Tag: privacy

1
EU Court of Justice Invalidates Privacy Shield
2
“The best of its kind anywhere in the world today”: COVIDSafe among the safest tracing apps globally, study finds
3
Privacy Professionals download COVIDSafe App
4
It’s Trace Time! The COVIDSafe App is open for business – Part II
5
Zooming In: “Zoom’s” Significant Privacy and Data Security Risks brought to Light Again (and Again)
6
Not So Zoomy: Use of Videoconferencing Technology “Zoom” on the Rise, but Privacy and Data Security Inadequacies suggest Users should Tread Carefully
7
Privacy in the time of COVID-19
8
Uniformity of Law II: NSW Government pledges to introduce Mandatory Data Breach Reporting in respect to State Government Agencies
9
This is your digital life (of no consent or control): The Australian Information Commissioner takes Facebook to Court
10
Front and Centre: Privacy makes Front-Page, without a breach!

EU Court of Justice Invalidates Privacy Shield

By Cameron Abbott, Claude Etienne-Armingaud, Rob Pulham, Michelle Aggromito and Keely O’Dowd

On the morning of 16 July 2020, in a significant decision of the Court of Justice of the European Union (CJEU), the Privacy Shield was held to be invalid.

Read More

“The best of its kind anywhere in the world today”: COVIDSafe among the safest tracing apps globally, study finds

By Cameron Abbott, Warwick Andersen, Rob Pulham and Rebecca Gill

In some positive news about the Federal Government’s COVIDSafe app, the University of Adelaide’s cybersecurity experts have assessed the Australian contact tracing app to be one of the best and safest among 34 apps used globally to track and trace COVID-19 cases.

A team from the University’s School of Computer Science made the judgment in a study which assessed Android versions of 34 of the world’s COVID-19 contact tracing apps for security and privacy vulnerabilities.

Read More

Privacy Professionals download COVIDSafe App

By Cameron Abbott, Warwick Andersen, Rob Pulham, Michelle Aggromito and Allison Wallace

A number of legal professionals, with significant experience in the field of privacy law, have signed an open letter to encourage individuals to download the Commonwealth Government’s COVIDSafe App.

Among the privacy lawyers are members of K&L Gates own Australian privacy team (and the authors of this blog post) Cameron Abbott, Rob Pulham, Warwick Andersen, Michelle Aggromito and Allison Wallace.

The open letter is signed by members in their personal capacity, and signals that people who care about privacy a lot can still think that supporting the health and economic objectives of the App is more important at this time.

As at the date of this post, more than 5 million people have downloaded the App, with more needed to reach the Commonwealth Government’s target of 40% of the Australian population.

It’s Trace Time! The COVIDSafe App is open for business – Part II

By Cameron Abbott, Warwick Andersen, Rob Pulham and Michelle Aggromito

In Part I of this blog, we briefly touched on some of the safeguards that the Commonwealth Government has indicated that they will implement to address privacy concerns. Those proposed new safeguards are intended to satisfy many of the privacy concerns. However, there are additional safeguards that have been implemented in connection with the functionality of the App, which we focus on in Part II here.

Read More

Zooming In: “Zoom’s” Significant Privacy and Data Security Risks brought to Light Again (and Again)

By Cameron Abbott, Warwick Andersen, Rob Pulham, Allison Wallace and Max Evans

It hasn’t even been 10 days since our previous Blog on Zoom, which highlighted a number of privacy and data security issues prevalent in the use of the popular telecommunications software, and already further privacy issues have been alleged. Let’s put these allegations under the magnifying glass:

Disclosure to Facebook: Even If You don’t have an Account

Firstly, Vice reports that the iOS version of the Zoom app transfers analytics data to Facebook, even if Zoom users don’t have a Facebook account, without disclosing as such in its Privacy Policy.

