The New York Times reports on Facebook’s agreement with European regulators to stop using its facial recognition software and delete users’ facial identification data. “The development of these tools in the private sector directly affects civil liberties,” said University of California, Berkeley Law Prof. Chris Hoofnagle, adding, “The ultimate application is going to be—can we apply these patterns in video surveillance to automatically identify people for security purposes and maybe for marketing purposes as well?” Ireland Data Protection Commissioner Billy Hawkes has said he is satisfied with the company’s privacy upgrades, but some in Europe do not think they have gone far enough. Meanwhile, Financial Times reports the company is working to improve its ad tracking systems.

 

Australian Privacy Commissioner Timothy Pilgrim has said smart meter technology could threaten people’s privacy, The Age reports. “We are starting to see people voicing concern about the level of data that these meters can collect,” Pilgrim said. Customers with smart meters must consent to having their data shared with various third parties, the report states. Pilgrim said companies have an obligation to delete or de-identify personal information that is no longer necessary. An Origin Energy spokesman said its online energy-usage portal is fully compliant with Australian privacy legislation and that the company keeps personal data for tax and compliance purposes.

 

Ireland Data Protection Commissioner Billy Hawkes has said new EU laws to be introduced in January will strengthen EU citizens’ control over their personal data. In a column for the Irish Examiner, Hawkes wrote that personal data should always be protected, even outside the EU. The proposed legislation will provide a single set of rules for data protection across the EU; better access to personal data; the “right to be forgotten”; data protection rules for companies—such as Google and Facebook—doing business in EU markets, and additional power to independent data protection authorities.

Privacy advocates wrote to the Federal Trade Commission last week asking it to intervene to help settle differences between some advertising industry representatives and privacy advocates on a do-not-track option online, National Journal reports. Web browsers such as Mozilla’s Firefox, Apple’s Safari and Microsoft’s Internet Explorer now include a do-not-track option, but websites’ compliance with the option is thus far voluntary. Talks convened by the World Wide Web Consortium (W3C) about the standard seemed to have reached stalemate, the report states. Two areas of contention appear to be on the use of “unique identifiers” and default settings for browsers with a do-not-track option. The W3C will hold the workshop “Do Not Track and Beyond” in Berkeley, CA, in November.

A hearing will take place in California on September 27 for a class-action lawsuit against Sutter Health over its breach last year exposing data on 4.24 million patients, Sacramento Business Journal reports. The suit claims the company failed to properly protect patient data contained on a password-protected, unencrypted computer that was stolen and that Sutter Health did not notify affected patients in the required time allotment. A decision is pending on whether the 12 suits filed will be certified as a class-action. Lawyers must prove a common thread exists among them.

 

Parliamentary Report Recommends Privacy Amendment Bill

COMPUTERWORLD reports on a tabled parliamentary report that recommends the House of Representatives pass the Privacy Amendment Bill 2012. The bill would clarify the role and strengthen the powers of the privacy commissioner, address credit reporting arrangements and protect personal information. According to a statement, “The committee has examined the bill to ensure that an appropriate balance between privacy protection and the convenient flow of data has been achieved.” Attorney-General Nicola Roxon said, “Both consumers and governments have a role to play to protect privacy,” adding, “In introducing these changes, the Gillard government is doing its bit to protect the privacy of Australian families.”

 

 

Twitter Gives Court Protester's Posts

After months of fighting a subpoena, Twitter has given a U.S. judge the online posts of Occupy Wall Street protester Malcolm Harris, Reuters reports. The tweets, which were handed over to Manhattan Criminal Court Judge Matthew Sciarrino, will remain under seal while a request for a stay by Harris is heard in a higher court, the report states. The Electronic Frontier Foundation (EFF) and the American Civil Liberties Union have filed an amicus brief supporting Twitter’s appeal. EFF’s Marcia Hofmann called it a “canary-in-a-coal-mine case,” adding “companies will look at this case and say it’s not a good idea to push back against governments we think are overreaching.”

