We regret the 10-month delay since the most recent Newsletter!
The Board has remained very busy throughout, with about 20 submissions made during that period.
These included a very substantial response to the Issues Paper published by the Attorney-General’s Department in relation to the (non-independent) review it is conducting of the Privacy Act. The scope was very broad, and it accordingly involved a team of contributors, led by Prof. Graham Greenleaf.

In a recent development, New South Wales Police announced they are in conversation with Tinder’s parent company Match Group (which also owns OKCupid, Plenty of Fish and Hinge) regarding a proposal to gain access to a portal of sexual assaults reported on Tinder. The police also suggested using artificial intelligence (AI) to scan users’ conversations for “red flags”. Tinder already uses automation to monitor users’ instant messages to identify harassment and verify personal photographs. However, increasing surveillance and automated systems doesn’t necessarily make dating apps safer to use.

Primary Health Networks (PHNs) have been collecting 400 data points of up to 25 million Australian patient health records since August 2019. The records are apparently deidentified, but as science has long demonstrated, can be later identified so that criminal agents may collect 400 pieces of information about you from this information. Your General Practice asks for your consent to do this by bundling the authority into imprecise packages of tick-box styled general statements. By consenting to be treated by your usual doctor, patients also consent to link information from their confidential medical consult to information stored by health authorities.

The Federal Court has found Google misled some users about personal location data collected through Android devices for two years, from January 2017 to December 2018. Other companies too should be warned that representations in their privacy policies and privacy settings could lead to similar liability under the ACL. But this won’t be a complete solution to the problem of many companies concealing what they do with data, including the way they share consumers’ personal information.

The Australian Competition and Consumer Commission has had a significant win against Google. The Federal Court found Google misled some Android users about how to disable personal location tracking. Will this decision actually change the behaviour of the big tech companies? The answer will depend on the size of the penalty awarded in response to the misconduct.

The Australian government has appointed the commercial company HealthEngine to establish a national booking system for COVID-19 vaccinations. However, HealthEngine has a track record of mishandling confidential patient information.