[Year 12 IT Apps] Changes to Privacy Legislation

ATKINSON-BUCK, Damien Damien.ATKINSON-BUCK at ivanhoe.com.au
Fri May 6 11:00:20 EST 2011 

Hi folks,
                Interesting article on how the Sony attacks may prompt changes in our laws
http://www.theregister.co.uk/2011/05/05/sonyhack_privacyact/

The Australian government may consider expediting significant reforms to the Privacy Act as a result of the Sony data breaches.
The Australian Privacy Commissioner, Timothy Pilgrim has already opened an investigation into the Sony Playstation Network security breach where 77 million users of the network have had their personal data compromised. Pilgrim issued an additional statement<http://www.oaic.gov.au/news/statements/statement_investigation_into_Sony_data_breach.html> [1] in response to the subsequent news this week relating to a breach relating to Sony Online Entertainment in which an additional 24.6 million users including 12,700 non-US customer credit or debit card numbers had been affected.
In what is essentially a pro-forma response from the office, Pilgrim has "have asked SOE for information about this incident," and promised an "own motion investigation" of the attack (that is, an investigation launched without waiting for specific complaints to arrive at the office).
"This latest incident is extremely worrying," said Pilgrim. "I am particularly concerned that it involves information stored on an out of date database.
"It reinforces my view that organisations need to consider further limiting the amount of information they collect and store about people. They should also make sure that information is destroyed when it is no longer needed as is required under the Privacy Act," Pilgrim said.
While the commissioner has asked what information was compromised and what network security was in place at the time of the breach, he has not asked Sony to explain what vulnerabilities were exploited, nor to detail what new security measures it might apply to defend against future attacks.
There is currently no mandatory data breach notification obligation in Australia. The Australian Law Reform Commission recommended that consideration should also be given to the introduction of mandatory data breach notification laws.
Pilgrim said that there are a number of significant reforms to the Privacy Act currently being considered by the government including increased powers for the Commissioner to impose penalties following an own motion investigation, such as enforceable undertakings and civil penalties for serious breaches of privacy. (r)




Damien Atkinson-Buck
Member of Academic Staff (Secondary)
________________________________

[Description: Description: cid:image002.jpg at 01CA7D93.5FFD22D0]<http://myivanhoe.net/>



PO BOX 91 The Ridgeway, Ivanhoe, Victoria 3079 Australia
Telephone +61 3 9490 3848 Facsimile +61 3 9490 3490
mailto:damien.atkinson-buck at ivanhoe.com.au
http://myivanhoe.net<http://myivanhoe.net/>







Privacy, Virus and Copyright Warning

The information contained in this electronic message (e-mail), and any files transmitted with it:

* is intended for the named recipients only. If you have received this in error, please advise the sender and delete it and any copies immediately;
* Any personal information in this email must be used in accordance with the Privacy Act 1988 and this always applies even if it has been sent to you in error.
* represents the views of the sender and does not necessarily represent the views or formal advice of Ivanhoe Grammar School;
* may be subject to Copyright, so no further use should be made of it without the author's permission.

The School does not represent or warrant that the email or any files attached do not contain errors or are free from computer viruses or other defects nor does it accept responsibility for any loss or damage resulting directly or indirectly from the use of the email or any attached files.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.edulists.com.au/pipermail/itapps/attachments/20110506/9effd008/attachment-0001.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.jpg
Type: image/jpeg
Size: 9302 bytes
Desc: image001.jpg
Url : http://www.edulists.com.au/pipermail/itapps/attachments/20110506/9effd008/image001-0001.jpg

More information about the itapps mailing list