ANZ Dashboard Digest

A new approach to notice and consent has been around for at least a couple of years now. The Microsoft whitepaper was released late 2012, and several subsequent books by privacy thought-leaders have developed this theme, which makes sense. Individuals ought to be given the opportunity to shape their profiles and to have a role in transactions involving their data, and notice and consent will no longer suffice. Equally, entities that stand to benefit from the information should protect their source if they wish to guarantee the future supply of valuable data.

If this approach is accepted, some of the stories this week indicate that there is still a long journey ahead. Whilst many entities still appear to treat privacy as a compliance issue, and one where boundaries should be pressed, others continue to succeed based on adoption of the new approach. It will be interesting to see how this divide plays out in terms of commercial success. That other old chestnut of balancing the right to information against the right to privacy also gets some play this week in the opinion piece titled “Privacy starts to bite.” To hear all about it and ask your own questions of the experts, make sure you book your place at our Privacy Awareness Week breakfast discussion on 6 May as debate on the Australian Law Reform Commission paper on serious invasions to privacy in a digital age continues.

A safe and very Happy Easter to you all,

Emma Hossack
President
IAPP ANZ

Top Australia and New Zealand Privacy News

RFID—CHINA

“Octopus” Card’s Reach into China Raises Concerns (March 31, 2010)

Stored-value cards widely used by Hong Kong residents to pay for everything from subway rides to fast food may soon reach mainland China, Reuters reports. The Hong Kong-based company Octopus is reportedly hoping Chinese citizens will use its cards for other services as well, as many Chinese municipalities want them to include medical records and benefits status that can be recalled upon swiping the cards. There are privacy concerns around the plan as well, the report states, as the cards would also store social security and birth registration data that could help officials enforce China's one-child policy and control citizens' movements.
Full Story

ONLINE PRIVACY

Global Data Protection Law Needed for Cloud (March 29, 2010)

European leaders are calling for a worldwide agreement on data protection to address data security weaknesses related to cloud computing, ComputerWeekly reports. Speaking before an international audience of 300 cyber law experts at the Council of Europe, Francesco Pizetti, president of Italy's data protection authority, said when it comes to the cloud, "It is not possible to continue to guarantee the protection of citizens' data without very strong international rules accepted by all countries around the world." Meanwhile, Udo Helmbrecht, executive director of the European Network and Information Security Agency (ENISA), said the agency is seeking European regulation to require cloud providers to notify customers about security breaches.
Full Story

SOCIAL NETWORKING

Facebook Privacy Changes, “Places” Feature Raise Concerns (March 29, 2010)

Facebook's announcement of changes to its privacy policy--including amendments permitting the site to share data with "pre-approved" third-party Web sites--and plans to add a new "places" feature to allow users to add their locations to their pages--are raising privacy concerns. The Financial Times reports that the privacy policy changes would allow sites to receive Facebook user information, including "names, profile pictures, gender, user IDs, connections and any content shared using the Everyone privacy setting," and potentially retain that information "to the extent permitted" under the third-party sites' policies. Marc Rotenberg of the Electronic Privacy Information Center (EPIC) said Facebook is "pushing the envelope," and EPIC is considering bringing a new complaint before the Federal Trade Commission. (Registration may be required to access this story.)
Full Story

SOCIAL NETWORKING

Photo Tagging, Employee Tracking Raise Privacy Concerns (March 25, 2010)

In the wake of announcements that Swiss and German privacy authorities are examining whether the world's largest social networking site is infringing upon personal privacy by allowing its users to post content such as photos and e-mail addresses of other people, the Los Angeles Times reports that a Facebook spokeswoman said regulator reviews are a fairly standard practice. "We believe that Facebook's privacy features respect and are consistent with privacy laws, regulations and policies around the world, as well as, importantly, users' expectations and needs," she said. Meanwhile, a U.S. company has announced the creation of Social Sentry, a new program companies can use to automatically monitor their employees' public activities on social networking sites.
Full Story

ONLINE PRIVACY—U.S.

