Typical response in development of privacy law: inaction then incident then rushed over reaction

February 1, 2015

A small drone landed on the grounds of the US White House last week.  It caused a minor splash in the media with all sorts of concerns, mostly overhyped, about security raised.  The coverage did Read the rest of this entry »

Rise of the mini drone article highlights continuing privacy issue and regulatory failure

January 30, 2015

The Australian’s article March of the mini-drones is not a revolutionary piece on this ever developing technology.  The use and uses of drones are growing at a significant rate and far outpacing the regulations and the response times of legislatures to develop coherent and effective regulation.  But this piece also points to the development of consumer drones which are pre programed and can be used autonomously to follow its owner or follow a pre set flight path.  That often involves the drone mounting a camera and taking videos or photos.  As battery life increases along with improved carrying capacity coupled with mounting more sophisticated video and audio devices the privacy invasive capacity grows.  It has the potential to require a review of the law of trespass and, more particularly, nuisance to meet the less savory uses of this technology.

Meanwhile there is a Read the rest of this entry »

The Privacy Commissioner issues Guide to securing personal information

January 28, 2015

The Privacy Commissioner has issued Guide to securing personal information. It has been long awaited. While it will be an important resource for privacy law practitioners as it will guide them in developing processes, spending on the security and setting priorities it is drawn in the broad and sets the regulatory bar quite low when compared to what it could be.  It suffers Read the rest of this entry »

Privacy concerns raised by security experts in law reform process regarding cyber crimes

In Privacy fears in bid to bolster laws for fight against cyber crime the Australian highlights the Governments review of cyber crime legal framework.  Australia is undergoing the same process that the President of the United States has forshadowed.  The problem in Australia is that the existing privacy regulatory structure which interfaces with the any notification law that might arise has incomplete coverage, is quite vague and not actively regulated (to date).  In that environment Read the rest of this entry »

Another drone story…this time involving the White House

January 27, 2015

That drones are causing regulators difficulties is trite. In the USA the Federal Aviation Authority has been working on regulations regarding the commercial use of drones for years.  In Australia the Read the rest of this entry »

WILSON -v- FERGUSON [2015] WASC 15 (16 January 2015): Breach of confidence, privacy, injunctive relief

In Wilson v Ferguson[2015] WASC 15 the West Australian Supreme Court, per Mitchell J, issued an injunction and awarded damages by way of equitable compensation against the Defendant in a claim brought in equity for the misuse of private information.

FACTS

The plaintiff met the defendant in May 2011. Both were employed at Cloudbreak and worked in the same crew [19].  They began to date as boyfriend and girlfriend in November 2012 and after a few weeks the plaintiff moved into the defendant’s home [20]. During their relationship they would send each other photographs of a sexual nature depicting each other naked or partly naked [22] with the defendant initiating the exchange. The defendant also took explicit photographs of the plaintiff with her knowledge and consent [22]  and she also used her mobile phone to take videos of herself nude and, on at least one occasion, engaging in sexual activity [23].

Some time after the videos were taken, the plaintiff Read the rest of this entry »

Ransomeware, data security and compliance with data protection laws

January 25, 2015

The Economist in Your money or your data highlights the increasing use of ransomware which compounds a data breach. The unauthorised access of personal/business information is bad enough but Read the rest of this entry »

Cyber crime and the need for data notification laws

January 24, 2015

In Think of a number and double it  the Economist, in its usual precise and concise fashion, highlights the major public policy challenge of increased data breaches by hacking, a lack of information as to the size of the problem and inadequate regulation in the form of comprehensive and coherent mandatory data breach notification laws.  Data breaches and the use of ransomware are on the rise.  The problem is Read the rest of this entry »

US President announces improved data security in the State of the Union address

January 21, 2015

The Executive branch of the US Government, usually called the President, previously mooted the need for improved data breach notification laws at the Federal level in the wake of the Sony hack.

In today’s State of the Union the President provided Read the rest of this entry »

UK company, Office Holdings Ltd, enters into undertaking after data breach

The UK information Commissioner’s Office has entered into an undertaking with the  shoe retailer Office as a result of a data breach through a hacking attack of Officer’s website.  This resulted in data of over a million customers being exposed.  The breach exposed poor data security practices including unencrypted data base, a patchy record of penetration testing, a deficient privacy policy and poor staff training.  As is common with data breaches investigated by UK and US authorities an investigation of Read the rest of this entry »