Courts generally have found the rapid changes in technology a challenge when applying and sometimes adapting legal principles. That is particularly so regarding privacy protections and when a search warrant is required. Smart phones can, and often, do contain more data than the physical contents of a person’s office, a photo collection and diary. While a search warrant is required to enter and search a house police try and often succeed in forcing a person to open their phone to prying eyes. The principle is the same even if the physical circumstances differ. There have been appalling acts of intrusion with no oversight regarding the actions of Australian Border Force officers.

Police databases are a critically important investigative tool. They enable police to locate suspects, confirm addresses, check car ownership and registration and generally access information about individuals, often provided to the many governmental agencies through compulsion. It is then concerning when police abuse their powers to access data bases. There have been reports of such breaches in Queensland and Victoria.

Data breaches of any personal information is a serious matter. The misuse of personal information can financially affect a person whose information is used for identity theft and it can have a massive impact on an organisation that suffers a data breach.  A sub set of data breaches is where the target is a public figure.  There the motivations are generally not financial.  The aimed impact is reputational and  humiliation. It can also be used to cause disruption, as was the case recently in Germany where there has been a massive hacking attack which has resulted in personal data of hundreds of German politicians have been accessed and then leaked over Twitter.  This has been reported by Wired in  A Major Hacking Spree Gets Personal for German Politicians, Reuters in German politicians’ data published online in massive breach and the Australian in Angela Merkel hit in massive data hack attack.  The focus of these breaches are to humiliate and embarrass.  The breach is a particularly pernicious form of politics.  It is curious that Read the rest of this entry »

My Health Records can be seen as a legislative process, the enactment of legislation, the implementation of a public policy initiative, placing people’s digital records on line, and a salient lesson in how not to legislate and implement an initiative.  The implementation of the My Health Records scheme has been fraught and is a complete mess as far as privacy and cyber security is concerned.  The legislation had to be amended to assuage privacy concerns, which were at best quick fixes, and the opt out period was extended.

And the problems keep on coming.  The Fairfax Press reports that there have been 42 data breaches in 2018.  Meanwhile the Herald Sun reports that wrong data has been entered into the My Health Record system.

The Herald Sun report Read the rest of this entry »

Nova Entertainment has announced that it has “publicly disclosed” a “legacy dataset” involving personal information (of listeners presumably) collected in the period May 2009 – October 2011.  It does not say when the breach occurred or how the breach occurred.

The statement provides:

Nova Entertainment has recently become aware that a legacy dataset containing information collected from our listeners during the period from May 2009 to October 2011 has been publicly disclosed.

We are in the process of notifying individuals affected by this incident of the steps they can take to prevent any potential misuse of their information. Read the rest of this entry »

It is an annual tradition which strays from legal analysis and commentary on this page; posting the wonderful piece, Yes Virginia there is a Santa Claus to brighten up my invariably grey offerings.  I publish it every year, invariably before Christmas (my bad this year).  I publish it because it is, first, wonderful prose.  Crisp, short sentences that get straight to the theme and avoids mawkish sentimentality.  Second, like all good writing, it speaks a truth.  It proudly and unequivocally rejoices in optimism and speaks out against a cynicism (though the piece describes it as a skepticism) which is an ill that hurts the psyche and harms communities.   Third, it is short.  It says what it wants to say as economically as possible and then stops.  Modern commentators are masters of bloviation and repetition. They should read this prose, as well as offerings of Orwell and Waugh to relearn, or sometimes even learn, how to write.

To write as well as Francis Pharcellus Church, the editorial writer at the New York Sun, would be a wonderful achievement.

It has held up very well over the years.

DEAR EDITOR: I am 8 years old.
Some of my little friends say there is no Santa Claus.
Papa says, ‘If you see it in THE SUN it’s so.’
Please tell me the truth; is there a Santa Claus?

VIRGINIA O’HANLON.
115 WEST NINETY-FIFTH STREET.

VIRGINIA, your little friends are wrong. They have been affected by the skepticism of a skeptical age. They do not believe except they see. They think that nothing can be which is not comprehensible by their little minds. All minds, Virginia, whether they be men’s or children’s, are little. In this great universe of ours man is a mere insect, an ant, in his intellect, as compared with the boundless world about him, as measured by the intelligence capable of grasping the whole of truth and knowledge.