Should Medical Professionals Examine Their Patients’ Online Lives? (March 24, 2010)

In an essay for the Harvard Review of Psychiatry, three doctors explore the potential benefits and the privacy pitfalls of a practice they call "patient-targeted Googling." The Wall Street Journal reports that authors David Brendel, Benjamin Silverman and Brian Clinton not only point out how such a practice can be beneficial, such as in emergency cases where patients are unconscious, but also caution that some are motivated by "curiosity, voyeurism and habit." In their paper, the three doctors have outlined a framework to help medical professionals decide whether to conduct such searches. Brendel points out that while some say "absolutely it should never be done; it's a breach of privacy," others suggest the data "is in the public domain, and it may be information that is clinically relevant." (Registration may be required to access this story.) (See related story on "The ethics of 'Googling' someone" from the December 2009  issue of the IAPP member newsletter, the Privacy Advisor.)
Full Story

DATA PROTECTION—ASIA

$1M to Build Asian Privacy Watchdog (March 23, 2010)

The Canadian International Development Research Centre has awarded a $1 million contract to civil rights group Privacy International for the establishment of an Asian privacy monitoring and awareness regime, reports ComputerWeekly. The effort will monitor threats to citizen privacy and raise awareness about the need for privacy in the digital world, the report states. Asian countries to be involved include Bangladesh, India, Malaysia, Pakistan, the Philippines and Thailand. A 2009 Privacy International report on the region found "a mounting level of concern about telemarketing, the abuse of databases and financial information, identity fraud and other privacy-related issues."
Full Story

HEALTHCARE PRIVACY—AUSTRALIA

Concerns over Privacy May Further Delay E-Health System (March 22, 2010)

The electronic patient identifier system may be delayed until after the election due to concerns over security and privacy, the Sydney Morning Herald reports. Victorian Privacy Commissioner Helen Versey and University of NSW Prof. Graham Greenleaf are among those calling for amendments to the legislation. E-health advocates, meanwhile, point to privacy breaches and healthcare mistakes with the current paper-based system in supporting the new plan. Chief clinical adviser Dr. Mukesh Haikerwal contends it is being derailed by those who "are out defending the privacy of the agenda to the exclusion of all thought of benefits to the individual brought about by better healthcare.''
Full Story

HEALTHCARE PRIVACY—AUSTRALIA

Health ID Bill Delay is Good for Privacy, Some Say (March 18, 2010)

Following a week of testimony and a report by the Senate Community Affairs Committee recommending the Healthcare Identifiers Bill's adoption, the Senate's consideration of the proposed bill will not take place until budget day on 11 May, The Australian reports. "I'm really pleased the government is not going to try and steamroller this one," said Prof. Graham Greenleaf, co-director of the Cyberspace Law and Policy Centre at the University of NSW, adding the bill should not move forward "until the whole package for electronic health records legislation is put before Parliament." Meanwhile, Australian Medical Association President Andrew Pesce has cautioned, "Most of the privacy concerns are not covered by this bill and will need to be dealt with in future legislative or administrative arrangements for e-health records themselves."
Full Story

PERSONAL PRIVACY—QUEENSLAND

Commissioners, Former AG Warn of ID Scanning Abuse (March 18, 2010)

While the Law, Justice and Safety Committee has issued a report encouraging the use of ID scanner systems that would allow pubs and clubs to share patrons' information in an effort to deter alcohol-related violence, former Attorney General Dean Wells is warning that such systems could be "disastrous." The Brisbane Times reports that Wells points to concerns for patrons such as the potential creation and sale of blacklists. Queensland Information Commissioner Julie Kinross agreed, the report states, saying "fundamental human rights, including privacy rights, should not be eroded by the use of ID scanning." Australian Privacy Commissioner Karen Curtis, whose office is in the process of investigating specific cases of ID scanner use, said any implementation of a shared ID scanning system will need to be strictly legislated.
Full Story

HEALTHCARE PRIVACY—NEW SOUTH WALES

NSW Slated To Be First for Health IDs (March 18, 2010)

