Peter A Clarke

The Information Commissioner’s Office (the “ICO”) has imposed another swingeing fine for a breach of the Data Protection Act, on this occasion an NHS Trust publishing the national insurance numbers, dates of birth, religious beliefs and sexual orientation of 6,574 members of its staff on its web site.  As a result the Blackpool Teaching Hospitals NHS Foundation Trust has been fined £185,000.  While the breach was egregious it was inadvertent. Even so, the distinction between inadvertent and deliberate goes more to penalty rather than Read the rest of this entry »

The former High Court justice Michael Kirby has had a very long history with privacy and data protection issues.  He was Read the rest of this entry »

Gumtree has had a data breach of indeterminate proportions last week according to the Hackers steal Gumtree users’ personal details, Gumtree ‘fesses up to breach and personal information leak and Australian Gumtree users targeted in hacking attack, with personal details stolen.

The Government website, Staysmartonline has also highlighted the potential of phishing attacks now Read the rest of this entry »

One of the biggest challenges in privacy and data protection is having staff who use the data being properly trained and applying that training properly.  Having Read the rest of this entry »

The Information Commissioner has fined Kent Police £80,000 for providing the data contained in a woman’s mobile phone to her ex partner’s solicitor.  The solicitor disclosed that information to his client, the woman’s ex partner.  That person happened to be a member of the Kent Police.

On the technical side the case highlights Read the rest of this entry »

The much reported launch of the Australian cyber security strategy by the Australian Prime Minister has data security at its core.  It was attended on a very exciting story of a cyber attack on the Bureau of Metereology last year which infected that agencies computers.  The reportage focused on Australia’s ability to counter attack aggressors but that is only one element of the strategy, and a minor one at that.  The key is protection of personal information, intellectual property, governmental information, national security related data and data that is key to the operation of a modern economy.

The problem from a practical point of view is that the focus on cyber security is an incomplete response if organisations and entities do not meet minimum cyber security standards.  The Privacy Act 1988 and the regulator should Read the rest of this entry »

Australia is yet to have mandatory data breach notification legislation. The Attorney General’s Department has published the submissions it Read the rest of this entry »

The OAIC has announced its program for the Privacy Awareness Week, 15 – 21 May 2016.  Privacy Weeks are part of the activities of most data regulators/privacy commissioners.  In New Zealand it is 9 – 14 May 2016.  Funnily enough the theme for both privacy weeks is “Privacy in your hands.”

The release Read the rest of this entry »

Slate magazine described 2015 as the year of the drone. It was probably being somewhat premature.  The limit to drone use and capability has not been reached.

The use of drones still raises issues and strong opposition with “humans on drones” violence as reported in Read the rest of this entry »

DLA Piper has released its annual Data Protection Laws of the World for 2016.  It is quite a good resource though necessarily general.

It is interesting to see that Australia is Read the rest of this entry »