Peter A Clarke

The cynical saying “don’t waste a good crisis” has found plenty of examples of unimpeded and inadequately scrutinised change by governments and businesses.  Here there has been  a solid level of support in governments doing the right thing.  And generally less fractious argument between workers and employers.  The feeling is, we are all in this right so the presumption is that commonweal trumps all, including individual rights.  A dangerous mindset and one that leads to abuse which can be difficult to undo when the crisis passes as the technology is embeded into the work place structure with little to no push back.

The phenomana of employee monitoring is not a unique by product of the COVID 19 lockdown and remote working.  It has been a growing trend for some time.  In 2018 Garnter produced a report, The Future of Employee Monitoring, where it found that in 2018 50% of companies surveyed used some form of non traditional monitoring techniques.  The figure was 30% in 2015.  Gartner predicted that number to be 80% this year. That prediction was done without factoring in the change in workplace arrangements with COVID 19.  There has been a discernible effort by employers to use the technology available to monitor their workers output while working remotely coupled.  A growing list of increasingly sophisticated surveillance tools has lead to an ineffectively regulated and comprehensive means to surveil employees in their home.  This is well described Read the rest of this entry »

When the history of the COVID 19 pandemic is written the chapter on how governments and organisations respected individuals privacy will be grim reading.  The way in which data was collected by businesses at venues was at best sloppy and often times almost criminally negligent. I gave up counting how many scraps of paper or, for some reason, children’s exercise books were left lying around with details of patrons in plain view.  Some of the information sought went beyond names and contact details. Governments went overboard on tracking, to the point where Israel halted police phone tracking because of the privacy intrusion was so great.  The contact tracing app in Australia was oversold as an aid and seriously under performed.  It rarely features in any discussions by, well pretty much anyone.

The Times reports in Contact-tracing data harvested from pubs and restaurants being sold on that data collected to assist contact tracing has been sold on by the establishments that collected that data.  That is a blatant breach of Read the rest of this entry »

Governments love data. All governments and for as long as there have been governments.  The Assyrian empire as long ago as 2025BC developed a buerocracy and kept records about their subjects. The Romans took it to a new level with the census.  And with every new age and development the collection has become more sophisticated.  But there were always costs and inefficiencies in collecting, managing and using data. The East German authorities essentially drowned under the flood of information from informants and the obsessive surveillance of the Stasi.  In the digital age collection, aggregation and use of masses of data has been simplified.  And data can be used more effectively with enhanced computer power and algorithms. And the temptation to interfere with privacy while using data is a constant one for government agencies, especially those chasing revenue. As can be seen in the report  The IRS Is Being Investigated for Using Location Data Without a Warrant which reports Read the rest of this entry »

The United States does not have a comprehensive Data Privacy Legislation.  Most states in the United States have some form of data protection legislation, including mandatory data breach notification laws.  At the Federal level business, in particular those engaged in collecting and selling data, have resisted any attempt to provide some form of regulation on the collection, storage and use of personal information.  The dynamics have changed somewhat in the last two years with the outrageous abuse of personal information by Facebook with Cambridge Analytica, Google’s continuous data avarice and significant data breaches involving millions of individuals personal information.

The US Senate Committee on Commerce, Science, and Transportation held hearings on 23 September 2020 in Washington DC.   The hearing was titled Revisiting the Need for Federal Data Privacy Legislation.  The purpose was described as Read the rest of this entry »

Yesterday and first thing this morning the media was abuzz, with coverage from the Guardian,  the Sydney Morning Herald, the ABC and the Financial Review (amongst many other news outlets) with news of proposed changes to the insolvency laws as embargoed releases were provided to them last night.

The Treasurer revealed the proposed changes to the insolvency laws.  That will significantly affect  professionals who practice insolvency law such as myself.

The Treasurers’ media release relevantly provides:

The 10 page fact sheet is found here and Read the rest of this entry »

Today the Federal Treasurer announced an extension of the temporary amendments to the continuous disclosures obligations under the Corporations Act 2001 until 21 March 2021.