 

 

BC Health Ministry Fires Fifth Worker for Alleged Breach

A fifth employee of British Columbia’s Health Ministry has been fired over an alleged privacy breach, The Victoria Times Colonist reports. The worker had been one of three who had been suspended, but according to the report, the 30-year government employee in charge of data access, research and stewardship has now been released. BC Health Minister Margaret MacDiarmid has said the issues in the ongoing investigation relate to inappropriate conduct, data management and “contracting-out allegations,” the report states. “It’s been incredibly complex and it continues to be,” MacDiarmid added.

 

 

Body Scanners Removed by Manchester Airport

A UK airport is scrapping passenger body scanners after a three-year trial period ended without a decision from the European Commission, BBC News reports. The airport will replace the body scanners with “privacy friendly” scanners. Manchester Airport Group Chief Operating Officer Andrew Harrison expressed frustration “that Brussels has allowed this successful trial to end,” adding, “Our security surveys and those run by the Department for Transport show passengers regularly rate their experience at Manchester as one of the best security processes in the UK, if not Europe. There’s no doubt that body

 

 

ACLU Asks Court To Stop DNA Collections on Felony Arrests

Through California’s DNA database of close to two million samples, more than 10,000 criminal suspects have been identified in the last five years, The Washington Post reports. But the American Civil Liberties Union (ACLU) will argue to the Ninth U.S. Circuit Court of Appeals that the state’s genetic data collection efforts have become “unconstitutionally aggressive…at the expense of civil liberties,” the report states. California’s Proposition 69 allows police to take a DNA sample of every suspect arrested on felony charges. The ACLU says the practice “comes too early in the criminal justice process,” and samples should be taken only from those convicted. (Registration may be required to access this story.)
Full Story scanners play a big part in these results.”

 

Do-Not-Track's Effects Yet To Be Seen

The New York Times reports on the potential effect do-not-track will have on online privacy. The option may help companies “gain traction with consumers who want to manage their Internet experience on their own devices” but could also have a negative effect on online marketing efforts, the report states. Mozilla introduced the feature last year and reports 11 percent of users have activated the feature. Microsoft announced earlier this year that do-not-track will be the default in its Internet Explorer 10. Recently, Google announced that its Chrome browser will offer do-not-track capabilities in versions available by year’s end. Websites’ compliance with do-not-track preferences is thus far voluntary. (Registration may be required to access this story.)

 

 

ACC, Auditor General Reports Issued

An independent report on New Zealand's Accident Compensation Corporation (ACC) has revealed that a data breach was due to "human error" but also "systemic weaknesses within ACC's culture, systems and processes." Commissioned by New Zealand Privacy Commissioner Marie Shroff, the Independent Review of ACC's Privacy and Security Information was undertaken by KPMG and former Australian Privacy Commissioner Malcolm Crompton, CIPP/US. Shroff said the ACC "has elements of privacy protection and security" in place, but they "are not up to the standard expected" of such an organisation, adding, a "culture change" will be necessary, starting "right at the top." ACC Minister Judith Collins says she agrees with the report's recommendations. The Auditor General has concluded its investigation and released a report as well. Meanwhile, State Services Commissioner Iain Rennie urged vigilance by public servants processing personal data.

 

 

Bill Means No More Anonymity for Toll Users

A bill introduced last week would remove an existing legal provision related to motorists, The New Zealand Herald reports. The Government's Land Transport Management Amendment Bill would allow for the collection of personal information from motorists who use toll roads by not allowing them to pay anonymously. According to the report, civil liberties advocates and the privacy commissioner are concerned. A spokesman for the transport minister said the anonymous system "no longer reflects the working realities of modern tolling systems, which collect vehicle information needed to apply tolls without disrupting traffic." A NZ Transport Agency official said those concerned about privacy could use non-toll roads.

 

 

Senate Passes Cybercrime Legislation

The Cybercrime Legislation Amendment Bill 2011 has passed the Australian Senate, ZDNet reports. The bill amends the Mutual Assistance in Criminal Matters Act 1987, the Criminal Code Act 1995, the Telecommunications (Interception and Access) Act 1979 and the Telecommunications Act 1997 and has incited concern among Internet service providers about their new data retention responsibilities. The bill was amended before its passage to include privacy protections at the recommendation of the Joint Select Committee on Cyber-Safety. Australia now joins the 34 nations who've acceded to the Council of Europe Convention on Cybercrime, the report states.

