Yesterday the Australian Competition and Consumer Commission (“ACCC”) yesterday released Interim Report No s – General online retail marketplaces. The report necessarily deals with the issue of data collection and privacy. It does not contain any new insight or previously unknown fact or issue however it does synthesise and summarise the relevant issues. All too often these issues are not considered with this level of focus. Read More
Attorney General’s Department releases discussion paper on reform to the Privacy Act 1988
On 25 October the Attorney General’s Department released its long awaited Privacy Act Review Discussion paper (the “Paper”). It is far from comprehensive. It avoids making recommendations about a statutory tort of privacy. Rather it continues the continual policy loop as governments of every persuasion push this issue into further review, then consultation then bury it in a report and then hope it goes away until it is recommended or otherwise finds itself before the Government. It has been a hugely expensive, time intensive waste of time. Read More
Information Commissioner issues determination into 7-Eleven Stores for APP breaches through use of facial recognition technology of unsuspecting customers
The Australian Information Commissioner has issued a very significant determination resulting from a Commissioner initiated investigation into 7-Eleven, where she found that the company had breached Australian Privacy Principle (APP) 3 and 5 of the Privacy Act 1988. Read More
Today is data privacy day…a lot more work to do beyond reminding people of the need to keep data private and secure
Thursday 28 January 2021 is Data Privacy Day. It is also the 40th anniversary of Convention 108 and the 15th edition of the Data Protection Day. Read More
Significant data breach from Ambulance Tasmania through interception of its paging service with data of patients who contact ambulances published on line
Ambulance Tasmania has suffered a massive data breach. According to the ABC, personal information of every Tasmanian who called the Tasmanian Ambulance Service since November 2020 has been accessed and posted on line by a third party. The specific nature of the breach is unknown but it was to the paging system. What makes this breach so damaging is that the data accessed is sensitive information, relating to a person’s health status as well as that person/s age, gender and address.
What is both surprising and disturbing is that the data hacked from Ambulance Tasmania has been publicly visible since November last year. Read More
Cyber attack at BlueScope Steel and MyBudget highlights a chronic problem facing businesses, particularly those with poor privacy protocols
This year has seen some major cyber attacks which have crippled businesses. The malware attacks affecting Toll Transport, Bluescope Steel and MyBudget were probably all preventable. It is highly likely that human error was responsible for each attack. That bespeaks a failure in training and operations. An investigation of a data breach often reveals significant problems with compliance with the Australian Privacy Principles and problems with either the quality or the ongoing nature of training. Read More
Australian Information Commission v Facebook Inc [2020] FCA 531 (22 April 2020): application for service outside of Australia, the Commissioner’s prima facie case. The opening round in the first civil proceeding for breach of the Privacy Act by the Commissioner
On 23 April 2020 in Australian Information Commission v Facebook Inc the Australian Information Commissioner successfully obtained interim suppression and non publication orders and orders to serve outside Australia and substituted service against Facebook Inc.
This is the first of what is likely to be a number of interlocutory judgments as the civil penalty proceedings slowly move towards a hearing. Read More
Indian Supreme Court rules that individual privacy is a fundamental right. Another jurisdiction acknowledges a right to privacy… but still not Australia
The Indian Supreme Court, in a unanimous decision of Justice K S Puttaswamy (Retd) & anor v Union of India & ors, has today found that individual privacy is a fundamental right. It is a comprehensive decision running to 547 pages and 5 years in gestation. Even so India has recognised such a right ahead of Australia. Read More