lawyers are busy right now trying to figure it all out. > I’ll be curious to see how operations for US colleges abroad are > specifically impacted from the network and IT perspectives. > > > > *Lee Badman*| Network Architect > > Certified Wireless Network Expert (#200) > Information Technology Services > 206 Machinery Hall > 120 Smith Drive > Syracuse, New York 13244 > > *t*315.443.3003 *f* 315.443.4325 *e* lhbad...@syr.edu > <mailto:lhbad...@syr.edu> *w* its.syr.edu > > *SYRACUSE UNIVERSITY* > syr.edu >
*Lee and All:* What follows is an observation, and a warning, for all involved with institutional matters relating to the GDPR. Privacy as a general matter, is a vastly mis-understood subject. And, the GDPR is going to fastly become a guidepost and standard in many parts of the world. The GDPR is already in the mix of laws among EU Member States; GDPR related law-enforcement begins on this May 25th. Many parties (including lawyers on both sides of the Atlantic) are befuddled by, and are unprepared for the GDPR, even to the foundational extent to be able to properly interpret the impact on institutions and respective users. With regard to ANY ONE specific institution in the US or Canada, a quick rush to a NYT bestseller on the GDPR -- I suspect, will be a deeply deficient move. I would submit to you that EACH INSTITUTION is likely to encounter use needs, and cases, which will have to be expertly evaluated (by competent legal counsel... you would be surprised as to how many are inexpert or plainly unaware....) before any set of policies or practices are decidedly put into place... In the US specifically, the community of practitioners who are associated with the International Association of Privacy Professionals (IAPP), could be a resource in this respect. I have just completed the assembly of a series of peer-reviewed articles for a Special Issue on Privacy [ https://link.springer.com/journal/12553/topicalCollection/AC_ff270572e9e891b9433b11a6eb9c14da/page/1 ], <https://link.springer.com/journal/12553/topicalCollection/AC_ff270572e9e891b9433b11a6eb9c14da/page/1> for the International Journal of Health and Technology *(WHO - Springer Nature)*. There are many valuable articles in the Special Issue that are publicly available (Open Access), and those that are not available, can easily be accessed through your academic institution's library. One of the many submissions, is from Giovanni Buttarelli *(EDPS)* [ https://link.springer.com/article/10.1007/s12553-017-0198-y ]. <https://link.springer.com/article/10.1007/s12553-017-0198-y> GDPR will definitely effect US institutions and those within them. It is important to NOT take this matter lightly, given our mis-adventures with "Privacy Shield", and other such matters. Cheers, Robert. -- ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.