The regulation of privacy and the various governmental agencies involved in some form of regulation or oversight of cyberspace, such as the E Safety Commissioner, has not been a hot button issue in this election.  In fact it has been a non issue.  At least thus far.

The Greens have released a policy calling for the establishment of a Digital Rights Commissioner.  More accurately it is a Human Rights Commissioner for digital rights.  This position will Read the rest of this entry »

The Federal Trade Commission (“FTC”) brought a complaint against InMobi for tracking hundreds of millions of its consumers locations without permission. InMobi represented that it would only track consumers’ locations when they opted in for that function.  In fact the tracking device operated whether there was consent or not.  Worse, the tracking device operated when there was a specific denial of Read the rest of this entry »

A Current Affair has used a data breach to embarrass Westpac in piece titled  Bank Documents which aired on Tuesday night.  Some of the facts are contested and the motivations of the “whistle blower”, Read the rest of this entry »

The Health Sector is complex and data driven.  From a single doctor’s surgery to large teaching hospitals the amount of data collected is enormous.  There is highly sensitive personal information in a patient’s medical file and their financial information with billings details, medicare and health insurance information and employee records.  There is a trove of information kept on site.  Often medical information is Read the rest of this entry »

Fairfax in NAB using Veda to track disloyal business customers going to rival banks reports on NAB being able to track its business customers when they seek out rivals for finance.  It is done by Read the rest of this entry »

In Australia there are two complaints made by those who oppose a statutory right to privacy (and their lawyers), stultifying free expression and the law is adequate as it stands.  Under the first complaint the claim is that the laws of defamation are restrictive enough that a further intrusion would put an intolerable burden on journalists.  The second is that the a claim in equity for breach of confidence coupled with claims in nuisance and trespass and sometimes breach of contract and even misleading and deceptive conduct provides adequate protection.

These arguments are specious and ill informed.  As the Guardian article in Privacy claims reach record level as defamation cases fall away the fact that the UK has developed a misuse of private information claim in equity which is now a tort has not defeated the practice of journalism.  It has given those who wish to take action for a right that has been intruded, use the proper cause of action.  Hence privacy claims are Read the rest of this entry »

In Case note 272681 [2016] NZ PrivCmr 4 the New Zealand Privacy Commissioner considered the issue of misidentification by a credit reporting agency.

FACTS

The Complainant underwent male-to-female gender reassignment surgery and, as woman, changed her name to match her gender.  After the name change, she applied for credit for a number of things, such as hire purchase agreements and home rentals.

The lender checked the Complainant’s information with a credit reporting agency. The agency advised that the woman had previously gone by another name.

The Complainant complained that Read the rest of this entry »

Ransomware is providing itself an equal opportunity attacker.  Health facilities and hospitals have been particularly targeted.  Hospital records are sensitive their use are constant and critical.  They are willing to pay.  Health facilities also have notoriously poor privacy standards, especially in the handling of emails.

But logically there is no good reason why ransomware attacks would not do as well with a profession where records are sensitive and required on a constant basis.  Such as law.  As reported in Law firms held to ransom by cyber criminals  over a dozen Irish law firms have been hit by ransomware attacks in recent weeks.  This is a variation on a theme. Law firms being the subject of some form of cyber attack is nothing new.  In 2009 and 2013 the FBI warned that hackers were targeting law firms.  In 2013 the American Bar Journal highlighted the need to protect data from hackers.

A ransomware attack is Read the rest of this entry »

Apps are an integral part of delivery of services, the collection of and distribution of information.  Having a functional app is a critical part of on line business or just an on line presence.  Governments, non profits and even religious bodies are enthusiastic participants.  Apps are also notorious for their security weakness and general non compliance with data protection laws.  Regulators around the world are concerned about their poor protections.

The European Commission has commenced a consultation process on the safety of apps.  Apps include Read the rest of this entry »

Health information, like that information about one’s sexuality, political and religious beliefs, is highly sensitive.  It is defined in those terms within the Privacy Act 1988. There is an additional obligation upon health providers to maintain confidentiality.  Or one would have thought.  Unfortunately in the United States a practice has developed where health practitioners have retaliated to negative reviews on Yelp by providing responses which involve disclosing confidential information.  This is reported by Prop Publica in Stung by Yelp Reviews, Health Providers Spill Patient Secrets. On any level it is Read the rest of this entry »