Optus executives are paid millions to ensure that, among other things, customer data is safe. These are the people who should be held accountable for the data breach. Straight after the breach, Optus made claims that it was “not currently aware of any customers having suffered harm”. This suggests that Optus doesn’t consider the widespread damage to people’s privacy harmful. This is wrong. Read More
‘Pretty creepy’: Agencies illegally obtained emails, voicemails and texts
Australia’s law enforcement agencies have persistently accessed, retained and used private email, voicemail and text messages without legal authority and failed to provide the data protections that the law requires, according to the Commonwealth ombudsman. In a sweeping annual examination of how the nation’s crime-fighting agencies and investigative and integrity bodies access and handle electronic data, the ombudsman has found repeated breaches of the law. Read More
Report Launch: Securing Australian Journalism from Surveillance
Drawing upon interviews with 19 journalists and 2 media lawyers, Dr Diarmaid Harkin and Dr Monique Mann report on how whistle-blowers and sources are more reluctant to cooperate with journalists. Journalists also express “very low confidence” that they are prepared for the threats of electronic surveillance and experience a general lack of support on crucial matters of cyber-security. The implications for press freedom, democracy, and law reform will be explored. Read More
Dr Juanita Fernando discusses Victoria’s Health Legislation Amendment with 3RRR Melbourne’s Amy Mullins
Dr Juanita Fernando, Chair of the Australian Privacy Foundation’s Health Committee, joined Amy Mullins on 3RRR Melbourne’s Uncommon Sense program this week to discusses the Victorian Government’s concerning plans to share every Victorian’s patient data in a centralised health database with no way for individuals to opt-out. Read More
Why can’t Aunty get the ABCs of privacy right?
The ABC says it is “committed to protecting your privacy”. So why are they giving our data to Facebook and Google? The ABC Privacy Policy was updated in late 2021, to “reflect some changes to the way in which your information will be handled as we look to help Australians find more content likely to be of interest to them”. The changes include “disclosing hashed email addresses to Google and Facebook to show you promotions for ABC Content likely to be of interest to you on those platforms, unless you choose to opt out”. In other words, if you have an ABC Account (e.g. if you login to watch iview or use the ABC Listen app), you will be individually profiled and potentially targeted by Facebook or Google, based on information about you given to those companies by the ABC – unless you have first figured out this practice is going on and then activated your privacy settings to opt out. Read More
Privacy law reform in Australia – the good, the bad and the ugly
On 25 October 2021 the Australian government released a Discussion Paper crammed full of proposals to amend the national privacy law, as well as a Bill intended to progress certain reforms ahead of the rest. Here’s what you need to know, to help you prepare for what’s likely ahead, or to draft a submission in response to the proposals. Read More
Today is data privacy day…a lot more work to do beyond reminding people of the need to keep data private and secure
Thursday 28 January 2021 is Data Privacy Day. It is also the 40th anniversary of Convention 108 and the 15th edition of the Data Protection Day. Read More
Significant data breach from Ambulance Tasmania through interception of its paging service with data of patients who contact ambulances published on line
Ambulance Tasmania has suffered a massive data breach. According to the ABC, personal information of every Tasmanian who called the Tasmanian Ambulance Service since November 2020 has been accessed and posted on line by a third party. The specific nature of the breach is unknown but it was to the paging system. What makes this breach so damaging is that the data accessed is sensitive information, relating to a person’s health status as well as that person/s age, gender and address.
What is both surprising and disturbing is that the data hacked from Ambulance Tasmania has been publicly visible since November last year. Read More
Regulatory arbitrage and transnational surveillance: Australia’s extraterritorial assistance to access encrypted communications
This article examines developments regarding encryption law and policy within ‘Five Eyes’ (FVEY) countries by focussing on the recently enacted Telecommunications and Other Legislation Amendment (Assistance and Access) Act 2018 (Cth) in Australia. The legislation is significant both domestically and internationally because of its extraterritorial reach, allowing the development of new ways for Australian law enforcement and security agencies to access encrypted telecommunications via transnational designated communications providers, and allowing for Australian authorities to assist foreign counterparts in both enforcing and potentially circumventing their domestic laws. We argue that Australia is the ‘weak link’ in the FVEY alliance as – unlike other FVEY members – has no comprehensive enforceable human rights protections. Given this, there is a possibility for regulatory arbitrage in exploiting these new surveillance powers to undermine encryption via Australia. Read More
Google knows your every move even with ‘location history’ off – Android users are being misled over Google’s incognito privacy feature.
Android handsets are tracking where users are, and sending that information to Google, even if location history settings are turned off and the incognito privacy feature is turned on.
Tests conducted by The Australian in Sydney — in which information being sent to Google was duplicated and analysed — show the technology giant tracks the phone’s movement even when those settings, ostensibly meant to protect the privacy of users, are activated.