83% of Australians want tougher privacy laws. Now’s your chance to tell the government what you want

Federal Attorney-General Christian Porter has called for submissions to the long-awaited review of the federal Privacy Act 1988.

This is the first wide-ranging review of privacy laws since the Australian Law Reform Commission produced a landmark report in 2008.

Australia has in the past often hesitated to adopt a strong privacy framework. The new review, however, provides an opportunity to improve data protection rules to an internationally competitive standard.

Here are some of the ideas proposed — and what’s at stake if we get this wrong. Read More

How political parties legally harvest your data and use it to bombard you with election spam

On Monday October 26, five days ahead of Queensland’s election, many voters received an unsolicited text message from Clive Palmer’s mining company Mineralogy, accusing Labor of planning to introduce a “death tax” and providing a link to an online how-to-vote card for Palmer’s United Australia Party.

Many recipients angrily wondered how Palmer’s firm had got hold of their contact details, and why they were receiving information that had already been thoroughly debunked.

But the issue goes deeper than Palmer’s dubious tactics, although his message was a particularly egregious example. In fact, there’s no law to prevent registered political parties — and the contractors and volunteers who work on their behalf — collecting your contact details and bombarding you with messages, regardless of whether you consented or not. Read More

Facebook’s virtual reality push is about data, not gaming

Facebook has announced the latest version of its successful standalone virtual reality (VR) headset, the Oculus Quest 2. The new device packs more computing power and a sharper screen than its predecessor, and is also US$100 cheaper.

The Oculus Quest 2 is the latest step in Facebook’s long-term strategy of making VR more accessible and popular. Facebook recently brought all its VR work under the umbrella of Facebook Reality Labs, it has announced new applications like the Infinite Office VR workplace, and will also require a Facebook login for future Oculus devices.

The compulsory link to Facebook has many consumers concerned, considering the social media giant’s chequered history with privacy and data. VR and its cousin, augmented reality (AR), are perhaps the most data-extractive digital sensors we’re likely to invite into our homes in the next decade. Read More

Towards a post-privacy world: proposed bill would encourage agencies to widely share your data

The federal government has announced a plan to increase the sharing of citizen data across the public sector.

This would include data sitting with agencies such as Centrelink, the Australian Tax Office, the Department of Home Affairs, the Bureau of Statistics and potentially other external “accredited” parties such as universities and businesses.

The draft Data Availability and Transparency Bill released today will not fix ongoing problems in public administration. It won’t solve many problems in public health. It is a worrying shift to a post-privacy society.

It’s a matter of arrogance, rather than effectiveness. It highlights deficiencies in Australian law that need fixing. Read More

Regulatory arbitrage and transnational surveillance: Australia’s extraterritorial assistance to access encrypted communications

This article examines developments regarding encryption law and policy within ‘Five Eyes’ (FVEY) countries by focussing on the recently enacted Telecommunications and Other Legislation Amendment (Assistance and Access) Act 2018 (Cth) in Australia. The legislation is significant both domestically and internationally because of its extraterritorial reach, allowing the development of new ways for Australian law enforcement and security agencies to access encrypted telecommunications via transnational designated communications providers, and allowing for Australian authorities to assist foreign counterparts in both enforcing and potentially circumventing their domestic laws. We argue that Australia is the ‘weak link’ in the FVEY alliance as – unlike other FVEY members – has no comprehensive enforceable human rights protections. Given this, there is a possibility for regulatory arbitrage in exploiting these new surveillance powers to undermine encryption via Australia. Read More

Keep calm, but don’t just carry on: how to deal with China’s mass surveillance of thousands of Australians

Recent news that Chinese company Zhenhua Data is profiling more than 35,000 Australians isn’t a surprise to people with an interest in privacy, security and social networks. We need to think critically about this, knowing we can do something to prevent it from happening again.

The company operates under Chinese law and doesn’t appear to have a presence in Australia. That means we can’t shut it down or penalise it for a breach of our law. Also, Beijing is unlikely to respond to expressions of outrage from Australia or condemnation by our government – especially amid recent sabre-rattling.

Zhenhua is reported to have data on more than 35,000 Australians – a list saturated by political leaders and prominent figures. Names, birthdays, addresses, marital status, photographs, political associations, relatives and social media account details are among the information extracted. Read More

Melbourne is using pop-up police spy stations to find people breaking COVID rules – what does the law say?

CCTV cameras mounted on vans have recently been seen in public parks around Melbourne, ostensibly to nab anyone breaking lockdown rules. They are part of a joint initiative between several Melbourne councils, Victoria Police and the Commonwealth government.

Coming on the back of Victorian police arresting and charging a number of people for inciting others to break bans on public gatherings by protesting in the streets, there is likely to be widespread resentment to the presence of these mobile surveillance units.

Many people are already claiming the Victorian government has once again over-stepped the mark in its aggressive approach to suppressing COVID-19. Read More

Digging your own digital grave: how should you manage the data you leave behind?

Throughout our lifetimes we consume, collate, curate, host and produce a staggering quantity of data – some by our own hand, some by others on our behalf, and some without our knowledge or consent.

Collectively, our “digital footprints” represent who we are and who we were. Our digital legacies are immortal and can impact those we leave behind.

Many of us take steps to secure our privacy while we’re alive, but there’s mounting evidence that we should be equally concerned about the privacy and security risks of our “data after death”. Read More

Google knows your every move even with ‘location history’ off – Android users are being misled over Google’s incognito privacy feature.

Android handsets are tracking where users are, and sending that information to Google, even if ­location history settings are turned off and the incognito privacy feature is turned on.

Tests conducted by The Australian in Sydney — in which information being sent to Google was duplicated and analysed — show the technology giant tracks the phone’s movement even when those settings, ostensibly meant to protect the privacy of users, are ­activated.

Read More

How the shady world of the data industry strips away our freedoms

The recent questioning of the heads of Amazon, Facebook, Google and Apple in the US Congress has highlighted the threat their practices pose to our privacy and democracy.

However these big four companies are only part of a vast, sophisticated system of mass surveillance.

In this network are thousands of data brokers, ad agencies and technology companies – some of them Australian. They harvest data from millions of people, often without their explicit consent or knowledge. Read More