February 14, 2017
Dating apps are notorious for both collecting a huge amount of highly sensitive personal information and being the subject of data breaches. Ashley Madison data breach being just the most dramatic instance.
The Privacy Commissioner has issued a dos and don’ts on 4 dating apps, Tinder, Grindr, Happn and Bumble. As far as it goes it is Read the rest of this entry »
The Privacy Commissioner has issued a statement regarding the passage of the Mandatory Data breach notification Bill. The Privacy Commissioner has Read the rest of this entry »
September 4, 2016
The Australian Privacy Commissioner has taken action against Ashley Madison data breach in July 2015 was a sensation. As has the Canadian Privacy Commissioner. They have released joint findings. Joint findings are found here.
It is likely to be an influential findings as the combined report does undertake a detailed analysis of both the facts and the expectations under the various privacy principles. Given the dearth of authorities this will provide valuable guidance.
As with many data breaches/interference with privacy complaints followed up by regulators the initial cause of the breach/interference gives rise to a broader investigation which almost invariably highlights deficiencies in compliance throughout the organisation. It is commonly the case that a breach of security has many causes; out of data software protection, poor protocols, inadequate staff training, excessive data retention far beyond the date when it is usable or relevant to the organisations operations and a lack of understanding as to identity verification.
Ashley Madison, or more accurately its corporate entity Avid Life Media Inc (“ALM”), entered Read the rest of this entry »
June 10, 2016
The Privacy Commissioner issued a statement today announcing that he is investigating a possible breach by the MUA. The media release provides:
The Acting Australian Information Commissioner has opened an investigation into an incident in which personal information about members of the Maritime Union of Australia (MUA) was allegedly disclosed by the MUA to the Glen Lazarus Team (GLT) political party.
The Office of the Australian Information Commissioner will publish a statement about the outcome of this investigation at its conclusion.
The facts are outlined in Read the rest of this entry »
May 17, 2016
The Privacy Commissioner has done what he does best. Another speech. This time for the launch of Privacy Awareness Week.
The speech Read the rest of this entry »
April 21, 2016
Australia is yet to have mandatory data breach notification legislation. The Attorney General’s Department has published the submissions it Read the rest of this entry »
April 20, 2016
The OAIC has announced its program for the Privacy Awareness Week, 15 – 21 May 2016. Privacy Weeks are part of the activities of most data regulators/privacy commissioners. In New Zealand it is 9 – 14 May 2016. Funnily enough the theme for both privacy weeks is “Privacy in your hands.”
The release Read the rest of this entry »
March 16, 2016
The Office of the Australian Information Commissioner (“OAIC”) has announced the creation of a Consumer Privacy Network. It is a forum of Read the rest of this entry »
November 19, 2015
At the annual IaapANZ Summit held yesterday (which I attended) the Privacy Commissioner made his keynote annual speech. Commissioner Pilgrim does provide something of an overview of where the Office has been going and will be going for the next year. The problem generally is that Read the rest of this entry »