Peter A Clarke

The Federal Government’s mooted proposal to have some form of watchdog with the power to issue notices or otherwise require a social media site to take down content that was targeted at and likely to cause harm to children as attracted the concern of Tim Wilson.  In Zdnet’s article Australian government plans rapid content removal for social media Tim Wilson reportedly said there were serious risks Read the rest of this entry »

The Guardian reports in Michaels says it is investigating possible data breach affecting customer cards that Michaels, the biggest arts and crafts retailer, has been subject to a data security attack.

It provides:

Michaels, the biggest US arts and crafts retailer, said on Saturday it was working with federal law enforcement officials to investigate a possible data breach on its systems that process payment cards.

“We are Read the rest of this entry »

The Information Commissioner’s Office has issued a press release about six private investigators who were prosecuted and fined for obtaining personal information from organisations without authority.  The charges were conspiring to breach the Data Protection Act.

The press release (found here) relevantly provides:

Six men who were part of a company that tricked organisations into revealing personal details about customers has today been sentenced for conspiring to breach the Data Protection Act.

Adrian Stanton, 40, ran ICU Investigations Limited in Read the rest of this entry »

Slate in  This Smartphone Is Making Privacy a Priority reports on a new smartphone, Blackphone which is specifically designed to give the user’s privacy priority.

It provides:

The Australian in Industry in dark on privacy law (found here behind the paywall) reported on 21 January 2014 on the poor state of preparedness of many organisations in complying with the amendments to the Privacy Act when they come into force on 12 March 2014.

The article provides:

HALF of all organisations are not even aware of amendments to the Privacy Act that could see fines of about $1.7 million imposed when it comes into effect next month.

IT vendors and privacy advocates Read the rest of this entry »

The CR Code registered today will come into effect on 12 March 2014.

It Read the rest of this entry »

The Privacy Commissioner registered the Credit Reporting Code today, 22 January 2014.  The relevant OAIC page is found here. The PDF of the 47 page CR Code (with some scrambling on the first page) is found here.

The FTC has issued a press release announcing settlement with 12 companies who were caught falsely claiming compliance with the US – EU Safe Harbor Framework.  The nub of the problem was the companies claimed they held current certification where they had not.  Some of the companies are quite well known, including Bit Torrent Inc and the Atlanta Falcons, an NFL franchise.

The Safe Harbor Framework is Read the rest of this entry »

Encryption of data is a fundamental part of protecting personal information stored by an agency or organisation.  Or at least it should be.  Keeping data in the clear form makes the work of a hacker easier once he or she breaks into a system.  Data breaches should be avoided by having up to date and suitably effective systems.  Even so they happen. In that case mitigating loss is important.  It is certainly an important factor privacy commissioners look at when assessing the steps taken to maintain data security.  But what if Read the rest of this entry »

In its Annual Security Report 2014 (found here) Cisco notes that businesses that allow staff to use their own mobile devices for work purposes face challenges in ensuring the organisation’s data  are secure.  Stealing data is becoming easier.

Some of the findings of of the long but very interesting report are that:

• the more smartphones, tablets, and other devices perform like traditional desktop and laptop computers, the easier it is to design malware for them.
• security teams Read the rest of this entry »