This announcement does not come as a particular surprise to insolvency practitioners.

The release Read the rest of this entry »

After the major data breach at the Australian National University which was probably caused by interference by a state actors one would have thought universities in Australia would review their data security practices, do some stress testing and monitor access points to their databases.  Maybe some did, but it is certain that the University of Tasmania didn’t.  Or didn’t worth a damn.  The Australian, in Serious data breach hits 20,000 Uni of Tasmania students, prompting credit, privacy concerns, reports on a very serious data breach where the personal information of, 19,900, students including their ethnicity, any disabilities and results.  The information was available for accessing by other students between 27 February and 11 August, 2020.  Unlike the data breach at the Australian National University, (see my post here) which involved a sophisticated cyber attack by a foreign player, the source of the data breach was incorrect configuration of settings for the Sharepoint database.

It is interesting, and begs more than a few questions, as to why the University would wait from 11 August, when the data breach was discovered, until 21 September when it was made public and students were notified.  It is longer than the Read the rest of this entry »

Yesterday the Australian Government released a Consultation Paper with the exposure draft of the Data Availability and Transparency Bill 2020 (the “DAT Bill”).

The Consultation Paper is a mere 33 pages.  The exposure draft of the DAT Bill comes in at 104 pages with the explanatory memorandum coming in at a relatively slender 74 pages.  The enactment of the DAT Bill will give rise to consequential amendments which are found in the Data Availability and Transparency (Consequential Amendments) Bill 2020 and accompanying explanatory memorandum.

The consultation period, for comments and submissions, closes at 5pm on 6 November 2020.  Given the breadth and depth of the DAT Bill that is quite a short time frame in the age of COVID.

The road has been smoothed for the introduction of this quite radical, on one view, and transformative, on another, change to the usage of data collected by public agencies.  The interim National Data Commissioner has framed the proposal, in her press release Modernising government data sharing, in terms of being Read the rest of this entry »

The collection and analysis of vast amounts of personal information is the hugely valuable for business, politics and public administration. It has been described as the twenty first century equivalent of what oil was to the twentieth century. It has revolutionised the way business is done and services are provided, for profit and otherwise.  The use of personal information has more dystopian uses, such as  surveillance by states as well as being able to used as part of a cyber campaign.

China is at the forefront of the cyber triaphilia; a keeness bordering on obsession with surveillance, a proficiency in cyber attacking and, finally a willingness and often desire to interfere with other states activities or at least individuals in those states.

Zhenhua Data is a company whose main clients are the Chinese Communist Party and the Peoples Liberation Army.  That is neither here nor there except that the ABC reports in Chinese database collects information on thousands of Australians, from PMs to pop stars it had built up a data base of 35,000 Australians according to a leak of 2.4 million entries in data leaked from Zhenhua Data.  The data base seems to have been built up with information publicly available but also sources which would normally keep that information private.

There has been much hand wringing as to why  a Chinese data firm collect information about a disparate group of people who seemingly have little to do with each other beyond them being public figures to a greater or lesser degree. The answer is quite straightforward.  Most governments Read the rest of this entry »

The Federal Court today dismissed an application by Facebook against a previous ruling granting the Australian Information Commissioner leave to serve legal documents on Facebook USA.

The issue in the application was Facebook contending that it did not carry out business in Australia.

The terms of the application and the supporting affidavit are not publicly searchable, yet. The hearing took place on 6 May 2020.

The orders of Justice Thawley are:

1. The interlocutory application dated 6 May 2020 be dismissed.
2. The written reasons for judgment not be published beyond the parties until further order.
3. The parties have until 12 pm on 16 September 2020 to advise the Court of any orders for redactions sought, together with a concise written explanation as to why those redactions ought be made.
4. Unless any party applies within 7 days for a different order with respect to costs, the first respondent pay the applicant’s costs of the interlocutory application.

The Commissioner had a restrained Read the rest of this entry »