Peter A Clarke

Categories

  • Blogs

  • Civil Liberties & rights

  • Current Affairs

  • Data security

  • Legal blogs

  • Newspapers

  • Overseas legal sites

  • Oz Legal

  • Politics

  • Privacy sites

  • Technology

    • Privacy and the importance of encryption

    May 7, 2014

    This week is Privacy Week around the world.  It is then appropriate that Pro Publica has published Privacy Tools: Encrypt What You Can.  The revelations about NSA activities in the last 12 months make it clear that some encryption programes and keys are not foolproof from government agencies but for most users encryption has to be a fundamental plank of a data security framework.  Not just encryption of emails and stored data but encryption of mobile storage devices, especially USB sticks.  The number of unencrypted devices that are lost and data exposed is quite staggering.  As can be the consequences of such a breach.  The legal liability is obvious as is the acute Read the rest of this entry »

    Posted in Privacy | 2 Comments »

    Privacy Commissioner issues a guide to developing an APP Privacy Policy

    May 5, 2014

    As part of Privacy Awareness Week the Privacy Commissioner has released a guide to developing an APP privacy policy.  The Privacy Policy, if drafted properly, should be the cornerstone to a compliance structure under the Privacy Act.  To prepare a privacy policy which actually fulfills the requirements of APP 1 an APP entity will need to understand the nature of the data it collects, uses and discloses, the data flows and how it properly manages that data, including the programs, protocols and training in place.  A privacy policy is not a pro forma where an organisation fills in a gap here and completes a sentence there.  Organisations handle information in different ways, depending on the type of business/activity and the way it has developed over time.  That said some organisations have had professionals offer them a package involving a privacy policy which could only be done in the most general terms.  That misses the point, doesn’t comply with the guide, doesn’t come close to comply with the APPs and has no relationship to the privacy by design concept. The guide makes it clear that more is expected of privacy policies than is commonly the case.  The real impact of the guide is the proactive steps the Privacy Commissioner takes to have organisations meet the minimum standards.  With greater enforcement powers as of March 2014 he will Read the rest of this entry »

    Posted in Commonwealth Privacy Commissioner, Privacy | 1 Comment »

    Next Entries »