A new approach to notice and consent has been around for at least a couple of years now. The Microsoft whitepaper was released late 2012, and several subsequent books by privacy thought-leaders have developed this theme, which makes sense. Individuals ought to be given the opportunity to shape their profiles and to have a role in transactions involving their data, and notice and consent will no longer suffice. Equally, entities that stand to benefit from the information should protect their source if they wish to guarantee the future supply of valuable data.
If this approach is accepted, some of the stories this week indicate that there is still a long journey ahead. Whilst many entities still appear to treat privacy as a compliance issue, and one where boundaries should be pressed, others continue to succeed based on adoption of the new approach. It will be interesting to see how this divide plays out in terms of commercial success. That other old chestnut of balancing the right to information against the right to privacy also gets some play this week in the opinion piece titled “Privacy starts to bite.” To hear all about it and ask your own questions of the experts, make sure you book your place at our Privacy Awareness Week breakfast discussion on 6 May as debate on the Australian Law Reform Commission paper on serious invasions to privacy in a digital age continues.
A safe and very Happy Easter to you all,
CHILDREN’S PRIVACY—HONG KONG
The Privacy Commissioner for Personal Data has welcomed a Hospital Authority pilot program aimed at increasing newborns' safety. The program will don newborn babies with smaller and tighter identification tags, the commissioner's office reports. The tags will set off an alarm if an unauthorized person carries a baby out of the hospital ward. The program comes after an incident last year involving the mix-up of two babies' identities. "The Personal Data (Privacy) Ordinance was enacted to protect the personal data of all living individuals no matter how young they are," Commissioner Roderick Woo said.
The Office of the Privacy Commissioner (OPC) was recently shortlisted for PublicAffairsAsia magazine's international Gold Standard Awards. The OPC is one of three finalists in the "Stakeholder Engagement" category for its Australian Privacy Awards and Medal programs. "The Australian Privacy Awards and Medal are a world first," says Australian Privacy Commissioner Karen Curtis. "It is the first time that a country's privacy regulator has hosted such programs to reward good privacy initiatives in the corporate, not-for-profit and public sectors, as well as acknowledging the work of an individual in the privacy sphere." Privacy lawmaker Michael Kirby also received international recognition in recent weeks when he was named the Electronic Privacy Information Center's 2010 International Privacy Champion.
DATA LOSS—NEW ZEALAND
New Zealand's Accident Compensation Corporation (ACC) is looking into a breach involving thousands of private documents related to workplace injuries, TVNZ reports. ACC has formally apologised for the breach, which involved about 2,000 organisations receiving documents in error in January. ACC General Manager Keith McLea says a full investigation has been requested and steps are being taken to ensure such privacy breaches do not happen in the future. ACC has stated the external mail house handling the reports inadvertently sent information intended for other organisations.
The fallout continues from the launch of Google's new social networking feature, Buzz. The Office of the Privacy Commissioner (OPC) of Canada is investigating the feature to see if it complies with Canadian privacy laws, reports the Sydney Morning Herald. "We have seen a storm of protest and outrage over alleged privacy violations and my office also has questions about how Google Buzz has met the requirements of privacy laws in Canada," Commissioner Jennifer Stoddart said in a statement. Released last week, Buzz has garnered criticism from several privacy interests, prompting a Google product manager to promise certain changes. Despite this, a U.S. law firm has filed a class-action suit against the company claiming similar violations.
There should be no discrimination in Australia on genetic grounds, says Civil Liberties Australia (CLA), which is advocating for national legislation to allow Australians to find out what their DNA reveals without being forced to disclose their genetic test results. CLA points to concerns that disclosure could lead to prejudice on the part of potential insurers and employers. "The Australian government should legislate to protect Australians in such cases," says CLA spokesperson Tim Vines, adding, "we all have a right to use new technology to learn about our personal health situation; we don't want people to be afraid of having tests because they might lose their insurance policies if they don't disclose DNA information."
Australia is moving forward with plans to introduce airport body scanners in 2011 as part of a $200 million funding plan to improve airport security, The Australian reports. While the government has not yet announced the specific scanning technology it will adopt, Prime Minister Kevin Rudd says newer technology that transmits "stick figures rather than fleshier images" could allay some privacy concerns about the scans. Transport Minister Anthony Albanese has promised a consultation with Federal Privacy Commissioner Karen Curtis, who said her office welcomes the opportunity, pointing to such potential concerns as whether scanned images are stored with identifying information.
Facebook has introduced more ways for users to control content, reports the Sydney Morning Herald. The company has extended sharing tools to third-party programs, meaning that users will now be able to which friends see content generated from third party programs, the report states. "There are now granular privacy options that enable you to personalize the audience for each piece of content you share through applications," Facebook engineer Ray He wrote in a blog post. He said the new controls give users the ability to share or conceal third-party-generated content to a greater degree.
Two days after receiving threats over the government's plan to filter Internet information, Parliament's Web site was hit by an apparent denial-of-service attack, CIO reports. Hacking group Anonymous issued a press release on February 8 criticising Australian Telecommunications Minister Stephen Conroy's proposal to require ISPs to filter Web content in an effort to protect children from exposure to online gambling and pornography. "The Australian Government will learn that one does not mess with our porn," Anonymous wrote. "No one messes with our access to perfectly legal (or illegal) content for any reason." Early on February 10 the site was hit by 7.5 million requests per second, rendering it inoperable within a matter of hours.
From social networking to biometrics, every indication is that those who wish to keep their personal information private will be facing an uphill battle, privacy analyst Stephen Wilson writes in an op-ed for the Sydney Morning Herald. Citing criticism of Google for its new Buzz social networking feature, Wilson says the company created an "instant circle of followers from e-mail address books" by using information collected for another purpose. Wilson suggests that without safeguards, information gained through social networking, biometrics and consumer tracking will continually be used for unintended purposes, with potentially dire consequences. "The best way to head off these nightmare scenarios is to invoke fundamental privacy protections at every turn," he writes. "Nobody should collect information about me without a clearly defined need. No information about me should be used for unforeseen purposes without my consent."
Two computing pioneers are recording every aspect of their lives digitally, prompting questions about the potential dangers these "lifelogs" pose to personal privacy, The Times reports. Gordon Bell and Jim Gemmell, both Microsoft researchers, suggest the biological ability to retain memories can be augmented with an electronic memory they call "Total Recall." Proponents tout the ability of storing away mundane information and making interesting facts and experiences easily accessible. Others question whether using Total Recall could lead to a "life without privacy," where authorities could demand access to such memory storage banks. Bell, who has spent years compiling an electronic memory that comprises everything from letters and photographs to biometric data, says, "We need to adapt to reap the benefits."
DATA LOSS—NEW ZEALAND
DATA THEFT—SOUTH KOREA
PERSONAL PRIVACY—HONG KONG