Peter A Clarke

Data breaches are bad enough.  Often disastrous for an organisation and the customers.  They are sometimes caused by hackers breaching sophisticated cyber defences.  Usually they are the product of inadequate protections, out of date programs, poor maintenance and poor understanding of what data security means and woeful practice manuals and a lack of training.  To the extent that data breaches are brought to the attention of the Privacy Commissioner they may be a breach of Australian Privacy Principle 11. The problem is that without mandatory data breach notification it is a matter of good/bad fortune that the Privacy Commissioner finds out about such lapses or intrusions.  That is a flaw in the legislative structure.  In the United States even though there is no Federal mandatory data breach notification laws there are such laws in most of the States and Territories.  if anything the States are increasing their data protections laws, most recently amendment to the Wyoming Data Breach Notification legislation (see bill here).  To show how data breaches have an impact on businesses and consumers read the Cyber angst: Orange County companies zero in on data breaches. Read the rest of this entry »

The New Jersey Law Journal has published a very interesting and illuminating article in Read the rest of this entry »

Yesterday the Privacy Commissioner issued a brief, general and somewhat opaque  statement saying he would “make preliminary enquiries”into the hack of Gemalto which likely resulted in compromise to the SIM cards.  There is a clear privacy implications and it would be caught under the Privacy Act.  It would be Read the rest of this entry »

The mandatory data retention debate is deeply political. The opponents and advocates eye each other off across a great political chasm.  It is not a right v left debate either.  For example Read the rest of this entry »

The Federal Trade Commission in the United States of America and the Information Commissioner’s Office in the United Kingdom are building up a significant number of enforceable undertakings and fines/monetary penalty notices which gives form and substance to the legislative regimes regulating privacy.  Given the Read the rest of this entry »

Social media and more, usually offshore, salacious sites provide a ready means for a spurned ex or malacious current to place unauthorised private sexual photographs or videos of their opposite number on line for the purpose of humiliation and worse.  The moniker given to this invariably hideous and usually cowardly behaviour is revenge porn.

There is a need for some form of protection from authorities.  The impact of this behaviour is significant and longstanding, and usually affects women.  This is clearly seen in Read the rest of this entry »

The World Today story Alleged hack of world’s largest SIM card manufacturer Gemalto could affect Australian mobiles highlights several currents running through the protection of data and privacy.  The first is finding the best way to keep data secure. Technologically encryption is increasingly a minimum requirement.  Privacy guidelines make it clear that encryption of key data is good privacy practice.  However Read the rest of this entry »

The US Federal Aviation Authority (the “FAA”) has just released its long awaited rules on the use of small unmanned aerial vehicles, known as drones to most. On the same day the US President has issued a directive on the use of drones which will place limits on surveillance. The combination of these two developments Read the rest of this entry »

The Privacy Commissioner has just posted his most recent speech, titled Privacy Governance to the iappANZ on 11 February 2015.  The Commissioner’s prose tends to the general and intentions and directions, when voice, are couched in such opaque terms that it would be easier to Read the rest of this entry »

Earlier this week the media became very animated by Samsung’s Smart TV.   As part of its voice recognition facility it has ability to record, store, analyse and share conversations of users within range of the sets. The Samsung TV’s privacy policy makes specific reference to this facility.  The reportage is quite sensational, with one of the most sensible being the AM’s Are new Smart TVs too smart for our own good?

But the emergence of the Internet of Things has long highlighted new and complicated privacy issues.  The Federal Trade Commission highlighted this very recently in its very detailed and useful report, Internet of things; privacy & security in a connected world. The issue is less about snooping TVs but rather the growing ability of many household items to collect data including personal information, process it and for third parties to use it.  This poses a regulatory challenge which is beginning to be considered though far from being met.

The transcript of the AM program Read the rest of this entry »