This year has seen some major cyber attacks which have crippled businesses. The malware attacks affecting Toll Transport, Bluescope Steel and MyBudget were probably all preventable. It is highly likely that human error was responsible for each attack. That bespeaks a failure in training and operations. An investigation of a data breach often reveals significant problems with compliance with the Australian Privacy Principles and problems with either the quality or the ongoing nature of training. Read More
Australian Information Commission v Facebook Inc [2020] FCA 531 (22 April 2020): application for service outside of Australia, the Commissioner’s prima facie case. The opening round in the first civil proceeding for breach of the Privacy Act by the Commissioner
On 23 April 2020 in Australian Information Commission v Facebook Inc the Australian Information Commissioner successfully obtained interim suppression and non publication orders and orders to serve outside Australia and substituted service against Facebook Inc.
This is the first of what is likely to be a number of interlocutory judgments as the civil penalty proceedings slowly move towards a hearing. Read More
Attorney General George Brandis declared “Villain” by Access Now for comments undermining encryption
Today, Access Now recognizes Attorney General George Brandis as a Villain among the annual Heroes and Villains Award recipients for his comments in opposition to strong digital security tools like encryption. As a leading official representing Australia in the notorious “Five Eyes” partnership, Attorney General Brandis has pushed publicly for requirements for companies to implement measures to allow law enforcement to bypass encryption protections for exceptional access to digital content. This type of access has been repeatedly demonstrated to undermine digital security globally, including and especially for the users in marginalized communities. Read More
Cross-border access to data – EDRi delivers international NGO position to Council of Europe
Earlier this week, a global coalition of civil society organisations, including the Australian Privacy Foundation, submitted to the Council of Europe its comments on how to protect human rights when developing new rules on cross-border access to electronic evidence (“e-evidence”). The Council of Europe is currently preparing an additional protocol to the Cybercrime Convention. European Digital Rights (EDRi)’s Executive Director Joe McNamee handed the comments over to Mr. Alexander Seger, the Executive Secretary of the Cybercrime Convention Committee (T-CY) of the Council of Europe. Read More