 

 

Sex Offender Stole Identity To Teach

A report from Minister of Education Hekia Parata has revealed that convicted sex offender Te Rito Henry Miki was able to teach after he stole the identity of a teacher listed on the New Zealand Teachers' Council website. Parata said the incident was the result of "serious failings across the whole system." A committee has since made 35 recommendations on how to prevent similar incidents from occurring, including sharing data on teachers' name changes. Pending the passage of the Privacy (Information Sharing) Bill, agencies will consider whether the Department of Internal Affairs may share name-change information with the New Zealand Teachers' Council and the Ministry of Education, The New Zealand Herald reports.

 

 

Lawyers Urge Business To Adopt Social Media Policies

Lawyers have warned Australian businesses to enact a social media policy or risk liability, Australian Financial Review reports. The warnings follow various lawsuits in Australia and abroad involving social media posts. Companies need explicit policies on social media, which should also appear in employee contracts, the lawyers said. "It's a policy issue," said one lawyer. Another said, "If the employee or agent of a business posts personal information about an employee on the business's Facebook site using the business records of personal information, the business may breach the Privacy Act 2001." Proper monitoring systems and policies can help mitigate this risk, he said.

 

 

Data Privacy Law Signed

President Benigno Aquino has signed the Data Privacy Act 2012, ABS-CBN News reports. The bill is also known as "An Act Protecting Individual Information in Information and Communication Systems in the Government and the Private Sector." The bill is based on the European Directive and requires data security standards by business process outsourcers. The president did not veto any of the bill's provisions, the report states. Some lawmakers have said the law will spur investment in the Philippines.

The Australian Privacy Commissioner has called on Google to destroy data collected from open WiFi networks, iTnews reports. The commissioner sent a letter to Google’s Australian head of public policy and government affairs ordering its immediate destruction, the report states. “I do not require Google to retain the additional payload data, and unless there is lawful purpose for its retention, Google should immediately destroy the data,” Pilgrim wrote. “Further, I also request that Google undertakes an audit to ensure that no other disks containing this data exist and to advise me once this audit is completed.” Commissioners from the UK, France and other jurisdictions have made similar requests.

 

Microsoft has announced it will keep its default do-not-track (DNT) setting in Internet Explorer 10 (IE10), Ars Technica reports. Microsoft Chief Privacy Officer Brendon Lynch, CIPP/US, said, “Customers will receive prominent notice that the selection of Express Settings turns DNT on.” Users will also have the option to opt out of DNT in the customize setting. Lynch added, “Our approach to DNT in IE10 is part of our commitment to privacy by design and putting people first…We believe consumers should have more control over how data about their online behavior is tracked, shared and used.”

 

The Washington Post reports on a mobile app created by the Obama campaign that shows a map with lists of the first and last names of nearby voters. The app is meant to help campaign volunteers canvass for potential voters and send the data back to the campaign. Privacy advocate Shaun Dakin has said the app is concerning because it reveals ages, potentially leading to targeted scams. Electronic Privacy Information Center Executive Director Marc Rotenberg said, “Party affiliation is public information, available through the state voter registration records…Still, both campaigns are digging deep into the private lives of voters.” (Registration may be required to access this story.)

 

TECHNEWSWORLD reports that privacy in the cloud “may be an illusion,” and businesses relying on the cloud should be aware of its privacy risks. Laws in the U.S., EU and elsewhere allow government agencies access to cloud data, and Mutual Legal Assistance Treaties facilitate cooperation across borders, allowing law enforcement to request data in any country that is a part of such a treaty. The report points to a recent whitepaper that concludes “it is not possible to isolate data in the cloud from governmental access based on the physical lo

cation of the cloud service provider or its facilities.”

