Peter A Clarke

Early in his presidency, in 2009, President Obama gave sage advice to teenagers about putting their personal information on line.  In his own way he repeated the modern truism “what goes on line stays on line”. Put another way, the internet is forever and that includes pictures posted on line.  In Australia the right to be forgotten is but a dream held mostly in academic circles.

The Conversation in  Think again before you post online those pics of your kids returns to the theme of posting personal information on line, but this time regarding those of children.  Putting aside Read the rest of this entry »

The privacy problems with drones has long been recognised.  I have posted on it regularly (here, here, here, here and here just for a few examples). The  Australian has reported in Sharp rise in drone sales ramps up pressure to protect privacy on the Federal Government that the Federal Government has yet again eschewed a strong recommendation to increase privacy protections, in the form of a civil cause of action for breach of privacy.  It is a retrograde step. It makes little policy sense and Read the rest of this entry »

The Law Council has announced a campaign to assist law firms against cyber threats.

This has been a significant issue overseas for years.  I have posted on the subject ( here).  It has been and remains a critical issue for law firms.  Law firms hold an enormous amount of personal information relating to their clients.  They also Read the rest of this entry »

The National Australia Bank (the “NAB”) has form when it comes poor data practices.  As a customer of the NAB several years ago, my business banker sent to me another customer’s personal information, loan information and details about an impending investment.  Twice.  On consecutive days.  When I raised the clear breach of the Privacy Act with the Privacy Officer at the NAB the response was defensive when not mealy mouthed.  Hardly an example of good data management Read the rest of this entry »

National Institute of Standards and Technology (the “NIST”) has released the second draft of its paper on the De identificatoin of Government Data Sets.  Given the recent introduction by the Federal Government of the problematical Privacy Amendment (Re – identification Offence) Bill 2016 it is a timely release. The NIST produces some world class work in the technical standards area. Given the proposed re identification prohibition will involve some considerable technical considerations, as well as determining what is the scope of intent, an element of the offence, this draft and the final product could be a useful resource.

NIST press release provides:

De-identification removes identifying information from a dataset so that the remaining data cannot be linked with specific individuals. Government agencies can use de-identification to reduce the privacy risk associated with collecting, processing, archiving, distributing or publishing government data. Previously NIST published NISTIR 8053, De-Identification of Personal Information, which provided a survey of de-identification and re-identification techniques. This document provides specific guidance to government agencies that wish to use de-identification.

In developing the draft Privacy Risk Management Framework, NIST sought the perspectives and experiences of de-identification  experts both inside and outside the US Government.

Future areas of work will focus on developing metrics and tests for de-identification software, as well as working with industry and academia to make algorithms that incorporate formal privacy guarantees usable for government de-identification activities. Collected input will be used to correct technical errors and expand areas that are unclear.

The paparazzi shot of Samantha Armytage’s figure and the Daily Mail’s commentary about her undergarments, in particular the location of her panty line, has generated a storm in both the traditional media and on social networks.  It prompted Read the rest of this entry »

Drone technology is the classic example of where technology speeds ahead of the law.  In Australia there has been a general failure of public policy.  In the United States of America legislation regulation on the use drones, balancing their social and economic utlity against their potential intrusive and privacy invading capacity.  The Federal Aviation Authority has regulated the use of the drones Read the rest of this entry »

The purchase of data in the United States is longstanding and has given rise to a data broking industry.  Under the Privacy Act such Read the rest of this entry »

Privacy regulators release very good and comprehensive guidelines on data protection and  anonymisation and encryption , particularly the Information Commissioner in the United Kingdom. The Fairfax press has published a reasonably good cut down guide on encryption.  It is actually a Read the rest of this entry »

The facts were almost comical.  In February this year a harried social worker gets to her car with a bundle of court documents under her arm.  To get to her keys she puts the documents on the roof of the car.  She opens the door and hops into the car and drives off to her next appointment.  The court documents disappear into the Read the rest of this entry »