We really need to get the balance right on privacy reforms: reforms are sorely needed but we also need to retain *exemptions for journalism* and for journalists.

Keep the journalism exemption.

Don’t limit it. #privacyact

https://www.smh.com.au/business/companies/deeply-problematic-media-companies-slam-privacy-act-review-20230406-p5cyry.html

We urgently need to rewrite Australia’s paper-thin #privacyact and set up a new regulator that’s firmly on the side of citizens.

Australia has been standing still on this as the power of data aggregators has gone past concerning, straight through dangerous without slowing down, to overwhelming and on.

This latest review is still too weak but I do rather like this line on requirements for consent, which must be:

“voluntary, informed, current, specific and unambiguous”.

https://theconversation.com/governments-privacy-review-has-some-strong-recommendations-now-we-really-need-action-200079

#auspol #privacy #humanrights #bfamtsyd

Australians able to opt out of targeted ads and erase their data under proposed privacy reforms
https://amp.theguardian.com/australia-news/2023/feb/16/australians-able-to-opt-out-of-targeted-ads-and-erase-their-data-under-proposed-privacy-reforms

This appears to be inspired by the GDPR protections in the EU without being a total copy and giving us the same level of protection.

Looks like the usual suspects are opposing this proposed improvement to privacy, transparency, and accountability: political advertising and big business represented by the Business Council of Australia.

#AusPol #GPDR #Advertising #Privacy #PrivacyAct #Consent #RightToBeForgotten #DataBreach

@finngreig @JAS_Ten_Regen TBH it's not that I'm really worried about my identity being tracked etc, it's the principle of the thing. I don't think a short notice at entry is enough info. What will they do with data?

Same with #PatronScan at Dakota Bar where they photograph faces and credit cards, enter info into database and have no deletion or correction policy ... Consent through ignorance of #PrivacyAct isn't a great model for trust and surety of responsible custodianship of data

If anyone wants to read the (pre-hack) Optus submission to the Attorney-General about their thoughts on all these upcoming privacy changes.
It's a grandiose posturing by big corp towards privacy regulations. Quite eye opening at their lack of cyber security concerns or cowboy like wild-west demeanor towards new regulations.

It's free to download in the link here https://consultations.ag.gov.au/rights-and-protections/privacy-act-review-discussion-paper/consultation/view_respondent?show_all_questions=0&sort=submitted&order=ascending&_q__text=optus&uuId=658415295. All their words quoted below are just a small sample I copied.

"APP entity must take reasonable steps to satisfy itself that the personal information it is seeking to collect indirectly was originally collected in accordance with APP 3. Optus strongly disagrees with this proposal on the basis that it is of limited value to the protection of an individual’s personal information and will, in practice, likely amount to a box ticking exercise. "

"Optus is not of the opinion that a legislated ‘fair and reasonable’ test for handling personal information is required, and given that the current APPs are sufficient, a further test may cause unintended confusion, burden and potentially stifle innovation if misinterpreted or read too conservatively."

"Optus disagrees that “specific personal information” disclosed to overseas recipients should also be included as this is too granular. Optus notes that APP 1 currently requires APP entities to list the kinds, not specific types of information it handles. Given that privacy policies need to be clear and easy to read so that they are understandable, requiring APP entities to list specific personal information disclosed overseas could prove to be more of a nuisance than any benefit to informed consumer decision making."

"Optus recognises the importance of taking action, where possible, to identify and mitigate risks to individuals that may arise from an interference with privacy. However, Optus considers that the proposed amendment to sub-ss 52(1)(b)(ii) and 52(1A)(c) gives rise to a significant risk that APP entities will be saddled with obligations which are unclear and unduly burdensome."

#privacy #optus #privacyact #data

Financial tech firms disagree on ban of customer data screen-scraping - They use it to offer things like budgeting apps. It puts passwords and privacy at risk, but some s... more: https://nakedsecurity.sophos.com/2020/01/31/financial-tech-firms-disagree-on-ban-of-customer-data-screen-scraping/ #financialtechnology #consumerdataright #financialindustry #securitythreats #dataaggregation #screenscraping #openbanking #lisaschutz #privacyact #law&order #australia #dataloss #verifier #privacy