Primary Health Networks (PHNs) have been collecting 400 data points of up to 25 million Australian patient health records since August 2019. The records are apparently deidentified, but as science has long demonstrated, can be later identified so that criminal agents may collect 400 pieces of information about you from this information.Your General Practice asks… Read More
RAC is trialling a new app to reward members for their good behaviour, but privacy experts warn users to be cautious.
APF’s own Dr Juanita Fernando spoke yesterday with 9 News Perth regarding data collection in the new RAC trial app. Read More
Commonwealth Health Department going for data grab under cover of COVID
While Australia is focussed on COVID, the government acts to quietly collect our personal health data. The Department of Health funded project, Primary Health Insights, has been uploading detailed health records from GP databases. While almost 10% of Australians opted out of My Health Record, most may be unaware they are giving consent to their default data upload, when they sign the patient registration form to see their own doctor. Read More
ACIC thinks there are no legitimate uses of encryption. They’re wrong, and here’s why it matters.
Australia’s parliament is considering legislation to give new powers to the Australian Criminal Intelligence Commission (ACIC) and the Australian Federal Police. These powers will allow them to modify online data, monitor network activity, and take over online accounts in some circumstances. Last week, in a submission to parliament regarding the proposed powers, ACIC made an inaccurate and concerning claim about privacy and information security. ACIC claimed “there is no legitimate reason for a law-abiding member of the community to own or use an encrypted communication platform”. Encrypted communication platforms, including WhatsApp, Signal, Facetime and iMessage, are in common use, allowing users to send messages that can only be read by the intended recipients. There are many legitimate reasons law-abiding people may use them. And surveillance systems, no matter how well-intentioned, may have negative effects and be used for different purposes or by different people than those they were designed for. Read More
APF Newsletter 7 May 2021
We regret the 10-month delay since the most recent Newsletter!
The Board has remained very busy throughout, with about 20 submissions made during that period.
These included a very substantial response to the Issues Paper published by the Attorney-General’s Department in relation to the (non-independent) review it is conducting of the Privacy Act. The scope was very broad, and it accordingly involved a team of contributors, led by Prof. Graham Greenleaf. Read More
NSW Police want access to Tinder’s sexual assault data. Cybersafety experts explain why it’s a date with disaster.
In a recent development, New South Wales Police announced they are in conversation with Tinder’s parent company Match Group (which also owns OKCupid, Plenty of Fish and Hinge) regarding a proposal to gain access to a portal of sexual assaults reported on Tinder. The police also suggested using artificial intelligence (AI) to scan users’ conversations for “red flags”. Tinder already uses automation to monitor users’ instant messages to identify harassment and verify personal photographs. However, increasing surveillance and automated systems doesn’t necessarily make dating apps safer to use. Read More
MEDIA RELEASE: Every 3 minutes Australian health services collect 400 data points of up to 25m patients’ medical records
Primary Health Networks (PHNs) have been collecting 400 data points of up to 25 million Australian patient health records since August 2019. The records are apparently deidentified, but as science has long demonstrated, can be later identified so that criminal agents may collect 400 pieces of information about you from this information. Your General Practice asks for your consent to do this by bundling the authority into imprecise packages of tick-box styled general statements. By consenting to be treated by your usual doctor, patients also consent to link information from their confidential medical consult to information stored by health authorities. Read More
ACCC ‘world first’: Australia’s Federal Court found Google misled users about personal location data
The Federal Court has found Google misled some users about personal location data collected through Android devices for two years, from January 2017 to December 2018. Other companies too should be warned that representations in their privacy policies and privacy settings could lead to similar liability under the ACL. But this won’t be a complete solution to the problem of many companies concealing what they do with data, including the way they share consumers’ personal information. Read More
Privacy erosion by design: why the Federal Court should throw the book at Google over location data tracking
The Australian Competition and Consumer Commission has had a significant win against Google. The Federal Court found Google misled some Android users about how to disable personal location tracking. Will this decision actually change the behaviour of the big tech companies? The answer will depend on the size of the penalty awarded in response to the misconduct. Read More
How safe are your data when you book a COVID vaccine?
The Australian government has appointed the commercial company HealthEngine to establish a national booking system for COVID-19 vaccinations. However, HealthEngine has a track record of mishandling confidential patient information. Read More