I have been consulted about a proposal for a staff member to mount a Co-web server-sometimes called a Wiki or Swiki in our sub-net. The purpose is apparently academic research and a principle of this (I am told) increasingly popular collaborative web-based concept is that anyone can post or alter any data (personal and research) posted by another without any login, password or validation security, allowing full academic freedom to the particpants.The server includes some limited access monitoring software and a 'rollback' facility to undo 'graffiti' changes. I am very uncertain who the data controller is this sort of 'free for all' but assuming it is the University by allowing it on the server at all, I am nervous about it. However, will it be enough if guidelines provide for the system to be monitored(for content and security) and there is a 'health warning' on the entry page ,informing users of operating parameters. There may also be issues around security/subject access/other which could be problematical Have others experience of these and how are they viewed/dealt with? Gail Waters DP Coordinator OPen University ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ If you wish to leave this list please send the command leave data-protection to [log in to unmask] All user commands can be found at : - www.jiscmail.ac.uk/user-manual/summary-user-commands.htm all commands go to [log in to unmask] not the list please! ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^