 

The founder of Privacy International, Simon Davies, has said the online gaming industry is failing to adequately protect its customers’ personal data and violates the UK’s Data Protection Act (DPA), computing.co.uk reports. After analyzing the industry for two years, Davies says many online sites collect vast amounts of personal information, including passport and credit card scans, driver’s licenses and utility bills. “All the available evidence indicates that this information is stored permanently,” Davies has said, adding that this constitutes a violation of the third and fifth principles of the DPA, the report states.

 

GovernmentHealthIT reports on improvements in data protection at the Veterans Affairs Department due to the use of encryption. The department now encrypts all of its information operations laptops following a 2006 data breach involving the theft of a laptop containing data on millions of veterans. Additionally, the department’s chief information officer now oversees its IT operations, and privacy and security policies and procedures as well as employee training have been put in place. Meanwhile, COMPUTERWORLD reports that in the last three years, about 21 million patients’ medical records have been exposed in data security breaches large enough to require reporting to the federal government.

 

Uncertainty on Proposal, Hackers Down Gov't Sites

Attorney General Nicola Roxon recently said she's "not yet convinced that...we've made the case" for the data retention provision in proposed amendments to the Privacy Act, and Greens Sen. Scott Ludlam is voicing concern , saying, despite its claims, the government hasn't "even attempted" to "strike a balance between people's privacy and the ability of spy agencies to surveil people." Meanwhile, hacktivist group Anonymous temporarily took down at least 10 government websites in protest of the proposed data retention requirements, reports Fox News. "Unless the government starts acting in the best interest of its people, it will continue to bring the noise," said a spokesman from the group.

Commissioner: Health Organisation Breached Privacy Act

After an investigation, the Australian privacy commissioner has found that Medvet Labratories breached the Privacy Act for failing to protect its customers' personal information, ZDNet reports. Billing and shipping details were exposed because of multiple security flaws in the software used for its online store, the privacy commissioner found. However, the commissioner has said the company's actions following the breach were positive steps. They have improved security systems, advertised the violation in newspapers and placed notices on their website.

Law Commission: MPs Should Be Subject to OIA

After a major review of the Official Information Act (OIA), the Law Commission has determined that the legislation should be expanded to include all publicly funded agencies, reports The New Zealand Herald. While ministers have been subject to the act, MPs have not been required to open their expense claims to the public. The report's lead commissioner, Prof. John Burrows, says changes over the past three decades have made modernising the act necessary. "We think there's a case now for saying if a body is receiving public funding and is performing a public function, it should be accountable under the OIA," Burrows said.

Online Orgs Concerned About Privacy Amendment Bill

The Australian reports that a group of banks, credit providers and online service providers have submitted a joint statement expressing concern that the tabled Privacy Amendment Bill will have adverse effects on the digital economy. The proposed bill introduces a set of privacy principles for the public and private sectors. In the joint statement to the Interactive Advertising Bureau Australia, the Internet companies said, "We recognise the need for organisations to be accountable for the information they share across borders, but the proposed law places digital economy organisations in jeopardy." (Registration may be required to access this story.)

Study: Asian Consumers More Willing to Trade Data for Benefits

A study conducted by mobile ad company Amobee has shown Asian consumers are more willing to offer up their personal information for free services or better ads than those in Europe, reports ZDNet . The company polled more than 100 people, asking questions such as "would you share your data if we were to give you five free SMS messages a day?" says CEO Trevor Healy. Respondents in both Asia and Europe negatively reacted to "retargeting" marketing strategies, where ads are repeatedly offered to visitors of a site, prompting Healy to recommend advertisers use "pretargeting" methods focused on analysing user profiles.

Health Provider Sorry for Breach

HealthCare New Zealand is apologising for a breach involving the personal information of dozens of patients, which was discovered on a Merivale street recently, The New Zealand Herald reports. The patient records had been stolen from an employee's vehicle a few weeks prior. "We're really sorry about the event," said HealthCare NZ Community Services Manager Scott Arrol. "It's not the sort of thing that happens to us." Police are investigating.

