Peter A Clarke

It is enough to make a cat smile how the obvious poor state of cyber defence across the board is breathlessly reported as a revelation, again and again.  And how nothing really changes even though the problem grows worse each year.

The ABC reports in Australia’s cyber defences ‘relatively weak, uncoordinated’, former ASIO boss David Irvine warns in a submission through the Australian Cyber Security Research Institute that that Australia’s ability to counter cyber threats and criminal activity is relevantly week and uncoordinated.  That is not surprising, coming from a former public servant of long standing, the proposal is single Commonwealth led Co operative Agency.  The proposed entity will Read the rest of this entry »

There are limits to legislation criminalising revenge porn, the publication of  revealing or sexually explicit images or videos of a person posted on the Internet without the consent of the subject in order to cause them distress or embarrassment, without providing the victim with an actionable cause of action.  The first limitation is that a complaint to the police may not result in a prosecution.  The burden of proof is much higher.  In some cases proving the accused took the image or posted it may be an issue though in the typical revenge porn scenario that is not common problem.  The other potential problem from the point of view of the victim is that how a matter is dealt with is a matter for the prosecution, whether in the form of a plea and the agreed statement of facts and the submissions on penalty. That is not to say the prosecution are less than professional but matters are resolved all the time.  While the victim may be kept informed the call is always the prosecutions to make.   What is required is an actionable civil claim by victims, in the form of either a statutory or common law basis, under the tort of invasion of privacy.  And that is what is missing in Australian law.  Claims in Australia must rely on equity, breach of confidence and misuse of private information, to bring a civil claim.  That was what Ms Chambers did because at the time of the acts giving rise to her action the Supreme Court had not recognised a tort of invasion of privacy, which it did subsequently.  It is a more complicated and unwieldy form of action which is very much a second best option to a tortious claim.  Australia remains one of the few places in the common law world without a specific actionable right to enforce privacy rights.  It remains a significant gap in the law and a ongoing failure of public policy.

The BBC reports that Chrissy Chambers, described as a Youtube celebrity, brought an action against an ex partner who posted 6 videos on a pornographic site after they broke up, from December 2009 until January 2012.  Ms Chambers found out about the posting in June 2013.  Her efforts to bring criminal charges were unsuccessful, primarily because a criminal offence relating to revenge porn had not been enacted at the time of the posting.   She commenced proceedings in the UK High Court and obtained a settlement involving an undisclosed sum of money, her costs, destruction of images held by the defendant and the copyright to the images Read the rest of this entry »

The mantra by regulators that data which is anonymised can be used for research and published has resulted in significant embarrassment when said anonymisation resulted in re identification. It has spawned a busy subset of academic articles on how this happens and generally advising caution, see for example All or Nothing: The False Promise of Anonymity in the Data Science Journal.

 Re identification occurs were there has been insufficient de identification and the methods of re identifying are generally one or both of pseudonym reversal or by combing data sets.

In Australia the Government introduced the Privacy Amendment (Re-identification Offence) Bill 2016.  If enacted it will prohibit the Read the rest of this entry »