On 4/6/2018 12:52 PM, Lee H Badman wrote:

> Interesting- I couldn’t tell if rules were different between EU
> residents vs visitors. I’m sure a lot of campus legal
> departments/lawyers are busy right now trying to figure it all out.
> I’ll be curious to see how operations for US colleges abroad are
> specifically impacted from the network and IT perspectives.
> *Lee Badman*| Network Architect
> Certified Wireless Network Expert (#200)
> Information Technology Services
> 206 Machinery Hall
> 120 Smith Drive
> Syracuse, New York 13244
> *t*315.443.3003  *f* 315.443.4325   *e* lhbad...@syr.edu
> <mailto:lhbad...@syr.edu> *w* its.syr.edu
> syr.edu

*Lee and All:*

What follows is an observation, and a warning, for all involved with
institutional matters relating to the GDPR.

Privacy as a general matter, is a vastly mis-understood subject.  And,
the GDPR is going to fastly become a guidepost and standard in many
parts of the world.   The GDPR is already in the mix of laws among EU
Member States;  GDPR related law-enforcement begins on this May 25th.  
Many parties (including lawyers on both sides of the Atlantic) are
befuddled by, and are unprepared for the GDPR, even to the foundational
extent to be able to properly interpret the impact on institutions and
respective users.

With regard to ANY ONE specific institution in the US or Canada, a quick
rush to a NYT bestseller on the GDPR -- I suspect, will be a deeply
deficient move.  I would submit to you that EACH INSTITUTION is likely
to encounter use needs, and cases, which will have to be expertly
evaluated (by competent legal counsel... you would be surprised as to
how many are inexpert or plainly unaware....) before any set of policies
or practices are decidedly put into place...    In the US specifically,
the community of practitioners who are associated with the International
Association of Privacy Professionals (IAPP), could be a resource in this

I have just completed the assembly of a series of peer-reviewed articles
for a Special Issue on Privacy [
for the International Journal of Health and Technology *(WHO - Springer
Nature)*.   There are many valuable articles in the Special Issue that
are publicly available (Open Access), and those that are not available,
can easily be accessed through your academic institution's library.  One
of the many submissions, is from Giovanni Buttarelli *(EDPS)* [
https://link.springer.com/article/10.1007/s12553-017-0198-y ].

GDPR will definitely effect US institutions and those within them.  It
is important to NOT take this matter lightly, given our mis-adventures
with "Privacy Shield", and other such matters. 


Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/discuss.

Reply via email to