Page 3 of 196

More on the mechanics of GDPR

Note: I’m writing this post on my personal blog as I’m still learning about GDPR. This is me thinking out loud, rather than making official Moodle pronouncements.


‘Enjoyment’ and ‘compliance-focused courses’ are rarely uttered in the same breath. I have, however, enjoyed my second week of learning from Futurelearn’s course on Understanding the General Data Protection Regulation. This post summarises some of my learning and builds upon my previous post.

This week, the focus was on the rights of data subjects, and started with a discussion about the ‘modalities’ by which communication between the data controller and processor, and the data subject take place:

By modalities, we mean different mechanisms that are used to facilitate the exercise of data subjects’ rights under the GDPR, such as those relating to different forms of information provision (in writing, spoken, electronically) and other actions to be taken when data subjects invoke their rights.

Although the videos could be improved (I just use the transcripts) the mix of real-world examples, quizzes, and reflection is great and suits the way I learn best.

I discovered that the GDPR not only makes provision for what should be communicated by data controllers but how this should be done:

In the first place, measures must be taken by data controllers to provide any information or any communication relating to the processing to these individuals in a concise, transparent, intelligible and easily accessible form, using the language that is clear and plain. For instance, it should be done when personal data are collected from data subjects or when the latter exercise their rights, such as the right of access. This requirement of transparent information and communication is especially important when children are data subjects.

Moreover, unless the data subject is somehow attempting to abuse the GDPR’s provisions, the data controller must provide the requested information free of charge.

The number of times my surname is spelled incorrectly (often ‘Bellshaw’) or companies have other details incorrect, is astounding. It’s good to know, therefore, that the GDPR focuses on rectification of individuals’ personal data:

In addition, the GDPR contains another essential right that cannot be disregarded. This is the right to rectification. If controllers store personal data of individuals, the latter are further entitled to the right to rectify, without any undue delay, inaccurate information concerning them. Considering the purpose of the processing, any data subject has the right to have his or her personal data completed such as, for instance, by providing a supplementary statement.

So far, I’ve focused on me as a user of technologies — and, indeed, the course uses Google’s services as an example. However, as lead for Project MoodleNet, the reason I’m doing this course is as the representative of Moodle, an organisation that would be both data controller and processor.

There are specific things that must be built into any system that collects personal data:

At the time of the first communication with data subjects, the existence of the right to object– as addressed earlier– must be indicated to data subjects in a clear manner and separately from other information. This right can be exercised by data subjects when we deal with the use of information society services by automated means using technical specifications. Importantly, the right to object also exists when individuals’ personal data are processed for scientific or historical research or statistical purposes. This is, however, not the case if the processing is carried out for reasons of public interest.

Project MoodleNet will be a valuable service, but not from a scientific, historical, or statistical point of view. Nor will the data processing be carrierd out for reasons of public interest. As such, the ‘right to object’ should be set out clearly when users sign up for the service.

In addition, users need to be able to move their data out of the service and erase what was previously there:

The right to erasure is sometimes known as the right to be forgotten, though this denomination is not entirely correct. Data subjects have the right to obtain from data controllers the erasure of personal data concerning them without undue delay.

I’m not entirely clear what ‘undue delay’ means in practice, but when building systems, we should build it with these things in mind. Being able to add, modify, and delete information is a key part of a social network. I wonder what happens when blockchain is involved, given it’s immutable?

The thing that concerns most organisations when it comes to GDPR is Article 79, which states that data subjects have legal recourse if they’re not happy with the response they receive:

Furthermore, we should mention the right to an effective judicial remedy against a controller or processor laid down in Article 79. It allows data subjects to initiate proceedings against data controllers or processors before a court of the Member State of the establishment of controllers or processors or in the Member State where they have their habitual residence unless controllers or processors are public authorities of the Member States and exercise their public powers. Thus, data subjects can directly complain before a judicial institution against controllers and processors, such as Google or others.

I’m particularly interested in what effect data subjects having the right “not to be subjected to automated individual decision-making” will have. I can’t help but think that (as Google has already started to do through granular opt-in questions) organisations will find ways to make users feel like it’s in their best interests. They already do that with ‘personalised advertising’.