Yes, VIRGINIA, there is a Santa Claus. He exists as certainly as love and generosity and devotion exist, and you know that they abound and give to your life its highest beauty and joy. Alas! how dreary would be the world if there were no Santa Claus. It would be as dreary as if there were no VIRGINIAS. There would be no childlike faith then, no poetry, no romance to make tolerable this existence. We should have no enjoyment, except in sense and sight. The eternal light with which childhood fills the world would be extinguished.

Not believe in Santa Claus! You might as well not believe in fairies! You might get your papa to hire men to watch in all the chimneys on Christmas Eve to catch Santa Claus, but even if they did not see Santa Claus coming down, what would that prove? Nobody sees Santa Claus, but that is no sign that there is no Santa Claus. The most real things in the world are those that neither children nor men can see. Did you ever see fairies dancing on the lawn? Of course not, but that’s no proof that they are not there. Nobody can conceive or imagine all the wonders there are unseen and unseeable in the world.

You may tear apart the baby’s rattle and see what makes the noise inside, but there is a veil covering the unseen world which not the strongest man, nor even the united strength of all the strongest men that ever lived, could tear apart. Only faith, fancy, poetry, love, romance, can push aside that curtain and view and picture the supernal beauty and glory beyond. Is it all real? Ah, VIRGINIA, in all this world there is nothing else real and abiding.

No Santa Claus! Thank God! he lives, and he lives forever. A thousand years from now, Virginia, nay, ten times ten thousand years from now, he will continue to make glad the heart of childhood.

For some background the Washington Post’s ‘Is there a Santa Claus?’: How a child’s letter inspired the classic ‘Yes, Virginia’ response.

For Facebook, even more so than Google, 2018 was an annus horribilis, at least on the reputational and branding front.  Wired reports that for Facebook had a bug in September which let third party developers to view photos of 6.8 million Facebook users whether they were shared photos or not.

This of course comes on the back of Read the rest of this entry »

As if the Australian Competition and Consumer Commission report on Digital Platforms Inquiry wasn’t enough of a shot across Google (and others) bow Google has had to admit that Google Plus has had another, as in repeat, privacy flaw.  In October Google admitted a privacy flaw which had affected about half a million Google Plus profiles in the fortnight prior to fixing that problem.  Google admitted that the accounts had been exposed in March 2018.  The flaw was very significant, being the exposure of user’s names, email addresses dates of birth, profile photographs and occupations (amongst other details) to third party app developers through an API Bug.  An API, application programming interface, is a set of  is a set of subroutine  definitions , communication protocols, and tools for building software.  It allows the creation of applications which access the features or data of an operating system, application or other service.    On 10 December 2018 Google admitted to another bug which has affected Google Plus, potentially allowing 52 million user’s personal information to be accessed by third party apps and developers without permission. Google claimed that the flaw was introduced with a software update.  That in and of itself bespeaks as lack of competence.  The problem is Read the rest of this entry »

Nature abhors a vacuum.  That truism tends to apply, eventually, in law as in the natural world.  Gaps in the law that are not filled by regulations are, often with baby steps, attended to by the courts.  Similarly a failure by one regulator to attend to its garden will often find another regulator, with aligned interests, stepping in to carry the weight.  And it is that last circumstance that applies with the ACCC’s preliminary report into Google, Facebook, Australian News and advertising.  Amongst the  11 preliminary recommendations the ACCC proposes at recommendations 8 – 10 increasing privacy protections by amendment to the Privacy Act 1988 to improve notification requirements, strengthening consent requirements, enabling the erasure of personal information, enabling a person to bring an action for breach of the Privacy Act and introducing an action for serious invasion of privacy.  The Information Commissioners’ Office has Read the rest of this entry »

The Supreme Court in Bensons Property Group Pty Ltd v Commonwealth Bank of Australia Ltd & Anor [2018] VSC 666 granted an order for preliminary discovery.  In considering the application the court considered the issues relating to Harman undertakings.

FACTS

Bensons,  a property developer,  engaged the Marcus Group Pty Ltd  “Marcus” as its builder on projects. On 19 April 2018, Bensons received an email, purportedly from the Marcus Group, directing that a payment due to it be made to a Commonwealth Bank of Australia account  (the CBA Account) [5]. On 19 April 2018, Bensons electronically transferred $917,900 to the Relevant CBA Account. As this was not an account maintained by Marcus Bensons was defrauded by person(s) unknown [6].

Bensons reported the fraud to Victoria Police and Read the rest of this entry »