In the midst of discussions on privacy concerns, it has been announced that New South Wales hospital patients will be the "guinea pigs" for the national rollout of the government's plan to introduce e-health records, The Australian reports. During a recent Senate inquiry into the plan, National E-Health Transition Authority chief executive Peter Fleming said that "the program in NSW would potentially encompass 4.5 million within 18 months." Meanwhile, the National Health and Hospitals Reform Commission suggested that rather than create a national health IT infrastructure, the government should "regulate privacy and technical standards" while technology firms develop products that suit consumers and healthcare providers alike, the report states.
Full Story

HEALTHCARE PRIVACY—AUSTRALIA

Medicare Confirms 70 Privacy Breaches in 2009 (March 18, 2010)

Medicare Australia has confirmed that 70 substantiated privacy breaches were found during investigations of employees suspected of unauthorised access into client records, The Australian reports. Sheila Bird of Medicare Australia provided information during a recent Senate hearing that 1,058 cases had been investigated since 2006, with 54 percent of those found to be instances of unauthorised access, the report states. Bird said disciplinary measures have included "a rap over the knuckles, demotion, fines and dismissal." Roger Clarke of the Australian Privacy Foundation said the apparent scope of the breaches has "frightening implications" for the federal Healthcare Identifiers Bill.
Full Story

PRIVACY—HONG KONG

Privacy Commissioner Looks Back on Five-Year Term (March 18, 2010)

As Privacy Commissioner Roderick Woo prepares for the end of his term, he is looking back on the accomplishments of the past five years and offering advice for the next commissioner. In a personal statement published on the Privacy Commissioner for Personal Data Web site, Woo writes that he hopes the government will appoint a successor "who cares passionately about the protection of personal data privacy" and knows "how to balance privacy right with other competing rights and the public interest." Looking to the future, Woo said he hopes the new commissioner will continue to build a "new culture within the community where people's privacy is given due respect" while "maintaining Hong Kong's reputation as Asia's only independent privacy authority..."
Full Story

PRIVACY

Creativity is Essential in Facing New Privacy Challenges (March 18, 2010)

When it comes to addressing the new challenges arising from rapidly developing technologies, Canadian Privacy Commissioner Jennifer Stoddart is urging privacy professionals to be more creative and strategic than ever before. "Increasingly, those responsible for privacy within organizations need to think outside the box," said Stoddart, who was participating in a panel discussion as part of the International Association of Privacy Professionals (IAPP) Tenth Anniversary Celebration in Washington, DC. "My message to privacy professionals is that they need to go beyond the strict requirements of the law," she said, urging them to ask the question, "What do we need to do to respect people's privacy and minimize the intrusion on that privacy?"
Full Story

GEO PRIVACY

Location-Based Services Have Privacy Implications for Businesses and Individuals (March 18, 2010)

The potential for location-based services to cause embarrassment goes beyond revealing secret affairs and exposing children to parental scrutiny, BBC News reports. Citing the decision by some users to post their locations in their social networking profiles as well as services that "exploit geolocation of IP addresses and the GPS built into our smartphones," the report warns of potential negative implications for individuals and businesses alike. "Perhaps once companies start losing work because their employees are leaking all sorts of potentially embarrassing information about their movements, meetings and opinions on clients," the report states, "we will see some serious pressure on the service providers to offer more nuanced and effective privacy controls."
Full Story

PRIVACY LAW—U.S.

Settlement Approved, Foundation to be Established (March 18, 2010)

A federal judge has approved Facebook Inc.'s settlement of a lawsuit related to its Beacon service, Bloomberg reports. Yesterday, U.S. District Court Judge Richard Seeborg in San Jose ruled that the settlement, which will see Facebook establish a privacy foundation, is a better use of the funds than distributing them among the 3.7 million people represented in the class action. Some had objected to the proposed settlement, questioning the fact a charity, rather than class members, would benefit, and suggesting that because Facebook would establish the foundation, it would be "paying itself." But in yesterday's ruling, Judge Seeborg said, "there is no persuasive showing that the foundation will be a mere publicity tool for Facebook."
Full Story

