Peter A Clarke

In Security 101: Top tech tips to stay safe the Age sets out in broad overview some security tips taken from the Tech Leader’s Forum.  As a starting point it is not a bad article. But it is only a start.  Organisations need to Read the rest of this entry »

The Guardian in Asylum seekers’ identities revealed in Immigration Department data lapse reports on the release of 10,000 adults and children by the Immigration and Border Protection and describes it as one of the most serious privacy breaches in Australia’s History.  That represents details of about a third of all asylum seekers.  By any measure it is an extraordinary lapse. It will be interesting to see how the Privacy Commissioner.  Read the rest of this entry »

There have been a steady but not overwhelming number of stories in the broadsheet press (including the Australian Financial Review) regarding the impending changes to the Privacy Act.  In the Australian’s New principles offer a point of difference the impact of the changes are again highlighted.  The impact of this fairly muted publicity has been such that within the business community there is only a reported 50% compliance rate at this stage.  That is a concern.  The other concern Read the rest of this entry »

In one calendar month the amendments to the Privacy Act take effect.  For those organisations covered by the Act and non compliant the impact could be significant.  The Commissioner will have powers Read the rest of this entry »

In a constantly changing world there are a few certainties.  One is that the Victoria Police LEAP database will continue to be abused with personal information of Victorians accessed without authorisation and, occasionally (or more often), leaked to those who find such information invaluable; criminals, private investigators and unscrupulous debt collectors to name just a few usual suspects.  In Cops still using LEAP database to snoop on people the Herald Sun today reports that the more things stay the same the more things stay the same. Breaches of the LEAP database has previously been reported by Read the rest of this entry »

Data security is a key issue in the regulation of privacy.  Security from hacking is the prominant issue for web sites.  Direct attacks can be difficult to protect against but not as complex as third party access.  In Contractor creds used in Target hack itnews reports that the massive breach of Target’s data occured because of stolen log credentials of a third party, an air conditioning contractor.  Net result a loss of records of 110 customer payment cards and personal records.  This poses a dilema for large organisations which use third parties, often smaller operations with less sophistacted IT system and protection.  The changes to the Privacy Act in March requires organisations to maintain adequate security.  Take reasonable steps in fact. If an organisation is concerned about the security of its contractors it will have to take steps to restrict their access to its site or require the contractors to upgrade their security.  The consequences of a Read the rest of this entry »

Even though the article is titled Internet privacy: how Australia’s new laws will work the Guardian piece is, properly, about the general changes to the Privacy Act.  In my recent experience the reaction from those who should be most concerned about making sure they are compliant is a weary “meh”.  Almost as if – it wasn’t a problem in the past why should it be a problem into the future.  The analysis is flawed of course.  Previously the Privacy Act had little impact on businesses covered by it because the powers available to the Privacy Commissioner were very limited and any exposure to penalty so slight as to be almost academic.  As of 12 March the regulatory landscape will change from peaceful meadows to tangled weeds and steep cliffs for organisations Read the rest of this entry »

Forbes reports that Mark Zuckerberg’s apparent softening on privacy, at least as far as supporting anonymity, in  Zuckerberg’s Embrace Of Anonymity Marks Shift In Attitudes Toward Privacy.  It may be a nuanced change but a step, even if of the micro variety, is to be welcomed.  As the article ponders, the proof is in the eating.

The article provides:

In an interview with Bloomberg BusinessWeek on Thursday, Facebook CEO Mark Zuckerberg admitted that he thought it was “somewhat of a burden” if you are “always under the pressure of a real identity.”

If anyone else had said something so obvious it would be completely unremarkable.  But coming from the same person who once threatened “the age of privacy is over” and having Read the rest of this entry »

The Guardian in Microsoft, Facebook, Google and Yahoo release US surveillance requests reports on a slight but important increase in transparency about data given to US Surveillance agencies pursuant to secret court orders.  A small start in getting more transparency which is Read the rest of this entry »

Reports of data breaches are coming thick and fast.  Many instances highlights the need for data security to deal with hackers.  And there are data breaches caused by humans.  Which is what happened in South Korea In Card Sharps the Economist reports on how an IT contractor allegedly stole personal information of around 20 million individuals held in 104 million accounts.  All with the use of a USB Stick.  The soon to be enforceable Australian Privacy Principles make it clear that there needs to be proper data security, both technical but also training, programs and processes involving staff.  Errors or theft by staff, either permanent or contractors, are a major source of problems in maintaining data security.  Organisations after implementing processes fail Read the rest of this entry »