There’s a certain amount of automation that can be useful, the standard example being Amazon’s recommendations system. However, I think the GDPR focuses more on things like decisions about whether or not to give you insurance based on your social media profile:

There are three additional rights of data subjects laid down in the General Data Protection Regulation, and we will cover them here. These rights are – the right not to be subjected to automated individual decision-making, the right to be represented by organisations and others, and the right to compensation. Given that we live in a technologically advanced society, many decisions can be taken by the systems in an automatic manner. The GDPR grants to all of us a right not to be subjected to a decision that is based only on an automated processing, which includes profiling. This decision must significantly affect an individual, for example, by creating certain legal effects.

Thankfully, when it comes to challenging organisations on the provisions of the GDPR, data subjects can delegate their representation to a non-profit organisation. This is a sensible step, and prevents lawyers become rich from GDPR challenges. Otherwise, I can imagine data sovereignty becoming the next personal injury industry.

If an individual feels that he or she can better give away his or her representation to somebody else, this individual has the right to contact a not-for-profit association– such as European Digital Rights – in order to be represented by it in filing complaints, exercising some of his or her rights, and receiving compensation. This might be useful if an action is to be taken against such a tech giant as Google or any other person or entity. Finally, persons who have suffered material or non-material damage as a result of an infringement of the GDPR have the right to receive compensation from the controller or processor in question.

Finally, and given that the GDPR applies not only across European countries, but to any organisation that processes EU citizen data, the following is interesting:

The European Union and its Member States cannot simply impose restrictions addressed in Article 23 GDPR when they wish to. These restrictions must respect the essence of the fundamental rights and freedoms and be in line with the requirements of the EU Charter of Fundamental Rights and the European Convention for the Protection of Human Rights and Fundamental Freedoms. In addition, they are required to constitute necessary and proportionate measures in a democratic society meaning that there must be a pressing social need to adopt these legal instruments and that they must be proportionate to the pursued legitimate aim. Also, they must be aiming to safeguard certain important interests. So, laws adopted by the EU of its Members States that seek to restrict the scope of data subjects’ rights are required to be necessary and proportionate and must protect various interests discussed below.

I learned a lot this week which will stand me in good stead as we design Project MoodleNet. I’m looking forward to putting all this into practice!


Image by Erol Ahmed available under a CC0 license

Weeknote 04/2018

This week I’ve been:

  • Sending out Issue #288 of my Thought Shrapnel newsletter. This one was called ‘Socially and emotionally unavailable’ and featured curated links from the Thought Shrapnel blog (where you can also sign up if you don’t yet subscribe!)
  • Making a snowman with my seven year-old daughter on the field near our house. It’s never really snowed enough in her lifetime to do so before!
  • Celebrating my son’s eleventh birthday. Time. Flies.
  • Continuing work on Project MoodleNet. This week, whiteboarding and system architecture (not quite ready to show the world yet), meetings, planning for a trip to Moodle HQ in Perth, Australia next month, starting a GDPR course, catching up with Learn Moodle Basics 3.4, and finishing off a series of posts on the project blog.
  • Recording, editing and releasing Episode 95 of the Today In Digital Education (TIDE) podcast with my co-host Dai Barnes. We entitled this episode ‘New Year, same old TIDE’ and discussed what we’ve been up to since the end of last year, family life, book recommendations, using smartphones wisely, GDPR, and more!
  • Renegotiating our mortgage and deciding on which car to go with next, as our current lease expires in March. After a 24-hour test drive of a Toyota C-HR, which is a very cool car, we’ve decided to go with the 2018 version of our current Toyota Auris Touring Sports, as it’s extremely practical for the kind of life my family leads.
  • Curating and scheduling Issue #25 of Badge News, a regular newsletter for the Open Badges community. It’s going to be hitting inboxes on the last Friday of the month from now on.
  • Looking after my family, who all managed to lose their voice due to some kind of cold this week.
  • Participating in the first Mozilla Open Leadership Map community call, led by Chad Sansing. It’s promising work, and I showed up to say hello to former colleagues and connect the work with other initiatives (both previous Mozilla ones and elsewhere).
  • Attending the Bett Show on Friday with Bryan Mathers, whose family also gave me a place to stay on Thursday night. It was good to see, amongst others, Sophie Bessemer, Graham Brown-Martin, Dawn Hallybone, Gavin Henrick, Paul Hutson, Tony Parkin, and Oliver Quinlan there.
  • Writing:

Next week I’m at home, working with Moodle from Monday to Thursday, and then planning with Bryan Mathers for upcoming work we’re doing on behalf of We Are Open Co-op with the Inter-American Development Bank in Washington D.C. next month.