PRIVACY

The Future of the Privacy Profession (March 17, 2010)

At the IAPP's tenth anniversary celebration yesterday, experts offered insight on the future of the data protection field and those who work in it. The privacy professional of the future must be agile, multicultural and engaged in the technologies that are stirring privacy debates, said a panel of seasoned privacy pros. In a moderated forum at the National Press Club in Washington, DC, panelists discussed the growth and evolution of the privacy field over the past decade and offered a sneak peak at what it will look like in the year 2020. Picture this: acrobatic regulators, data protection in the mainstream and, potentially, an ethical code for privacy professionals.
Watch online

SOCIAL NETWORKING—U.S.

Internet Can Be Treasure Trove for Data Miners (March 17, 2010)

Even if you decide not to share your personal information online, your friends and colleagues may be doing it for you, the New York Times reports. While social network users can adopt strict privacy controls, that is often not enough to protect their personal information "in the interconnected world of the Internet," the report states. Researchers like Ralph Gross and Alessandro Acquisti, who will be a featured presenter at the IAPP Global Privacy Summit in April, have shown just how much information can be gathered by "data mining" the Internet. The two Carnegie Mellon researchers were able to accurately predict Social Security numbers for 8.5 percent of those born in the United States between 1989 and 2003. The FTC is exploring these and other online privacy issues at its third and final roundtable today. (Registration may be required to access this story.)
Full Story

ONLINE PRIVACY—SWEDEN

New Company Manages Your Online Life After Death (March 16, 2010)

For those who have ever wondered what will become of their social networking pages and photos or their online games, posts and blogs after they pass away, a Swedish online company may have the answer. Lisa Granberg and Elin Tybring's new company, Webwill, solves the problem of what happens to that content when family or friends are unable to access or delete social networking profiles after the loss of a loved one, Deutsche Welle reports. "You create an account and tell us which online services you use, and what changes we should make after your death," Granberg says. "...Once we're informed of your death, we execute your digital will, so to speak."
Full Story

PRIVACY LAW—NEW ZEALAND

Law Commission Weighs in on Do-Not-Call Registry, Breach Notification (March 15, 2010)

The Law Commission is accepting public comments until April 30 on its 500-page report detailing the results of its examination into how the nation's privacy laws could be tightened. The commission looked at privacy concerns associated with direct marketing, data breaches, cloud computing, Web 2.0, social networking, radio frequency identification and biometrics, according to Stuff.co.nz. The commission views the creation of a do-not-call registry as "an efficient, user-friendly remedy" for citizens who do not want to be solicited by phone, but offers a less "firm view" on the possibility of a data breach notification requirement, another subject discussed in the report.
Full Story

PERSONAL PRIVACY

Mobile Phone for Employers? (March 12, 2010)

A Japanese company has created a mobile phone capable of tracking its users' physical movements, BBC News reports. KDDI Corporation has developed phone technology capable of deciphering precise movements such as scrubbing, sweeping and walking, for example. KDDI plans to sell the phone to managers, foremen and employment agencies, the report states. Some say it introduces an increased opportunity for abuse. "...There will surely be negative consequences when applied to employee tracking or salesforce optimization," said the director of the International University of Japan's mobile consumer lab.  
Full Story

PERSONAL PRIVACY

Billboards That Read You (March 12, 2010)

The Telegraph reports on a new facial recognition technology being developed by Japanese electronics company NEC. Similar to that seen in futuristic films, the digital billboard technology comprises small cameras and flat-panel monitors that analyze the age and gender of individuals that pass by in order to tailor advertisements. The longer a person lingers, the more accurate the data. NEC's vice president of strategic alliances acknowledges that privacy concerns exist but assures, "NEC's Ad Measurement technology was developed to be totally anonymous." Currently being tested in Japan, the billboards are slated to be trialed in the U.S. later this year.
Full Story

TRAVELERS’ PRIVACY

UN Expert Says Airport Scanners Violate Human Rights (March 10, 2010)

