Stemming from the previous post about Privacy Settings, the platform needs to conform to various guidelines and policies on Data Protection. The protection of personal data (and especially sensitive personal data) is in large mandated by the Data Protection Directive (Directive 95/46/EC), which was subsequently implemented in national legislation of the Member States. In the UK, it was incorporated into the Data Protection Act 1998 – with amendments pending to reflect the newly reformed Directive.
Under the DPA, any organisation, site or provider (data controller) who gathers user information needs to specify and inform the users on what data are being collected, how they are used, who has access to them and long these data are preserved.
Since this project aims to be in close relation to the University and its network, it is necessary to not only adhere to the DPA but also to more specific policies implemented by the University. Continue reading