Health Provider Sorry for Breach

HealthCare New Zealand is apologizing for a breach involving the personal information of dozens of patients, which was discovered on a Merivale street recently, The New Zealand Herald reports. The patient records had been stolen from an employee’s vehicle a few weeks prior. “We’re really sorry about the event,” said HealthCare NZ Community Services Manager Scott Arrol. “It’s not the sort of thing that happens to us.” Police are investigating

 

Pilgrim: Keeping Data Can Pose Organisational Risks

The Sydney Morning Herald looks at the risks associated with how personal data is collected and used. Given legitimate requests by organisations for personal data, the report offers suggestions for solutions from Privacy Commissioner Timothy Pilgrim. “I'm saying to organisations, could you just identify the person and, having identified them, not necessarily need to keep a lot of the personal information?” Pilgrim says, adding, “Because once organisations start keeping large amounts of information it doesn't just pose threats for the individual, in terms of increasing the risk of identity theft and fraud, it also starts to increase the risks for organisations themselves.”

 

APF Urges Selection of New Commissioners

The Australian Privacy Foundation (APF) sent two letters this week to encourage government officials to appoint new privacy commissioners. In a letter to Queensland Attorney-General and Minister for Justice Hon Jarrod Bleijie, the APF expressed concern that the acting privacy commissioner has been in place too long and the office is losing momentum as a result. “We urge you to make an appropriate appointment at the earliest opportunity, and request your assurance that an appointment is imminent.” In a separate letter, the APF implored the Attorney General of Victoria to select a permanent replacement for former Privacy Commissioner Helen Versey.

 

FIA Concerned About Privacy Act Changes

Pro Bono Australia reports that proposed changes to the Privacy Act have the Fundraising Institute of Australia (FIA) warning about the potential for “undue distress and confusion” for charitable organisations. In a submission to the Senate Legal and Constitutional Affairs Committee, the FIA writes, “Adequate privacy laws to protect donors' personal data are an essential component of charitable fundraising in this country,” noting that while the “FIA basically supports the Privacy Amendment Bill…there is confusion around the prohibition on direct marketing and lack of clarity around the new requirement for opt-out in each direct marketing communication.”

 

ACC Defamation Case Proceeds

A defamation case brought by ACC Minister Judith Collins will proceed, stuff.co.nz reports. Collins has accused MPs Trevor Mallard and Andrew Little of defamation in relation to a leaked e-mail from “ACC claimant Bronwyn Pullar, who blew the whistle on ACC inadvertently releasing her details about thousands of ACC claimants,” the report states. The next court date is set for November and will be a settlement conference where the parties involved can attempt to resolve the issues before trial. A trial date has been scheduled for February.

 

Experts Warn Against Posting Credit, Debit Info

After cardholders published images of their new debit and credit cards, privacy experts are urging caution. “Police said scammers could easily use the cards to make phone and online transactions, despite not being able to see the cards’ security codes,” the Herald Sun reports. A Twitter accountholder republished the images, the report states, prompting E-Crime Unit Detective Senior Constable Marty Nicholls to caution, “Using the Internet to purchase things can be safe, but posting a photograph of your credit card in an open source environment is fraught with danger.

 

As Data Collection Increases, So Do Company Obligations

An article in The Sydney Morning Herald discusses the risks companies run in chasing big data. “Every time we make a phone call, click on a website link, send an e-mail or swipe a card through an electronic reader, we are creating a record that can be stored and later analysed by computers,” the report states. One executive says he expects such practices to increase as young executives who are comfortable with Internet data collection are promoted. Australian Privacy Commissioner Timothy Pilgrim warns organisations that they must treat customer data responsibly and realise “they are collecting w

Customer Passwords Stolen, Published

Surfwear retailer Billabong says it is gathering information about a breach impacting customer passwords, iTNews reports. A company spokesperson said, “We view this attack as an extremely serious matter and have taken urgent action to contain the incident and prevent further attacks occurring.” Hackers published 21,485 stolen clear-text passwords and hashed passwords. “We will take further appropriate measures as new information comes to light,” the spokesperson said. Meanwhile, 3AW Radio reports that a company that went into administration earlier this year failed to protect sensitive data located in office equipment that is to be sold online.hat can be quite powerful sets of information.”

