Privacy guidelines not enough to prevent data breaches: Law lecturer

Australian privacy watchdog needed to prevent more Medvet data leaks, another Sony hack

To prevent online privacy breaches Australia needs a privacy watchdog rather than merely guidelines, a law lecturer has argued.

In an article at Thecoversation.edu.au University of Canberra law lecturer, Bruce Arnold, argues the high number of data leaks happening in Australia and overseas shows that the government must step up and move beyond privacy guidelines.

“Australia needs a privacy watchdog that is quick to act, a watchdog that, like its overseas counterparts in the UK and US, is equipped with the sort of financial penalties that get the attention of executives,” Arnold wrote.

“Shaming is not enough: where there is improper sharing we need real punishment to stop future problems.”

Using the example of the South Australia-based paternity and drug-testing laboratory, Medvet which last month experienced an online software error that caused the details of 800 patients’ delivery addresses to be visible online, Arnold claimed such organisations must take their privacy responsibilities more seriously.

“The incident shows we need stronger privacy law and meaningful enforcement,” Arnold wrote. “We also need a cultural change, whereby institutions regard themselves as data custodians rather than data owners and therefore take their responsibilities more seriously.”

Arnold agreed with Clearswift’s Phil Vasic that the Sony hacks showed the need for data breach laws needing to be changed.

“Medvet has been unfortunate but there is no reason to believe that such a breach is exceptional,” Arnold wrote. “Other organisations – including universities, government agencies and multinational corporations with the very best information technology money can buy – have experienced unwanted exposure of “their” data, i.e. information about you, me and the people next door.”

Follow Lisa Banks on Twitter: @CapricaStar

Follow Computerworld Australia on Twitter: @ComputerworldAu

More about: Clearswift, Sony, University of Canberra, University of Canberra
References show all

Comments

1

jonbays

Wed 10/08/2011 - 08:19

We have a Privacy Commissioner all we need is black letter law legislation with penalties to give him the big stick that he will need to move the totally ignored guidelines to legal requirements with commercially unacceptable risk attached to breaches.

2

grumpy

Wed 10/08/2011 - 15:02


Or maybe we don't need yet more 'black letter law' to provide an even bigger feast for the lawyers.

A reasonable amount of privacy protection is good, but we seem to have got to the stage where the recently created privacy industry may be just seeking to do some empire building.

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the Computerworld comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: privacy, security
Whitepapers
All whitepapers
Sign up now to get free exclusive access to reports, research and invitation only events.
Featured Download
/downloads/product/161/softdisc/

SoftDisc

SoftDisc is an image file tool that allows you to create, edit and manage your image files. It also lets you emulate a virtual CD ...

Computerworld newsletter

Join the most dedicated community for IT managers, leaders and professionals in Australia