Is the use of full-body scanners in airport security a breach of individual rights? Yes, according to Martin Scheinin, the UN special rapporteur on the protection of human rights. The Montreal Gazette reports that Scheinin believes the scanners are not only an excessive intrusion into individual privacy but also ineffective in preventing terrorist attacks. "The use of a full-body scanner which reveals graphic details of the human body, including the most private parts of it, very easily is a violation of human rights," Scheinin says. He has told the UN Human Rights Council that different technology would better protect personal privacy, the report states.
Full Story

PRIVACY LAW—AUSTRALIA

Bill Would Allow Greater Government Access to Tax Data (March 8, 2010)

New legislation would allow government agencies, including police and prosecutors, access to Australians' tax returns to "prevent or lessen" a serious threat to public health or safety. Under the Tax Laws Amendment Bill, the Australian Taxation Office would also be allowed to distribute tax information to the Fair Work Ombudsman and state and territory workers' compensation boards. Current secrecy laws allow police access to tax information for investigation of serious offences, but do not generally allow the information to be used in court, The Australian reports. "Taxpayer information has proved to be a valuable source of intelligence information for the investigation of activities such as money laundering and social security fraud," states the legislation's explanatory memorandum. The bill has been referred to the Senate economics committee for review.
Full Story

Gov’t to Open Privacy Commissioner Search Soon (March 4, 2010)

The government announced Thursday that it will soon conduct an open recruitment exercise for the next privacy commissioner. Current commissioner Roderick Woo this week announced that he will not seek another term when his comes to a close on July 31. "A selection board will consider the candidates and recommend the most suitable candidate to the chief executive," according to the government's statement. The selection board comprises academics, government officials and others. The Hong Kong privacy commissioner serves a five-year term.
Full Story

PRIVACY—AUSTRALIA

Ombudsman Appointed as First Information Commissioner (March 4, 2010)

Although the findings of a Senate inquiry into the functions of the proposed Office of the Information Commissioner (OIC) will not be available until March 16, the government has named Commonwealth Ombudsman John McMillan to head up the new office, The Australian reports. The OIC will incorporate the Office of the Federal Privacy Commissioner as well as the new Freedom of Information Commissioner and will oversee a revised Privacy Act and new Freedom of Information laws. iappANZ President Kevin Shaw described the shift in oversight as "an important step in addressing the often complex task of balancing the public right of access to information with the right of individual Australians to personal privacy." McMillan, who will begin his new role on March 8, said this "combination of privacy and FOI in a new office headed by the Information Commissioner, supported by the Privacy and FOI Commissioners, will transform information management in Australian government."
Full Story

CHILDREN’S PRIVACY—AUSTRALIA

Conference to Address Youth Privacy (March 4, 2010)

Privacy Victoria will host a conference in May geared toward the privacy and online safety of children and young people. Educators, policy makers, youth workers, parents and young people are encouraged to attend the "Watch this Space: Children, Young People and Privacy" event, which will address the privacy of youths in the online environment. "Privacy is not just for grown-ups," says Victorian Privacy Commissioner Helen Versey. It is important for young people to "understand privacy issues and empower youth to protect themselves in their rapidly changing world." The one-day conference, which will feature Children's Ambassador Noni Hazlehurst as emcee, will be held 21 May in Melbourne and will include the presentations of more than 25 leading experts in the areas of privacy, law, education and cybersafety. Commissioner Versey has created a Sponsored Delegate program for the event. (See related story below.)
Full Story

ONLINE PRIVACY—AUSTRALIA

Be Aware of What You Share Online (March 4, 2010)

Before you share your personal details online, be sure you check the Web site's privacy policy, The Big Chair warns. "Privacy policies are not necessarily written for the benefit of the consumer," explains David Vaile of the cyberspace law and policy centre at the University of NSW, but consumers can look for indications of how reliable a site will be, including whether opt-in and opt-out functions are in place. Federal Privacy Commissioner Karen Curtis warns consumers to be especially aware of clauses that refer to third parties that could inadvertently result in consent to use information in unexpected ways. As Vaile puts it, "It's very hard to undo damage once it has been done. There are all sorts of things that can have lifelong ramifications, including for people other than yourself."
Full Story