Social networking and GDPR

Note: I’m writing this post on my personal blog as I’m still learning about GDPR. This is me thinking out loud, rather than making official Moodle pronouncements.


I have to admit to EU directive fatigue when it comes to technology (remember the ‘cookie law‘?) so when I heard about the General Data Protect Regulation (GDPR), I didn’t give it the attention it deserved.

The GDPR is actually pretty awesome, and exactly the kind of thing we need in this technologically-mediated world. It has wide-ranging impact, even beyond Europe. In fact, it’s likely to set the standard for the processing of user information, privacy, and security from May 2018 onwards.

So, on the advice of Gavin Henrick, I’m in the midst of Futurelearn’s course on Understanding the General Data Protection Regulation. The content is great but, unlike Mary Cooch‘s excellent videos for the Learn Moodle Basics 3.4 course (which I’m also doing at the moment) I don’t find the videos helpful. They don’t add anything, so it’s a more efficient use of my time to read the transcripts.

All of this is prologue to say that GDPR affects the work I’m leading at the moment with Project MoodleNet. It may be in its early stages, but privacy by design (PDF) means that we need to anticipate potential issues:

The Privacy by Design approach is characterized by proactive rather than reactive measures. It anticipates and prevents privacy invasive events before they happen. PbD does not wait for privacy risks to materialize, nor does it offer remedies for resolving privacy infractions once they have occurred − it aims to prevent them from occurring. In short, Privacy by Design comes before-the-fact, not after.

Project MoodleNet is a social network for educators focused on professional development and the sharing of open content. As such, it’s a prime example of where GDPR can protect and empower users.

Article 5(1) from the official document states:

Personal data shall be:

(a) processed lawfully, fairly and in a transparent manner in relation to the data subject (‘lawfulness, fairness and transparency’);

(b) collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall, in accordance with Article 89(1), not be considered to be incompatible with the initial purposes (‘purpose limitation’);

(c) adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (‘data minimisation’);

(d) accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay (‘accuracy’);

(e) kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) subject to implementation of the appropriate technical and organisational measures required by this Regulation in order to safeguard the rights and freedoms of the data subject (‘storage limitation’);

(f) processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures (‘integrity and confidentiality’).

We’re kicking off Project MoodleNet by looking at all of the different components we’ll be building, and really zeroing-in on user control. A key part of that is the way(s) in which users can authenticate and are authorised to access different parts of the system. We’re exploring open source approaches such as gluu (which has been GDPR-ready since November) that make it both easy for the user while protecting their privacy.

In addition, and as I’ve touched on while writing at the project blog, we’re going to need to ensure that users can, at the very least:

  • see what data is held on them
  • choose whether to revoke consent around storage and processing of that data
  • request a data export
  • ask for any of their personal data to be securely destroyed.

I actually think Google do a pretty good job with most of this with Download your data in your account settings (formerly ‘Google Takeout’).

One challenge, I think, is going to be global search functionality. To make searching across people, resources, and news reasonably fast, there’s going to be some pre-caching involved. We need to explore to what extent that’s compatible with purpose limitation, data minimisation, and storage limitation. It may be that, as with the authentication/authorisation example above, it may already be somewhat of a solved problem.

A related issue is that different functionality may be used to a greater or lesser extent by users. Some (e.g. crowdfunding) may not be used by some educators at all. As such, we need to ensure that, perhaps through an approach that leans on microservices and APIs, we ensure integrity and confidentiality of user data, while again adhering to the principle of data minimisation.

I’m delighted to be working on this project at such an exciting time for user control and privacy. Organisations that have been wilfully neglecting controls and safeguards around user data, or monetising it in unethical ways, are going to be in for a rough ride. Those, however, that have a commitment to openness and follow the principles of privacy by design are going to find that it’s a competitive advantage!


Image by Sanwal Deen available under a CC0 license

Weeknote 03/2018

This week I’ve been:

Next week I’m working from home from Monday to Thursday, then I’ll be at the Bett Show in London on Friday.


