January 9, 2017
Sometimes a data breach is just the beginning of a company’s problems. As reported in ESEA hacked, 1.5 million records leaked after alleged failed extortion attempt the theft of personal information can be used to make extortion demands. As E Sports Entertainment Association discovered correctly Read the rest of this entry »
January 7, 2017
State governments have been enthusiastic about criminalising surreptitious photography of a sexual nature, in response to the questionable practice of upskirting (taking photographs from shoes or ground level of women’s’ underwear) and revenge porn, the posting on-line of naked or intimate photographs by a spurned ex partner. The use of this legislation is reported on in Doctor fined for filming men in shower, where the accused engaged in utterly appalling behaviour in filming men showering in public bathrooms in Brisbane. The article provides:
Read the rest of this entry »
The National Institute of Standards and Technology (“the NIST”) provides a valuable resource Read the rest of this entry »
December 30, 2016
Early in his presidency, in 2009, President Obama gave sage advice to teenagers about putting their personal information on line. In his own way he repeated the modern truism “what goes on line stays on line”. Put another way, the internet is forever and that includes pictures posted on line. In Australia the right to be forgotten is but a dream held mostly in academic circles.
The Conversation in Think again before you post online those pics of your kids returns to the theme of posting personal information on line, but this time regarding those of children. Putting aside Read the rest of this entry »
December 27, 2016
The privacy problems with drones has long been recognised. I have posted on it regularly (here, here, here, here and here just for a few examples). The Australian has reported in Sharp rise in drone sales ramps up pressure to protect privacy on the Federal Government that the Federal Government has yet again eschewed a strong recommendation to increase privacy protections, in the form of a civil cause of action for breach of privacy. It is a retrograde step. It makes little policy sense and Read the rest of this entry »
December 16, 2016
The Law Council has announced a campaign to assist law firms against cyber threats.
This has been a significant issue overseas for years. I have posted on the subject ( here). It has been and remains a critical issue for law firms. Law firms hold an enormous amount of personal information relating to their clients. They also Read the rest of this entry »
The National Australia Bank (the “NAB”) has form when it comes poor data practices. As a customer of the NAB several years ago, my business banker sent to me another customer’s personal information, loan information and details about an impending investment. Twice. On consecutive days. When I raised the clear breach of the Privacy Act with the Privacy Officer at the NAB the response was defensive when not mealy mouthed. Hardly an example of good data management Read the rest of this entry »
National Institute of Standards and Technology (the “NIST”) has released the second draft of its paper on the De identificatoin of Government Data Sets. Given the recent introduction by the Federal Government of the problematical Privacy Amendment (Re – identification Offence) Bill 2016 it is a timely release. The NIST produces some world class work in the technical standards area. Given the proposed re identification prohibition will involve some considerable technical considerations, as well as determining what is the scope of intent, an element of the offence, this draft and the final product could be a useful resource.
NIST press release provides:
De-identification removes identifying information from a dataset so that the remaining data cannot be linked with specific individuals. Government agencies can use de-identification to reduce the privacy risk associated with collecting, processing, archiving, distributing or publishing government data. Previously NIST published NISTIR 8053, De-Identification of Personal Information, which provided a survey of de-identification and re-identification techniques. This document provides specific guidance to government agencies that wish to use de-identification.
In developing the draft Privacy Risk Management Framework, NIST sought the perspectives and experiences of de-identification experts both inside and outside the US Government.
Future areas of work will focus on developing metrics and tests for de-identification software, as well as working with industry and academia to make algorithms that incorporate formal privacy guarantees usable for government de-identification activities. Collected input will be used to correct technical errors and expand areas that are unclear.
December 14, 2016
The paparazzi shot of Samantha Armytage’s figure and the Daily Mail’s commentary about her undergarments, in particular the location of her panty line, has generated a storm in both the traditional media and on social networks. It prompted Read the rest of this entry »
December 13, 2016
Drone technology is the classic example of where technology speeds ahead of the law. In Australia there has been a general failure of public policy. In the United States of America legislation regulation on the use drones, balancing their social and economic utlity against their potential intrusive and privacy invading capacity. The Federal Aviation Authority has regulated the use of the drones Read the rest of this entry »