STUDENT PRIVACY—AUSTRALIA

Student ID Plan Sparks Privacy Worries (March 4, 2010)

Education Minister Julia Gillard's proposed reforms for underperforming schools--including the introduction of identification numbers to help track the progress of individual students--are being met with an array of privacy concerns, the Sydney Morning Herald reports. Australian Education Union President Angelo Gavrielatos has suggested the plan raises serious issues about privacy and the ethical use of student data. Gillard, who described the identification numbers as a way to evaluate student and teacher performance, said that through "cooperation of education authorities, and without identifying individual students, it should be possible to link national testing records so that student progress can be identified from year to year."
Full Story

DATA PROTECTION—AUSTRALIA & NEW ZEALAND

Cyber Attacks More Likely at ANZ Organisations (March 4, 2010)

A recent global study has found that organisations in Australia and New Zealand are more likely than their global counterparts to be the targets of cyber attacks, Computerworld reports. The State of the Enterprise Security Study, conducted by software manufacturer Symantec, surveyed more than 2,000 executives and IT managers in 27 countries. It found that 89 percent of ANZ organisations reported being the target of cyber attacks, compared with 75 percent globally. The survey also found that most ANZ organisations' breaches involved the theft of corporate data, theft of personally identifiable information and identity theft.
Full Story

HEALTHCARE PRIVACY—AUSTRALIA

Medicare Breaches Raise Concerns About Health ID Bill (March 4, 2010)

Medicare Australia's disclosure of more than 1,000 cases of unauthorised access to client records in the past three years is raising privacy concerns about administration of the Healthcare Identifiers Bill, The Australian reports. Under the healthcare ID bill, Medicare would issue every Australian a 16-digit number, while healthcare providers would be given similar identifiers to access patient numbers. Between November 2006 and December 2009, Medicare investigated 1,058 cases, determining that 54 percent were instances of unauthorised access. "Healthcare authorities have always claimed Medicare staff respect people's privacy," says Juanita Fernando, health spokeswoman for the Australian Privacy Foundation, cautioning that the alleged data breaches should raise particular concern in light of the new legislation.
Full Story

PRIVACY LAW—AUSTRALIA

Commissioner Curtis on Privacy in 2010 (March 4, 2010)

Federal Privacy Commissioner Karen Curtis has a full plate for 2010. The Australian reports that on top of increasing privacy-related inquiries from the public, the docket includes the Healthcare Identifiers Bill, a planned rewrite of the Privacy Act and bills covering the reform of Freedom of Information laws and the creation of the Office of the Information Commissioner. Also on the commissioner's agenda are concerns relating to the merge of the Medicare and Centrelink offices, as well as the growing use of biometric data in the public and private sectors.
Full Story

PRIVACY LAW—AUSTRALIA

ACMA Files First Do Not Call Act Suit in Federal Court (March 4, 2010)

The Australian Communications and Media Authority (ACMA) announced it has filed proceedings in federal court against telecommunications company gotalk, alleging numerous breaches of the Do Not Call Register Act 2006. ACMA alleges the company used two offshore call centres that made more than 40,000 telemarketing calls to numbers listed on the Do Not Call Register. The gotalk case marks the first time ACMA has taken such action for contraventions of the Do Not Call law.
Full Story

GENETIC PRIVACY—AUSTRALIA

Genetic Tests Cheaper, But at What Price? (March 4, 2010)

Aiming to encourage improved health behaviors, health insurer NIB now offers discounts on genetic testing to 5,000 of its customers. But some are concerned about language in a company letter to customers that NIB "may be required to disclose genetic test results...to life insurance or superannuation providers." The Sydney Morning Herald reports on concerns that  disclosure could result in higher risk-based life insurance premiums and the potential for voided life insurance contracts. Privacy Commissioner Karen Curtis weighs in.
Full Story

STUDENT PRIVACY—AUSTRALIA

Privacy Commissioner Seeks Student Privacy Ambassadors (March 4, 2010)

