Thursday 28 January 2021 is Data Privacy Day. It is also the 40th anniversary of Convention 108 and the 15th edition of the Data Protection Day.

International Data Privacy Day this year will mark the 40th Anniversary of Data Protection Convention 108 (recently “modernised” as Convention 108+). To celebrate this event, the Council of Europe will be hosting a 90 minute Asia-Pacific virtual regional seminar on January 28th, featuring a range of speakers from Asia-Pacific civil society, governmental bodies, and privacy regulators, and civil society, including the Australian Privacy Foundation’s own Professor Graham Greenleaf.

Ambulance Tasmania has suffered a massive data breach. According to the ABC, personal information of every Tasmanian who called the Tasmanian Ambulance Service since November 2020 has been accessed and posted on line by a third party. The specific nature of the breach is unknown but it was to the paging system. What makes this breach so damaging is that the data accessed is sensitive information, relating to a person’s health status as well as that person/s age, gender and address.

What is both surprising and disturbing is that the data hacked from Ambulance Tasmania has been publicly visible since November last year.

Federal Attorney-General Christian Porter has called for submissions to the long-awaited review of the federal Privacy Act 1988.

This is the first wide-ranging review of privacy laws since the Australian Law Reform Commission produced a landmark report in 2008.

Australia has in the past often hesitated to adopt a strong privacy framework. The new review, however, provides an opportunity to improve data protection rules to an internationally competitive standard.

Here are some of the ideas proposed — and what’s at stake if we get this wrong.

On Monday October 26, five days ahead of Queensland’s election, many voters received an unsolicited text message from Clive Palmer’s mining company Mineralogy, accusing Labor of planning to introduce a “death tax” and providing a link to an online how-to-vote card for Palmer’s United Australia Party.

Many recipients angrily wondered how Palmer’s firm had got hold of their contact details, and why they were receiving information that had already been thoroughly debunked.

But the issue goes deeper than Palmer’s dubious tactics, although his message was a particularly egregious example. In fact, there’s no law to prevent registered political parties — and the contractors and volunteers who work on their behalf — collecting your contact details and bombarding you with messages, regardless of whether you consented or not.

Facebook has announced the latest version of its successful standalone virtual reality (VR) headset, the Oculus Quest 2. The new device packs more computing power and a sharper screen than its predecessor, and is also US$100 cheaper.

The Oculus Quest 2 is the latest step in Facebook’s long-term strategy of making VR more accessible and popular. Facebook recently brought all its VR work under the umbrella of Facebook Reality Labs, it has announced new applications like the Infinite Office VR workplace, and will also require a Facebook login for future Oculus devices.

The compulsory link to Facebook has many consumers concerned, considering the social media giant’s chequered history with privacy and data. VR and its cousin, augmented reality (AR), are perhaps the most data-extractive digital sensors we’re likely to invite into our homes in the next decade.