Peter A Clarke

The Office of the Australian Information Commissioner has released its annual report today.  It is found here.

It is a voluminous document, which is normal for an agency.  Chapter 7 deals with privacy compliance.  It provides:

The National Institute of Standards and Technology has released drafts of computer security publications.  They are found here.  They cover a range of topics being:

•  Guidelines for Smart Grid Cybersecurity:SP 800-16 Rev. 1 (2nd draft)
• A Role-Based Model for Federal Information Technology / Cyber Security Training (2nd public draft)
  Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) Implementations
• Guidelines on Mobile Device Forensics Read the rest of this entry »

The Information Commissioner’s office has served the North East Lincolnshire Council with a £80,000 monetary penalty as a result of a serious data breach involving sensitive information of 286 special needs children.  Use of unencrypted memory sticks and data cards in phones pose a continuous problem for data security.  In this case the stick, inserted in a laptop at the council’s office, was left unattended and stolen.

The news release (found here) relevantly provides:

The Information Commissioner’s Office (ICO) has served North East Lincolnshire Council with a monetary penalty of £80,000 after a serious data breach resulted in the sensitive information of hundreds of children with special educational needs being lost.

The information was stored on an unencrypted memory stick and has been missing since the 1 July 2011 when the device was left in a laptop at the council’s offices by a special educational needs teacher. When the teacher returned to the laptop the memory stick was gone and it has never been recovered.

The device contained sensitive personal information about the 286 children who attended Read the rest of this entry »

In her last Annual Report (found here) before retiring Ms Stoddart, the Federal Privacy Commissioner, highlights a less than optimum picture of privacy protection by the federal government.

The News release (found here) provides:

Privacy Commissioner’s final report calls for greater care in government handling Canadians’ personal information

Audit of CRA seeks improved safeguards for taxpayer data

OTTAWA, October 29, 2013 — Tabled today in Parliament, the 2012-13 annual report on the Privacy Act is marked by record highs in complaints by Canadians and in reported data breaches by federal organizations. Privacy Commissioner Jennifer Stoddart’s final report before the end of her mandate provides details on investigation findings and privacy trends across federal departments and agencies, and also includes the conclusion of an audit into the privacy practices of the Canada Revenue Agency (CRA).

Recommendations to improve CRA’s protection of Canadians’ personal information

Following numerous reports of privacy breaches involving employees inappropriately accessing taxpayer information in recent years, the Office of the Privacy Commissioner of Canada selected the CRA for an audit under Section 37 of the Privacy Act.

The audit found weaknesses in key privacy and security practices that led to taxpayer information not being protected as it should, with thousands of files being accessed inappropriately for years without detection.

Our Office Read the rest of this entry »

In Fury over eartag ‘spying’ the cause for concern is the proposal of Meat and Livestock Australia to sell to banks and rural lending institutions private information about farmers income.  That can be calculated from that data obtained from the ear tags of their sheep and cattle when they sell stock.

The story provides:

FARMERS are outraged at proposals by Meat and Livestock Australia to covertly sell to banks and rural lending institutions private information.

The farmer’s private information Read the rest of this entry »

In the itnews article Big data linked to inevitable privacy breaches raises the issue of data mining and de anonymisation.  It went to the lengths of seeking comment from the Privacy Commissioner who said Read the rest of this entry »

The UK Information Commissioner has served the Ministry of Justice with a £140,000 monetary penalty after a data breach involving it sending details of all prisoners serving at a Cardiff prison to three of the inmate’s families.

The ICO press release (found here) provides:

MoJ fined £140k following serious data breach

The Information Commissioner’s Office (ICO) has served the Ministry of Justice (MoJ) with a monetary penalty of £140,000 after a serious data breach Read the rest of this entry »

Facebook is the classic example of turning the user into the product.  The data users blithely provide to Facebook is mined furiously and applying alogorhithims turned into advertising gold.  The user doesn’t pay to post his or her heartfelt thoughts, cute pictures of mitsy and how the twins look so cute bathing before bed time (something they may not thank Mum for in 20+ years).  Details from the timeline, likes and dislikes and shopping and personal conquests all become part of the vast array of data that helps advertisers to pitch their product.  Much the same applies to loyalty cards/programs.  In  Priceline to get more than loyalty for insurance the Age reports that Priceline has agreed with ACE Insurance to have the latter promote health insurance to its Sister Club members.  The story provides:

Priceline Pharmacy Read the rest of this entry »

Today the Age published, or republished from the New York Times, an apt article on privacy, Be warned, Orwellian logic has come full circle, on privacy and surveillance in the modern day.

It provides:

In his Read the rest of this entry »

In Doctor suspicious of infidelity installs spyware in wife’s car; lands up in jail the Daily Bhaskar reports on a very suspicious husband who Read the rest of this entry »