Victorian Privacy Commissioner Helen Versey has announced the creation of a Sponsored Delegate program for the national "Watch this Space: Children, young people and privacy" conference in May. The delegates will receive tickets and travel costs to the conference as well as funding to help their schools establish privacy awareness projects. "Privacy is not just for grown-ups," Versey points out, noting that topics like "texting, sexting, cyber-bullying...and safe social networking" are important issues for children and youth. Hugh Stephens of Privacy Victoria's Youth Advisory Group says that in addition to learning from experts, students selected to attend the conference "can engage with issues about privacy that matter to them," taking what they learn back to their schools and communities.
Full Story

PRIVACY LAW—QUEENSLAND

Film Studios Appeal ISP Piracy Judgment (March 4, 2010)

The Australian Federation Against Copyright Theft (AFACT), which represents a consortium of 34 film studios, is appealing the Federal Court's ruling that ISP iiNet was not liable for illegal movie downloads by its customers, the Brisbane Times reports. "The court found large-scale copyright infringements (proven), that iiNet knew they were occurring, that iiNet had the contractual and technical capacity to stop them and iiNet did nothing about them," AFACT Executive Director Neil Gane said of the decision to appeal, stating the ruling effectively means the "authorisation of copyright infringement." iiNet, meanwhile, has contended that, among other factors, privacy provisions in the Telecommunications Act prevented it from forwarding the studios' infringement notices to customers.
Full Story

DATA LOSS—ASIA PACIFIC

Bank Account Statements Sent to Wrong Customers (March 4, 2010)

Business process outsourcing firm Salmat says some of its St. George subsidiary customers received account details that belonged to others. Human error accounted for about 42,000 bank account statements containing transaction and savings account details being sent to the wrong customers. The company reports that only statements ending February 26 were involved. Westpac is re-issuing the statements and has guaranteed that customers will not incur any loss as a result of the error, ITWire reports. It also established a help line for customers to call with concerns. Westpac has "already put in place stringent measures to ensure this incident does not re-occur," a Salmat spokesman said.
Full Story

RFID—PHILIPPINES

Automobile Association Urges Supreme Court to Quash RFID Project (March 4, 2010)

The Automobile Association of the Philippines (AAP) is urging the Supreme Court to rule that the government's plan to attach radio frequency identification (RFID) tags to all vehicles is illegal, ABS-CBN News reports. The AAP's petition says that, among other things, the RFID project violates the constitutionally protected right to privacy. The RFID project would require all vehicles to install stickers containing a microchip that stores vehicle information, the report states, but the project has been stalled since the Supreme Court issued an order last January postponing implementation of the project.
Full Story

HEALTHCARE PRIVACY—AUSTRALIA

Public Given One Week to Respond to Health ID Bill (March 2, 2010)

A bill to assign unique ID numbers to all Australians was sent to the Senate Standing Committee on Community Affairs on February 26 for examination, giving members of the public wishing to offer comment until March 5 to do so, iTWire reports. According to the Rudd government, the 16-digit Individual Healthcare Identifiers that would be required under the bill are needed to identify patients and healthcare providers and "as a further step to ensure the privacy and security of an e-health system," the report states. The committee is expected to review such issues as privacy safeguards, including who will have access to the identifier numbers, and issue a report on March 15.
Full Story

PRIVACY LAW—NEW ZEALAND

Commission Recommends Law to Prohibit Tracking (March 1, 2010)

In its latest report in a series on privacy issues, the Law Commission recommends a new law that would prohibit certain types of tracking, reports the New Zealand Herald. "Surveillance is not well regulated by current law," says Law Commissioner Sir Geoffrey Palmer, SC. "Technology is developing rapidly and continually creating new ways of invading our privacy." The commission says that the installation of tracking devices on cell phones or vehicles and the use of visual surveillance devices without consent should be outlawed via a Surveillance Devices Act. "It is important to put boundaries in place to control [technology's] harmful use before it is too late," the commission says in its report.
Full Story