Digital ‘death knocks’: is it fair game for journalists to mine social media profiles of victims and their families?

Alysson Watson, Associate lecturer in journalism, University of Newcastle The family of Ash Good, one of the Bondi stabbing victims and the mother of the nine-month-baby who was also stabbed, issued a plea overnight for media to stop reproducing photos of Ash, her partner and their baby without consent. Good, 38, was an osteopath who… Read More

70% of Australians don’t feel in control of their data as companies hide behind meaningless privacy terms

Katharine Kemp, Associate Professor, Faculty of Law & Justice, UNSW Sydney Australian consumers don’t understand how companies – including data brokers – track, target and profile them. This is revealed in new research on consumer understanding of privacy terms, released by the non-profit Consumer Policy Research Centre and UNSW Sydney today. Our report also reveals… Read More

For domestic violence victim-survivors, a data or privacy breach can be extraordinarily dangerous

A suite of recent cybersecurity data breaches highlight an urgent need to overhaul how companies and government agencies handle our data. But these incidents pose particular risks to victim-survivors of domestic violence. The onus is on service providers – such as utilities, telcos, internet companies and government agencies – to ensure they don’t risk the safety of their most vulnerable customers by being careless with their data. Read More

Popular fertility apps are engaging in widespread misuse of data, including on sex, periods and pregnancy

Fertility apps collect deeply sensitive data about consumers’ sex lives, health, emotional states and menstrual cycles. And many of them are intended for use by children as young as 13. An analysis by UNSW’s Katharine Kemp has uncovered a number of concerning practices by these apps including: confusing and misleading privacy messages, a lack of choice in how data are used, inadequate de-identification measures when data are shared with other organisations, and retention of data for years even after a consumer stops using the app, exposing them to unnecessary risk from potential data breaches. Read More

Proposed privacy reforms could help Australia play catch-up with other nations. But they fail to tackle targeted ads

In the recently released Privacy Act Review Report, the Attorney-General’s Department makes numerous important proposals that could see the legislation, enacted in 1988, begin to catch up to leading privacy laws globally. However, the report’s proposals on targeted advertising don’t properly address the power imbalance between companies and consumers. Instead, they largely accept a status quo that sacrifices consumer privacy to the demands of online targeted ad businesses. Read More

Government’s privacy review has some strong recommendations – now we really need action

Attorney-General Mark Dreyfus yesterday released a report with 30 proposals for updating Australia’s privacy regime. The proposals are practical, necessary and overdue. However, they are just proposals, which have been made several times in the past before disappearing into the “too hard basket” of the Australian, state and territory governments.
We can expect to see lots of noise about specific proposals and hope the Albanese government (copied by state/territory counterparts) gives us the legislation we need. Read More

Not Big Brother, but close: a surveillance expert explains some of the ways we’re all being watched, all the time

Ausma Bernot, PhD Candidate, School of Criminology and Criminal Justice, Griffith University A group of researchers studied 15 months of human mobility movement data taken from 1.5 million people and concluded that just four points in space and time were sufficient to identify 95% of them, even when the data weren’t of excellent quality. That… Read More

After the Optus data breach, Australia needs mandatory disclosure laws

The Optus data breach, which has affected close to 10 million Australians, has sparked calls for changes to Australia’s privacy laws, placing limits on what and for how long organisations can hold our personal data. Equally important is to strengthen obligations for organisations to publicly disclose data breaches. Optus made a public announcement about its breach, but was not legally required to do so. In fact, beyond the aggregated data produced by the Office of the Australian Information Commissioner, the public is not made aware of the vast majority of data breaches that occur in Australia every year. Read More