Government Regulation, Legislation & Enforcement – Page 14

Facebook’s privacy breach puts spotlight on Australian election campaigns

Mar 28 2018

By Cameron Abbott and Georgia Mills

News of Facebook’s involvement in the United States’ elections is nothing new, especially with the ongoing Cambridge Analytica scandal, so it should come as little surprise that the social media giant has extended its reach into the Australian electoral sphere.

Facebook approached Australia’s major political parties during the 2016 Federal election offering a powerful data matching tool. This “advanced matching” tool would allow parties to match data they had collected about voters- including names, dates of birth, contact details, and postcodes- against similar information provided by users on their Facebook profiles. The combined data would allow parties to identify swinging voters and target them with tailored ads when they use Facebook.

The Sydney Declaration: ASEAN and Australia commit to cooperate on cybersecurity and digital trade issues

Mar 19 2018

By Cameron Abbott and Keely O’Dowd

Over the weekend our closest neighbours agreed to greater cooperation on cyber security. The Member States of the Association of Southeast Asian Nations (ASEAN), the Secretary-General of ASEAN and Australian leaders met in Sydney to strengthen the ASEAN-Australia relationship. The leaders discussed issues of regional importance.

Weather Bureau IT mining cryptocurrencies?

Mar 13 2018

By Cameron Abbott and Allison Wallace

The Australian Federal Police are investigating two members of the Bureau of Meteorology’s IT team for allegedly running an operation in which they made use of the Bureau’s powerful computers to “mine” cryptocurrencies.

It was revealed late last week that the AFP raided the Bureau’s Melbourne CBD offices on February 28, and questioned the two employees. No charges have been laid, or arrests made.

De-identification of Data and Privacy

Feb 28 2018

By Cameron Abbott, Keely O’Dowd, Giles Whittaker and Harry Crawford

As promised in a previous blog post, K&L Gates have performed an in-depth analysis of the risks of relying on de-identification of data to protect privacy, in the wake of researchers successfully re-identifying de-identified medical data that was released by the Australian Department of Health in 2016.

Read the article on the K&L Gates HUB here.

Mandatory Data Breach Reporting in 60 seconds

Feb 23 2018

By Cameron Abbott

The notifiable data breach scheme, as outlined in the Privacy Amendment (Notifiable Data Breaches) Act 2017 (Cth), commenced yesterday, 22 February. Under this new scheme, in the event an organisation experiences a data breach that is likely to result in serious harm to any individual, that organisation will be required to notify the Australian Information Commissioner and any affected individual(s) of the breach. This 60 second video will help you prepare your organisation for these changes.

US Government reaches for data stored on foreign soil

Jan 22 2018

By Cameron Abbott and Harry Crawford

A significant case for digital privacy is currently before the US Supreme Court, with the US Justice Department fighting it out against Microsoft in a bid to gain access to emails held on Microsoft’s servers in Dublin. The US Justice Department is seeking to use a search warrant to access the emails in Ireland in a drug trafficking case. If a precedent is set which allows the US government to access data stored on foreign soil, that could have a significant impact on privacy rights on a global scale.

The Essential Eight: Strategies for Security for Commonwealth Government Agencies

Nov 16 2017

By Cameron Abbott, Keely O’Dowd and Olivia Coburn

The Federal Parliament’s Joint Committee of Public Accounts and Audit, tasked with inquiring into the cyber resilience of certain Commonwealth entities has recommended that all such entities adopt a cyber security mitigation strategy called the Essential Eight. The Committee made this recommendation in its Report 467: Cybersecurity Compliance Inquiry based on Auditor-General’s report 42 (2016-17) (Report). Tarantino’s Hateful Eight is perhaps a little more convoluted than these simple touchstones of good practice. The Essential Eight are good reading for all enterprises, not just government agencies.

Just one of 734: Australian defence contractor hacked

Oct 16 2017

By Cameron Abbott and Olivia Coburn

A hacker has breached the computer system of an unnamed defence contractor and stolen 30 gigabytes of data, including information on Australia’s $17 billion Joint Strike Fighter program.

The data breach, which the Australian Government publicly disclosed last week, also includes information about Australia’s $4 billion P-8 surveillance plane project, Collins Class submarines and the warships HMAS Canberra and HMAS Adelaide. The Government has emphasised that the stolen data is commercially sensitive but not classified.

The announcement coincides with the release of the Australian Cyber Security Centre’s 2017 Threat Report, available here, which reveals that the hack is among 734 cyber incidents affecting private sector systems of national interest and critical infrastructure providers.

SEC wants to collect more information – but can they protect it?

Oct 02 2017

By Cameron Abbott and Olivia Coburn

The United States Securities and Exchange Commission (SEC) is facing scrutiny on its handling of a data breach that occurred in 2016 – but was only publicly disclosed on 20 September 2017.

Hackers accessed information on corporate filings intended for investors, which would be used for insider trading.

Privacy risks in collecting donations

Aug 06 2017

By Cameron Abbott and Olivia Coburn

Charities are increasingly employing commercial approaches to funding, lobbying and fundraising to fuel their invaluable work. In doing so, charities need to be cautious of mishandling the donor’s personal information that they collect together with the donation.

Donors are frequently being asked to provide information such as home address, email address and their mobile phone number. In some instances charities will not accept money unless this personal information is also provided.

Catagory:Government Regulation, Legislation & Enforcement