 

Chiang: High Calibre Privacy Professionals Needed

Privacy Commissioner for Personal Data (PCPD) Allan Chiang tells Career Times that his office is actively seeking high-calibre privacy professionals from a variety of backgrounds. The report highlights the work of the Office of the PCPD, noting that candidates with experience in such fields as legal, regulatory affairs and social services have an advantage in the privacy sphere. "At this point, we are looking to build a team of diverse talents who can contribute their expertise as we learn from one another and create new synergy," Chiang notes, adding, "There is certainly plenty of room for quality candidates who want to join the profession."

 

YouTube Releases Facial Blurring Tool

YouTube has released a tool allowing people to obscure faces within videos uploaded to the site, The New York Times reports. The feature aims “to help protect dissidents using video to tell their stories in countries with repressive government regimes,” the report states. “Visual anonymity in video allows people to share personal footage more widely and to speak out when they otherwise may not,” said a YouTube spokeswoman, adding that “human rights footage, in particular, opens up new risks to the people posting videos and to those filmed.” YouTube said the feature would also help protect children’s identities.

 

Skype Looking Into Messaging Bug

Skype is looking into a bug resulting in the voice-Internet service sending instant messages to unintended recipients, CNET News reports. Skype says “in rare circumstances” and stemming from an upgrade last month, users intending to send a message to one contact have found the message has been sent to another, which one user called “a serious breach of privacy.” Skype says it is investigating the matter and hopes to provide a solution soon. “We are rolling out a fix for this issue in the next few days and will notify our users to download an updated version of Skype,” a spokesperson said in an e-mailed statement.

 

The Consumer Financial Protection Bureau (CFPB) will soon begin supervising credit reporting agencies, The New York Times reports. CFPB Director Richard Cordray said this week that supervision activities—which will begin September 30—will include onsite examinations. Cordray said areas of concern for the CFPB include “the information sent to credit bureaus, the ways they assemble and hold information and ‘how difficult it is to get the errors resolved,’” the report states. Washington, DC, attorney Robert Belair told the Daily Dashboard, “The three national credit report systems are closely regulated by FCRA, which was the first comprehensive privacy statute in U.S. The FCRA reflects fair information practices and includes meaningful and comprehensive privacy protections. CFPB supervision…will not change that. The law doesn’t change. The privacy requirements don’t change. What this does is substitute the CFPB for the FTC.”

 

Skype is looking into a bug resulting in the voice-Internet service sending instant messages to unintended recipients, CNET News reports. Skype says “in rare circumstances” and stemming from an upgrade last month, users intending to send a message to one contact have found the message has been sent to another, which one user called “a serious breach of privacy.” Skype says it is investigating the matter and hopes to provide a solution soon. “We are rolling out a fix for this issue in the next few days and will notify our users to download an updated version of Skype,” a spokesperson said in an e-mailed statement.

 

Ontario’s Information and Privacy Commission (OIPC) has launched an investigation into the loss of personal data from the office of the province’s chief electoral officer, CBC News reports. Elections Ontario reported missing memory sticks containing voters’ names, addresses, genders and dates of birth, among other information, to provincial police, party leaders and the OIPC. Chief Electoral Officer Greg Essensa says the data on the sticks is encrypted. Essensa says the breach is a matter he takes “extremely seriously.”

 

 

Direct Marketing News reports that as mobile targeting increases, consumers don’t yet trust it. That’s according to a recent online study by TRUSTe that polled more than 2,000 U.S. adult cell phone users to gain a better understanding of how consumers feel about mobile privacy policies. “Awareness of behavioral targeting has increased substantially since last year,” said TRUSTe’s vice president of mobile development, adding, “It was striking to learn that as consumers in the study became aware of behavioral targeting, over 70 percent of them did not like it and did not want to be a part of it.” Meanwhile, Forbes reports on ways wireless carriers can gain consumer trust.

