To counter the myriad problems with automated decision-making, including gender and racial bias, inaccurate data, skewed outputs and opaque logic, ‘algorithmic transparency’ is the latest buzz word. But like many buzz words, it doesn’t mean much. ‘Tra…
Archives for 2022
Back to the drawing board: PIAs need a framework too
In my August blog I offered seven tips for how to conduct effective Privacy Impact Assessments (PIAs), and then I sat back and felt very pleased with myself for solving all the world’s problems. OK, not all of the problems, but at least the problem of…
In the search for solutions, privacy theatre is the last thing we need
While ideas like a right to erasure or ‘tell the banks about victims’ might sound great in theory, they won’t deliver actual improvements. The Optus data breach has elevated discussion of the need to reform the Privacy Act to mainstream political news….
Finger scanning kids demonstrates weaknesses in privacy law
As a public school in Sydney, Moorebank High School is regulated by the NSW privacy laws, not the federal Privacy Act. As a result, consent is not required before collecting biometrics. However, the organisation involved, which in this case is the NSW…
What your C-suite needs to know about the Privacy Act
It’s all well and good to talk about data-driven strategy and values alignment, but if your senior execs, marketing or IT folks don’t know what data is regulated as ‘personal information’, or when consent is needed under the Privacy Act, your privacy m…
The seven habits of effective Privacy Impact Assessments
There is something magical about the number seven. The seven deadly sins, the seven dwarfs, the seven year itch, those plucky child detectives who formed the Secret Seven, and the barn-raising dance number from Seven Brides for Seven Brothers. Plus o…
Would you like fries with that? A quick guide to notice and consent in privacy law
When consumer advocacy body CHOICE last month went public with its investigation into the use of facial recognition by major Australian retailers, the public reaction was swift – and negative. No surprise, given we already knew that the majority of Aus…
OAIC determinations shed light on when data is regulated as ‘personal information’
Recent caselaw demonstrates that privacy laws reach further than some organisations might expect. Introduction: the identifiability test Most information privacy and data protection laws around the world have as their starting point some notion of iden…
Big Tech, Individuation, and why Privacy must become the Law of Everything
Anorexia. Violent extremism. Holocaust denial. Anti-vaccine conspiracy theories. Gambling addiction. Hate speech. False claims about stolen elections. Genocide. You might not think of these as privacy harms, but they have one thing in common: th…
Should birds of a feather be FLoC’d together?
The demise last week of FLoC is not the end of the story for Google’s plans to prop up surveillance-based advertising once cookies are phased out. As a replacement for third party tracking cookies, Google was – until last week when it was killed off -…
Why can’t Aunty get the ABCs of privacy right?
The ABC says it is “committed to protecting your privacy”. So why are they giving our data to Facebook and Google? The ABC Privacy Policy was updated in late 2021, to “reflect some changes to the way in which your information will be handled as we loo…
