Tag:privacy policy

1
Long awaited increase to privacy breach penalties – a step closer to reality
2
Australian Privacy Act Under Review
3
Zooming In: “Zoom’s” Significant Privacy and Data Security Risks brought to Light Again (and Again)
4
Not So Zoomy: Use of Videoconferencing Technology “Zoom” on the Rise, but Privacy and Data Security Inadequacies suggest Users should Tread Carefully

Long awaited increase to privacy breach penalties – a step closer to reality

By Cameron Abbott, Rob Pulham, Max Evans and Ella Richards

On October 25 the Australian Attorney-General’s Department released a draft bill amending the Privacy Act 1988 (the Draft Bill), inviting industry submissions by 6 December 2021.

We have been hearing about an alignment with Australian consumer and competition law penalties for quite some time – and the Draft Bill does not disappoint.

Under the Draft Bill, the maximum penalties applicable to companies for serious or repeated privacy breaches will increase to the greater of:

  • $10 million
  • three times the value of any benefit obtained through the misuse of information, or
  • 10% of the corporate group’s annual Australian turnover.

The Draft Bill also enables the introduction of an online privacy code, covering a wide scope of organisations to regulate social media services, large online platforms and data brokerage services. It is expected that industry will be given the first opportunity to develop the code, for approval by the Commissioner – with the ability for the Commissioner to develop the code in certain circumstances.

Finally, the Draft Bill introduces information sharing powers to facilitate greater engagement between the Information Commissioner and law enforcement bodies, alternative complaint bodies and State, Territory or foreign privacy regulators. This means the Information Commissioner or the receiving authority will be able to share information and documents to more effectively exercise their respective functions and powers.

With regulators banding together, maximum penalties becoming meaningful and a binding online privacy code on the horizon – there has never been a better time to get your Privacy house in order!

Australian Privacy Act Under Review

By Cameron Abbott, Rob Pulham and Keely O’Dowd

In December 2019, the Australian Government announced it would conduct a review of the Privacy Act 1988 (Cth).

A year has almost passed and finally the Australian Government has publicly released details about the review. On 30 October 2020, the Australian Government released the Terms of Reference of the review. In particular, the review will cover:

  • The scope and application of the Privacy Act
  • Whether the Privacy Act effectively protects personal information and provides a practical and proportionate framework for promoting good privacy practices
  • Whether individuals should have direct rights of action to enforce privacy obligations under the Privacy Act
  • Whether a statutory tort for serious invasions of privacy should be introduced into Australian law
  • The impact of the notifiable data breach scheme and its effectiveness in meeting its objectives
  • The effectiveness of enforcement powers and mechanisms under the Privacy Act and how they interact with other Commonwealth regulatory frameworks
  • The desirability and feasibility of an independent certification scheme to monitor and demonstrate compliance with Australian privacy laws.
Read More

Zooming In: “Zoom’s” Significant Privacy and Data Security Risks brought to Light Again (and Again)

By Cameron Abbott, Warwick Andersen, Rob Pulham, Allison Wallace and Max Evans

It hasn’t even been 10 days since our previous Blog on Zoom, which highlighted a number of privacy and data security issues prevalent in the use of the popular telecommunications software, and already further privacy issues have been alleged. Let’s put these allegations under the magnifying glass:

Disclosure to Facebook: Even If You don’t have an Account

Firstly, Vice reports that the iOS version of the Zoom app transfers analytics data to Facebook, even if Zoom users don’t have a Facebook account, without disclosing as such in its Privacy Policy.

Read More

Not So Zoomy: Use of Videoconferencing Technology “Zoom” on the Rise, but Privacy and Data Security Inadequacies suggest Users should Tread Carefully

By Cameron Abbott, Warwick Andersen, Rob Pulham and Max Evans

As the world grinds to a halt following the perpetuation of COVID-19, more and more businesses have turned to remote work arrangements. This has led to a sharp rise in the use of videoconferencing technology Zoom. However, as the Australian Financial Review notes, flawed data security and privacy practices mean that the use of Zoom could be disastrous for corporate and personal privacy.

Concerns surrounding the use of Zoom arose earlier this year, with critical security vulnerabilities enabling hackers to predict Meeting ID’s and therefore join active meetings, and also allowing any website to forcibly join a user to a Zoom call with their video camera activated and without the user’s permission. Whilst a number of these errors were patched up, as the article notes, Zoom refused to disable the ability for hackers to forcibly join to a call anyone visiting a malicious site, raising security red flags and undermining public confidence in Zoom’s attitude towards data security. A strange response given that part of its attraction had been a perceived stronger approach to security.

Read More

Copyright © 2024, K&L Gates LLP. All Rights Reserved.