 

It’s been a year since a federal appeals court decision allowed the government to continue using certain body scanners at U.S. airports but required it “act promptly” to hold hearings and publicly adopt rules and regulations on scanner use. Wired reports the Transportation Security Administration (TSA) has yet to do so, despite motions from the Electronic Privacy Information Center to the appellate court to order the TSA to take action. Jim Harper, director of information policy studies at the Cato Institute, has started a White House petition to require the Obama administration to respond on where things stand.

 

Researchers at Berkeley Law have released a study on “Mobile Phones and Privacy.” In the survey of 1,200 households, Jennifer Urban, Chris Jay Hoofnagle and Su Li looked at mobile privacy issues to inform debate “and to better understand Americans’ attitudes towards privacy in data generated by or stored on mobile phones.” The study found that “Americans overwhelmingly consider information stored on their mobile phones to be private—at least as private as information stored on their home computers,” and that they “overwhelmingly reject several types of data collection and use drawn from current business practices.”

3 News reports that the Accident Compensation Corporation (ACC) has sent details on "a significant amount" of its customers to one customer when he requested his own file. This follows two similar breaches at the company-one exposing more than 100 records and another involving 9,000. Radio New Zealand reports both the chairman of the ACC's board, John Judge, and its chief executive, Ralph Stewart, have resigned this week, as well as two other executives. Political groups are taking sides over whether the company's minister Judith Collins should be removed from her post as well. The Labour Party says ACC needs a change at the ministerial level, but Collins says she's working to change the culture.

 

 

Privacy Commissioner Marie Shroff is paying attention to new mapping technologies being developed by Google and Apple, reports NewstalkZB. According to the report, Apple has aeroplanes creating a detailed three-dimensional mapping feature for its devices, and Shroff plans to call for a briefing prior to the New Zealand launch of the feature. Assistant Privacy Commissioner Katrine Evans says Google plans to consult the commission through its data collection process.

 

 

Internal documents released under the Freedom of Information Act show that plans to program airport full-body scanners to show stick figures have been scrapped, reports The Sydney Morning Herald. The scanners will instead show a full-body image that identifies prosthetics, prompting a breast cancer survivor group to alert members to carry a doctor's note. The documents also showed an agreement between Office of Transport Security (OTS) Executive Director Paul Retter and Australian Information Commissioner John McMillan to remove a privacy quality assurance program. According to an OTS spokesman, it was deemed that because "no personal information would be collected, stored or disclosed during the body-scanning process, the National Privacy Principles did not apply," the report states.

 

 

Doctors and consumers still have questions about how the soon-to-be implemented e-health system will work, reports ABC. Heather Ewart talks to representatives from the Australian Medical Association (AMA) and National E-Health Transition Authority, who voice concerns about the management and security of the information in the system as well as doctors' liability in terms of reading all the information in a patient's file. The system is expected to go into effect in two weeks, but many healthcare providers are not "rushing to the fountain," the article states. And Steve Hambleton, federal president of the AMA, says one reason may be there's "no business case" for medical professionals or organisations to sign up.

 

 

A report in The Age details ways in which posting information about your upcoming trip or holiday photos to social networking sites could lead criminals to target you. ''Not only are you telling me where you are, you're telling me where you're not,'' said one cyber-safety consultant, adding, "police don't ask about social media when they attend burglaries, we have no idea of the extent of the problem." Geo-tags, which are automatically included on photos taken with most smartphones, identify photo locations and can be extracted on many photo-sharing applications, so even if you don't post your location, others can decipher it.

 

 

Steve Eckersley, enforcement chief of the UK Information Commissioner's Office (ICO), sent a letter to Google executive Alan Eustace saying the ICO is reopening its investigation into the collection of personal data by Google's Street View service, reports The Washington Post. An April U.S. Federal Communications Commission report found that Google deliberately collected the data. According to Eckersley's letter, the ICO was told the collection was a "simple mistake," adding, "If the data was collected deliberately, then it is clear that this is a different situation than was reported to us in April 2010." Google responded in a statement saying, "We're happy to answer the ICO's questions." On Tuesday, Google released documents relating to the U.S. federal investigation into its activities, including affidavits from nine people denying any knowledge of the data collection. (Registration may be required to access this story.)