Photo taken today as my son and I headed to Kielder to pick up an ex-hire hybrid bike he’s getting for his birthday on Monday.

On the difference between people-centric and resource-centric social networks

Something Tom Murdock said recently resonated enough with me that I felt the need to write it down in a place that I can reference. Here is as good a place as any!

I’m leading Project MoodleNet, which is currently described as “a new open social media platform for educators, focused on professional development and open content”. Tom mentioned that he saw an important difference between ‘people-centric’ and ‘resource-centric’ social networks.

(Note: it’s been a couple of weeks since that conversation, so anything witty or clever I say in the next few paragraphs should be attributed to him, and anything confusing or stupid should be attributed to me)

I should also point out that I blog about things I’m thinking about here, whereas the official project blog can be found at blog.moodle.net.

What is a resource-centric social network?

A people-centric social network is something like Facebook or LinkedIn. Users have a single identity and want to follow or connect with you as a person. A resource-centric social network is something like Pinterest or Thingiverse where people interact and engage with you through the resources you’re sharing.

I think most people reading this will understand how Facebook and LinkedIn work. Imagine them towards one end of the spectrum, and Pinterest and Thingiverse towards the other. Twitter is an interesting case here, as users can have multiple accounts and follow non-human accounts. I suppose it would probably be somewhere in the middle of the spectrum.

A quick tour of Thingiverse

I think Project MoodleNet is more of a resource-centric social network. To illustrate that, I want to explore Thingiverse, a wonderful site I came across recently after acquiring a 3D printer. Here’s what the About page says:

MakerBot’s Thingiverse is a thriving design community for discovering, making, and sharing 3D printable things. As the world’s largest 3D printing community, we believe that everyone should be encouraged to create and remix 3D things, no matter their technical expertise or previous experience. In the spirit of maintaining an open platform, all designs are encouraged to be licensed under a Creative Commons license, meaning that anyone can use or alter any design.

So it’s:

  1. A registered trademark
  2. Owned by a company
  3. Focused on makers
  4. Allows the sharing of open content
  5. Encourages remixing

In that sense, it’s a very interesting model for Project MoodleNet.

Let’s look a little more closely. Below you can see the home page. The site is obviously curated by real human beings, as they’ve featured particular designs, and created collections which include designs from different users. There’s a feed of latest activity, the calls to action in the top menu bar make it obvious that this is a living community full of creative people.

Thingiverse home page

The next thing you notice when you click through onto a particular design is that there’s a lot of information here to help orient you. There’s a clear call-to-action below ‘DOWNLOAD ALL FILES’ but also we can see how many times it’s been liked, watched, commented upon, and remixed.

Thingiverse design

Click on the remix button and you get to see those who have remixed the original design in some way. If the design you’re looking at is itself a remix, it also allows you to look at the original, too.

Naturally, you want to know a little bit about the person who created it. Perhaps they’ve created some other things you’d like? Clicking on the user name reveals their Thingiverse profile.

Thingiverse profile

There’s lots of information about the person here: their username, location, Twitter profile, website, short biography. However, the focus is still on their resources. What have they designed? What have they shared?

The last thing to highlight is how Thingiverse deals with openly-licensed resources. When you click to download the files, the first thing that pops up is a windows that tells you in no uncertain terms about the license under which this resource has been made available.

Thingiverse CC licensing

In addition, it encourages you to ‘show some love’ to the designer. You can tip them using money via PayPal, and you can take a photo to ‘document’ your 3D print of their design, and you.

Final thoughts

I’m very impressed with the thought that’s been put into Thingiverse. I don’t know the history of the community, but it feels like something that has responded to users. In turn, I should imagine that when those who are regular users of Thingiverse come to purchase their next 3D printer, Makerbot will be top of their list. It’s a virtuous circle.

So there’s a lot to learn from here that we can apply to Project MoodleNet. I like the way that they make it easy for people new to the community. I love the ease by which you can use the fork-remix-share approach that developers are used to on GitHub, but many educators are still yet to discover. And I adore the way that they encourage users to ‘show some love’ to original resource creators, educating them on how to use openly-licensed content appropriately.

