The Optus, Medibank and MedLab data breaches have caused some re-thinking. But not all of the thinking is clear enough. It’s being touted that there’s a simple solution to driver licence data being compromised. That solution is said to be the addition of a card-number.
Organisations have to understand that the critical issue is: The retention of authentication-data in databases creates an unmanageable vulnerability. Read More
MEDIA RELEASE: “Our” ABC iView mandatory login requirement – unnecessary and linked to export to data aggregators?
The ABC is still promoting its now-mandatory ‘iView Login’ without dealing with unresolved questions, particularly about adequate disclosure of their apparent intent to export individual-level, ineffectively de-identified iView account usage data to foreign third party commercial surveillance companies like Tealium, Google and Facebook. Read More
Still waiting for a reply from the ABC to our March open letter concerning mandatory registration for use of ABC iView online services
On April 23, the APF wrote again to the Australian Broadcasting Corporation (ABC), asking when we might expect a response to an open letter sent to them back in March responding to their letter asking us about APF concerns re the mandatory registration system. Read More
Ita Buttrose’s response to our open letter on mandatory registration for use of ABC iView services, and our reply
On March 2nd, the Australian Privacy Foundation released an open letter addressed to ABC Chair Ita Buttrose, regarding mandatory registration for use of ABC iView services. Ita Buttrose responded this past week in a letter dated March 8th. Our response addresses each of the factors Ita raised in her reply, and explains why we in the APF believe there is still no justification for not permitting those Australians unwilling or unable to register to simply continue to enjoy access to their ABC via iView without registration. Read More
Open letter: Mandatory registration for use of ABC iView services
This open letter is to raise our concerns and objections to proposals for mandatory registration for Australians to use ABC online services from March 2022. The proposal is unnecessary, intrusive, inconsistent with community expectations of protection from online tracking, a potential security or safety threat, and breaches the right not to have to identify yourself offered by Australian Privacy Principle 2 (APP 2). It should not go ahead. Read More
Kiss your privacy goodbye when you use an ambulance? The Australian Privacy Foundation says No.
People in South Australia need real answers and real responses to yet another data breach. The SA Ambulance Service has disclosed that the personal details of 28,000 patients have been stolen. Those details include people’s name, date of birth, age, address, and in some cases, their pension number and health notes. Juanita Fernando, chair of the Australian Privacy Foundation’s (APF’s) Health Committee said, “That’s prime fodder for identity theft and something we all need to take seriously.” The Ambulance Service says the data was on a storage device that was stolen from a consultancy firm in July. The consultants had apparently held the data since the early 2000s. Read More
Victorian information sharing Bill a threat to privacy
The Victorian Government’s Health Legislation Amendment (Information Sharing) Bill 2021 was rushed through its first parliamentary vote on 14 October 2021, raising many unanswered questions for patients and health care professionals in that state. Put plainly, this legislation allows agents of the Victorian Government a complete record of every Victorian person’s most sensitive and private information. The powers embodied in the Bill are unprecedented. Why does the Victorian Government need to harvest and store such a rich database of patient information? Read More
Too late? The new normal, State government slurps up all patient information.
The Victorian government’s “Health Legislation Amendment (Information Sharing) Bill 2021” was hurried through its first Parliamentary vote last week. The Bill links all patient medical and health information through a single portal, to be shared between authorised end-users, decided and controlled by the Secretary of the Department of Health. The powers embodied in the Bill are unprecedented, threatening patient-doctor confidentiality, risking health and wellness should some individuals decide not to seek clinical attention for potentially life threatening or serious illnesses and conditions. Read More
Advocacy Groups Oppose Google Takeover of Fitbit
Consumer and citizen groups have significant concerns that Google’s proposed takeover of wearables manufacturer Fitbit would be a game-changer not only for how people interact with the online world but also for digital and related health markets. Regulators around the world –in particular those concerned with antitrust compliance and data privacy –must therefore give it… Read More
How [NOT] to earn public trust for the Contact Tracing App?
“This public health crisis is too important to risk a repeat of recent personal data disasters that undermined community trust in governments’ use of IT. The last Census, council exploitation of metadata retention, ‘Robodebt’, laws undermining encryption, and compulsory registration for an empty My Health Record loom large in public memory. The way this app… Read More