 

 

Microsoft has filed patents for tracking systems "to match online advertisements to moods," The Toronto Star reports. The systems would track emotions "including facial expressions captured in video conversations and Facebook status updates," the report states, and could result in, for example, "weight-loss ads matched with unhappy people--who are more likely to want to change their lifestyle--and electronic ads with happy people--who are more likely to spend." Privacy advocates are questioning such mood-tracking technology. "Definitely when you're talking about people's emotional states, you're getting closer to sensitive data that relates to their identity," said Tamir Israel of the Canadian Internet Policy & Public Interest Clinic.

 

 

In what The Wall Street Journal reports is "the company's latest attempt to balance developers' appetite for targeting data with consumers' unease over how it is used," Apple will reportedly release a new tracking tool for mobile app developers. While Apple declined to comment, individuals briefed about the plan have indicated the tool aims to better protect user privacy. "How Apple's new technology works and what it will allow developers to track remains unclear," the report states. "One of the people briefed said that the new anonymous identifier is likely to rely on a sequence of numbers that isn't tied to a specific device." (Registration may be required to access this story.)

EU "May Be Close" to Finding NZ Privacy Law Adequate

Experts Assess Privacy Act Reforms

As Australians observe Privacy Awareness Week, COMPUTERWORLD reports on the history of the government's reforms to the Privacy Act since 2006 and what the reforms could mean for the digital environment. A representative from Xamax Consultancy, Roger Clarke, said that reforms to the Privacy Act have progressed "extraordinarily slowly, and they still haven't really reached any point of resolution..." An AGW Consulting representative suggested the main impact of the reforms "will be dealt out in the second tranche response by the government." Clarke says he wants the privacy commissioner to be granted "real power to do real things and solve problems," and both consultants support civil remedies, which will force companies to be more responsible, the report states.  

Victims File Complaint with Privacy Commissioner

At least three ACC claimants who have had their personal information compromised have filed a complaint with Privacy Commissioner Marie Shroff, The Northern Advocate reports. The ACC advocate representing the victims said, "My main concern with the information being leaked unintentionally, the information consisted of not only medical issues, but there is a legal component to these files."

State Government Limits Property Records Access

The state government is limiting access to certain property records based on citizens' complaints about marketers using information held in the records to sell goods, The Sydney Morning Herald reports. "While the number of complaints may be small, all potential breaches of privacy are taken seriously and actively investigated," said a Department of Sustainability and Environment spokeswoman, adding, "any activity that might constitute a breach of an individual's privacy and implied misuse of the property sales information is unacceptable."

Opinion: EHRs Raise Privacy Concerns

In light of a recent study that revealed a rise in patient record breaches in the U.S., a column in CSO stresses that "Australian medical experts warn that patient safety could be put at risk" once health records in Australia go digital. Three experts from the Medical Journal of Australia wrote, "It is not yet possible to make any definitive statement about whether the personally controlled electronic health record is safe or not." 

Resident Numbers Will No Longer Be Collectable

Websites and companies will no longer legally collect resident registration numbers following the approval of a government initiative for improved data protection, The Korea Herald reports. The Korea Communications Commission, the Ministry of Public Administration and Security and the Financial Services Commission's joint plan has received final approval. It will first prohibit the online sector from collecting resident registration numbers--followed by public and private companies in phases, the report states. The plan responds to a number of hacking incidents and identity thefts and aims to reduce the amount of personal data collected and used. Additional regulations will come as data protection law is revised later this year.

Critics Say Terms of Service Allows for Lack of Privacy

The New York Times reports on concerns about Google's recently released online storage service, Google Drive. The service offers free storage of documents, pictures and video, among other data. But critics say Drive falls under Google's terms of service, which allow the company to use the stored content for its own purposes. The Electronic Privacy Information Center's Marc Rotenberg said the terms of service are "bad, but even worse is that Google has made clear it will change its terms of service whenever it wishes." A Google representative, however, said the company doesn't "take personal information and use it in a way that we don't represent to the user." (Registration may be required to access this story.)