Read More

Not So Zoomy: Use of Videoconferencing Technology “Zoom” on the Rise, but Privacy and Data Security Inadequacies suggest Users should Tread Carefully

By Cameron Abbott, Warwick Andersen, Rob Pulham and Max Evans

As the world grinds to a halt following the perpetuation of COVID-19, more and more businesses have turned to remote work arrangements. This has led to a sharp rise in the use of videoconferencing technology Zoom. However, as the Australian Financial Review notes, flawed data security and privacy practices mean that the use of Zoom could be disastrous for corporate and personal privacy.

Concerns surrounding the use of Zoom arose earlier this year, with critical security vulnerabilities enabling hackers to predict Meeting ID’s and therefore join active meetings, and also allowing any website to forcibly join a user to a Zoom call with their video camera activated and without the user’s permission. Whilst a number of these errors were patched up, as the article notes, Zoom refused to disable the ability for hackers to forcibly join to a call anyone visiting a malicious site, raising security red flags and undermining public confidence in Zoom’s attitude towards data security. A strange response given that part of its attraction had been a perceived stronger approach to security.

Read More

Privacy in the time of COVID-19

By Cameron Abbott, Rob Pulham, Michelle Aggromito and Rebecca Gill

Nothing can stop us from talking about privacy, including a pandemic! Yesterday, the Office of the Australian Information Commissioner (OAIC) issued guidance on the collection, use and disclosure of personal information during the COVID-19 pandemic (Guidance). 

It mainly serves as a reminder to organisations that even in these pressing times, they must comply with the Australian privacy regime. However, it also highlights what organisations can collect and do with personal information for the purposes of preventing and managing the spread of COVID-19.

Read More

Uniformity of Law II: NSW Government pledges to introduce Mandatory Data Breach Reporting in respect to State Government Agencies

Cameron Abbott, Warwick Andersen and Max Evans

Following on from the consultation opened by the NSW Government in July 2019 (the subject of a previous blog), NSW Attorney-General Mark Speakman has committed to introducing a mandatory data breach scheme, according to an article by ITNews.

At present, neither NSW privacy laws nor the notifiable data breach scheme under Part IIIC of the Privacy Act 1988 (Cth) require public sector agencies in NSW to notify the NSW Privacy Commissioner and affected individuals where a data breach creates a risk of serious harm. This led to a consultation conducted by the Department of Communities and Justice in late 2019, which revealed “overwhelming public support” for the introduction of a mandatory data breach scheme in NSW, with the NSW Government “sharing a view” that the relevant scheme should be introduced.

Read More

This is your digital life (of no consent or control): The Australian Information Commissioner takes Facebook to Court

By Cameron Abbott, Rob Pulham and Rebecca Gill

In a first for Australia, the Australian Information Commissioner (Commissioner) has launched proceedings in the Federal Court of Australia, seeking penalties against Facebook for serious and/or repeated interferences with privacy. The contraventions relate to the conduct disclosed by the Cambridge Analytica scandal, which involved the This is Your Digital Life app (App). We’ve previously blogged about the App here.

It is unclear how the penalties will be calculated in this proceeding. The penalty rate applicable to the relevant period (being from March 2014 to May 2015) is a maximum of $1.7 million. Some have suggested that fines may be in the billions if the maximum rate is applied to each individual affected as a single “contravention” (with possibly over 300,000 contraventions in total!). This may be fun to calculate, but highly unlikely to be applied in reality.

Read More

Front and Centre: Privacy makes Front-Page, without a breach!

By Cameron Abbott, Warwick Andersen, Rob Pulham and Max Evans

Privacy lawyers have been waiting for this day for years (some of us decades). Privacy is on the front page of the Sydney Morning Herald and the Age, despite there being no actual data breach. According to the article, Alinta Energy, one of the Australia’s biggest energy companies, is putting the privacy of its over 1.1 million retail gas and electricity customers at risk through poor privacy protections and a lack of proper oversight.

While this is an interesting piece of investigative journalism, what is really interesting is that privacy is now newsworthy even in the absence of a data breach.  It has been a long time coming but it seems society now rates privacy as front page news.  As our lawyers have already been pointing out in giving presentations this year – privacy has finally hit the big time!

Copyright © 2019, K&L Gates LLP. All Rights Reserved.