Weeknote 02/2018

This week I’ve been:

Next week I’m at home from Monday to Wednesday, then I’m down meeting with my We Are Open Co-op colleagues in London on Thursday and Friday. The week after I’ll be at the Bett Show on the Friday.

Weeknote 01/2018

So here we are! The first weeknote of 2018. You know the drill.

This week I’ve been:

  • Celebrating the New Year. I spent Christmas at home with just my wife and children, but we went down to Devon to the in-laws for New Year and had a great time.
  • Redesigning Thought Shrapnel, which is now not only a weekly newsletter, but also a blog! I think you’ll agree that Bryan Mathers did a great job with the logo. Read more about that here. You can become a supporter to show your appreciation for this work, and to ensure it continues!
  • Returning to life as an employee! As I mentioned before Christmas, I’m leading a new innovation project for Moodle. This involves working for them four days per week, and I can do so from home (with a bit of travel). So in a sense, lots has changed, and nothing at all. Note I’m still doing some consultancy, mostly through We Are Open co-op.
  • Meeting with Moodle colleague Tom Murdock about various things.
  • Introducing myself on the forum for the upcoming Learn Moodle Basics course. It’s been a few years since I used Moodle, so I thought I’d get back up-to-speed along with Mary Cooch and the community!
  • Working a short week due to New Year’s Day on Monday. My ‘Doug day’ (or, more likely, ‘consultancy / admin / catch-up-with-all-the-things day’) is likely to be Fridays, most weeks. This time around it was full of admin and my children begging me to play with them instead, — as they don’t go back to school until next week.
  • Sorting out various things as Secretary of the Executive Committee for 6th Morpeth Scouts.  I’m trying to streamline some stuff around meetings, calendaring, etc.
  • Facepalming at Dell, who want to charge me over £900 to fix a my less than one-year old XPS 13 laptop which has a threaded screw in the base. This is causing it come apart near the screen. As a result of their greed and poor customer service, I’ve used duct tape to patch it up as best I can, and bought a £60 battery to resurrect my Lenovo X220. I prefer the keyboard on the latter anyway, and in fact I’m using it to type this!
  • Writing:

Next week I’m at home all week, and celebrating my daughter’s birthday towards the end of it. I’ll be in London twice this month, the week after next for a co-op meetup, and then the week after that, I’ll be at BETT on the Friday.

Photo taken by me on New Years’ Day at Branscombe beach, Devon.

Why I didn’t go on ‘Belshaw Black Ops’ at the end of 2017

At the end of every year since 2010 I have, to the greatest extent possible, disappeared back into the analogue world to recharge. This has been known as Belshaw Black Ops after Paul Lewis decided that just calling it a ‘hiatus’ wasn’t rock ‘n’ roll enough.

I’ve greatly appreciated these periods away from social media, blogging, and personal email as a time when I can be ‘more myself’. Why, then, a few people have asked me, didn’t I continue this routine at the end of 2017? The simple answer is that I’ve achieved the kind of balance that means it didn’t feel necessary.

There are a number of factors here:

  1. Switching from Twitter to social.coop half-way through the year. Given that I still get the most-shared stuff from my Twitter network filtering through to me via Nuzzel, that’s been a revelation.
  2. Looking after myself a bit better health-wise, including deciding to follow a mostly plant-based diet, starting running again, and taking supplements such as multivitamins, high doses of Vitamin D, and L-Theanine.
  3. Enjoying the sunnier weather where I live (it makes a difference!)
  4. Blogging in a more short-form way via Discours.es and Thought Shrapnel Live!
  5. Prioritising what’s important in my life. I find reading Stoic philosophy every morning helps greatly in that regard.

Today is my first day back as an employee. I’m working for Moodle, makers of the world’s largest (open source!) learning platform. I’m working four days per week leading an innovation project for them aimed at creating a new open social media platform for educators, focused on professional development and open content. I’ll still be consulting through We Are Open Co-op.

It was my birthday just before Christmas, and I’ve now spent most of my thirties working from home. There’s benefits and drawbacks to doing so, but the main upside for me is much more control over my schedule. I’ll still have a lot of autonomy at Moodle, so I anticipate that, while I’ll be away during the summer, there won’t be a need for Belshaw Black Ops in 2018, either.

Photo by Paul Green available under a CC0 license

css.php