Peter A Clarke

The Privacy Commissioner has issued the Privacy Regulatory Action Policy. As far as it goes it is a useful explanation of the gamut of powers available to the Privacy Commissioner.  It tends to the Read the rest of this entry »

From time to time one comes across a piercing analysis which makes what seems shrouded in confusion suddenly clear, what is difficult appear easy and what is complicated, simple.  Unfortunately Read the rest of this entry »

The Australian in Warning on passwords after Russian site streams from private webcams reporrts on a very significant privacy breach with a Russian website accessing various home surveillance devices such as webcams, baby monitors etc.. The breach is attributable to Read the rest of this entry »

The Federal Court, per Perram J, recently considered an application by non parties to affidavit material filed with the court in Dallas Buyers Club, LLC v iiNet Limited (No 1).  It is a useful, and well written, exposition on the principles of open justice and, interestingly, the competing issues in non parties seeking access to affidavit material.   His Honour specifically foreshadowed that there will need to be consideration of the Australian Privacy Principles (the APPs) as privacy concerns have been raised by the Respondent.

FACTS

The Applicant (“Dallas”) is making application for preliminary discovery from the Respondent (“iiNet”) under Rule 7.22 of the Federal Court Rules.  Dallas obtained [4] and identified the IP addresses of persons it claims have been involved in file sharing of the film, The Dallas Buyers Club [3].  The IP address identifies Read the rest of this entry »

At this year’s annual conference of the iaapANZ, which I attended, the Privacy Commissioner gave a speech titled Privacy: the state of play.  Given the gatekeeper role the Privacy Commissioner has in taking action under the Privacy Act it is important to review his pronouncements, even in the broad.  On this occasion he announced the release of regulatory action guide.  That will give an indication of how the Privacy Commissioner intends to use his not so new found powers.  While, as he noted, the Privacy Commissioner has been quite active in issuing determinations (which compared against his predecessors work rate) those determinations were Read the rest of this entry »

The UK Information Commissioner’s office has prosecuted a pharmacist who worked for the South West Essex Primary Care Trust for accessing data, in the form of medical records, of family members, work colleagues and other health professionals.  In certain industries unauthorised access can be a chronic problem, such as Read the rest of this entry »

The UK Information Commissioner’s Office has taken some positive steps in highlighting and dealing with the potentially privacy intrusive activities of drones. The technology is becoming a valuable and necessary Read the rest of this entry »

The Guardian in Facebook updates privacy policy to clarify how it uses data from 1.3bn users  reports on the upteenth proposed change to Facebook’s change to its privacy and sharing policy. This change is for the better, simplifying Read the rest of this entry »

The Age in Fly on the wall: Security footage from Australia shows inside lounge rooms, bedrooms and shops  highlights and the Canberra Times in Canberrans’ privacy compromised in security camera hack both report on on line footage from security cameras being streamed on line for anyone to see.

This seems to have prompted the Privacy Commissioner to Read the rest of this entry »

In Company director fined for illegally accessing mobile phone company’s customer database the UK Information Commissioner’s Office highlights the need for staff to be properly trained to deal with attempts by outsiders to access customer database.  The release relates to the prosecution of a a company director who successfully obtained records of 1,066 customers of  Everything Everywhere which he used as a resource for marketing services of his telecommunications companies.  The methodology was quite typical, masquerade as someone who could credibly have access to passwords and logins, such as a person from IT security.  This type of social engineering is Read the rest of this entry »