June 30, 2016
The Australian in How Nmap, SuperScan and others make hacking your details easy has a somewhat breathless coverage of how easy it is hack into web sites. The coverage is not particularly new but it is again useful to set out the opportunities available to hackers, usually through the inadvertence or negligence of Read the rest of this entry »
June 29, 2016
Data breaches can occur as easily in the public sector as the private sector. In the public sector the consequences can be particularly worrying. As with the personal details of 112,000 French police officers being put on line according to the BBC report French police hit by security breach as data put online. This is all the more concerning given Read the rest of this entry »
June 25, 2016
The regulation of privacy and the various governmental agencies involved in some form of regulation or oversight of cyberspace, such as the E Safety Commissioner, has not been a hot button issue in this election. In fact it has been a non issue. At least thus far.
The Greens have released a policy calling for the establishment of a Digital Rights Commissioner. More accurately it is a Human Rights Commissioner for digital rights. This position will Read the rest of this entry »
June 24, 2016
The Federal Trade Commission (“FTC”) brought a complaint against InMobi for tracking hundreds of millions of its consumers locations without permission. InMobi represented that it would only track consumers’ locations when they opted in for that function. In fact the tracking device operated whether there was consent or not. Worse, the tracking device operated when there was a specific denial of Read the rest of this entry »
June 23, 2016
A Current Affair has used a data breach to embarrass Westpac in piece titled Bank Documents which aired on Tuesday night. Some of the facts are contested and the motivations of the “whistle blower”, Read the rest of this entry »
June 20, 2016
The Health Sector is complex and data driven. From a single doctor’s surgery to large teaching hospitals the amount of data collected is enormous. There is highly sensitive personal information in a patient’s medical file and their financial information with billings details, medicare and health insurance information and employee records. There is a trove of information kept on site. Often medical information is Read the rest of this entry »
Fairfax in NAB using Veda to track disloyal business customers going to rival banks reports on NAB being able to track its business customers when they seek out rivals for finance. It is done by Read the rest of this entry »
June 15, 2016
In Australia there are two complaints made by those who oppose a statutory right to privacy (and their lawyers), stultifying free expression and the law is adequate as it stands. Under the first complaint the claim is that the laws of defamation are restrictive enough that a further intrusion would put an intolerable burden on journalists. The second is that the a claim in equity for breach of confidence coupled with claims in nuisance and trespass and sometimes breach of contract and even misleading and deceptive conduct provides adequate protection.
These arguments are specious and ill informed. As the Guardian article in Privacy claims reach record level as defamation cases fall away the fact that the UK has developed a misuse of private information claim in equity which is now a tort has not defeated the practice of journalism. It has given those who wish to take action for a right that has been intruded, use the proper cause of action. Hence privacy claims are Read the rest of this entry »
In Case note 272681  NZ PrivCmr 4 the New Zealand Privacy Commissioner considered the issue of misidentification by a credit reporting agency.
The Complainant underwent male-to-female gender reassignment surgery and, as woman, changed her name to match her gender. After the name change, she applied for credit for a number of things, such as hire purchase agreements and home rentals.
The lender checked the Complainant’s information with a credit reporting agency. The agency advised that the woman had previously gone by another name.
The Complainant complained that Read the rest of this entry »
Ransomware is providing itself an equal opportunity attacker. Health facilities and hospitals have been particularly targeted. Hospital records are sensitive their use are constant and critical. They are willing to pay. Health facilities also have notoriously poor privacy standards, especially in the handling of emails.
But logically there is no good reason why ransomware attacks would not do as well with a profession where records are sensitive and required on a constant basis. Such as law. As reported in Law firms held to ransom by cyber criminals over a dozen Irish law firms have been hit by ransomware attacks in recent weeks. This is a variation on a theme. Law firms being the subject of some form of cyber attack is nothing new. In 2009 and 2013 the FBI warned that hackers were targeting law firms. In 2013 the American Bar Journal highlighted the need to protect data from hackers.
A ransomware attack is Read the rest of this entry »