It was only a matter of time. The restaurant chain Wagamama has been reported to the UK Information Commissioner’s Office (ICO) for allegedly using contact details provided for Covid track and trace to send surveys to customers.
See The Times
A blog relating to Internet legal issues by Professor John Swinson, University of Queensland
Adsense HTML
Showing posts with label privacy. Show all posts
Showing posts with label privacy. Show all posts
Is Facebook carrying on business in Australia
A recent decision in Australia, concerning whether Facebook could be served in California, was decided by the Federal Court of Australia. This case arises out of a privacy action brought against Facebook by ACMA in relation to the Cambridge Analytics issues.
"It might be added that the means by which entities carry on business are constantly evolving. Much of the case law in which the concept has been discussed was decided long before the technological advances which underpin many modern forms of commerce. Ultimately, the question whether a particular entity carries on business, and does so in a particular place, is determined by reference to the particular facts.
The Commissioner submitted that she had established a prima facie case that Facebook Inc carried on business in Australia through a combination of two matters: first, through the agency of Facebook Ireland; and secondly, through certain activities for which Facebook Inc was directly responsible in Australia. ...
Rather, the evidence on this application suggests that, to the extent Facebook Ireland carried on business in Australia, it was carrying on its own business. The evidence adduced on this application and the inferences available to be drawn do not sufficiently allow for a possible conclusion that Facebook Ireland was also carrying on Facebook Inc’s business to warrant permitting service out of the jurisdiction.
However, for the reasons given next, the Commissioner has established a sufficient prima facie case to warrant exposing Facebook Inc to litigation in Australia on the basis that Facebook Inc directly carried on business in Australia. On its case, a part of Facebook Inc’s business was to provide services to Facebook Ireland, including the processing activities referred to earlier. I am satisfied that there is a prima facie case that Facebook Inc carried out sufficient activity in Australia in its business of providing services to Facebook Ireland for a conclusion to be available that Facebook Inc carried on business in Australia within the meaning of s 5B(3)(b) of the Privacy Act. ...
I am satisfied that the Commissioner has established a prima facie case, in the required sense, that Facebook Inc carried on business in Australia within the meaning of s 5B(3)(b). In summary, the Commissioner has established a sufficient prima facie case that Facebook Inc carried on business in Australia which included providing services to Facebook Ireland."
Australian Information Commissioner v Facebook Inc (No 2) [2020] FCA 1307
Queensland Privacy Review and Law Reform Report
Today, the Queensland Law Reform Commission published a final report, Report No 77, Review of Queensland’s laws relating to civil surveillance and the protection of privacy in the context of current and emerging technologies.
The Report includes a draft bill: DRAFT SURVEILLANCE DEVICES BILL 2020
Facebook in Australia?
Facebook claims it can’t be sued by Aussie privacy watchdog
In a court hearing on Friday, 26 June 202, US-based Facebook has argued that it does not carry on business in Australia despite users in Australia accessing its website, calling for the dismissal of action brought by the Australian Information Commissioner over alleged privacy breaches and Cambridge Analytics.
In a court hearing on Friday, 26 June 202, US-based Facebook has argued that it does not carry on business in Australia despite users in Australia accessing its website, calling for the dismissal of action brought by the Australian Information Commissioner over alleged privacy breaches and Cambridge Analytics.
Facebook in Court over Cambridge Analytics
This recent Australian judgment concerns substituted service on Facebook. It relates to Cambridge Analytics breach. Interestingly, it discusses COVID-19. Facebook did not appear in court.
Australian Information Commission v Facebook Inc [2020] FCA 531
Facebook in Court
In a surprising move, the Australian Information Commissioner has sued Facebook in Australia over giving access to personal information of thousands of Australians to Cambridge Analytica.
https://www.abc.net.au/news/2020-03-09/facebook-privacy-oaic-information-commissioner/12039642
https://www.businessnewsaus.com.au/articles/australian-information-commissioner-takes-facebook-to-court.html
"We consider the design of the Facebook platform meant that users were unable to exercise reasonable choice and control about how their personal information was disclosed," says Australian Information Commissioner and Privacy Commissioner Angelene Falk.
https://www.abc.net.au/news/2020-03-09/facebook-privacy-oaic-information-commissioner/12039642
https://www.businessnewsaus.com.au/articles/australian-information-commissioner-takes-facebook-to-court.html
"We consider the design of the Facebook platform meant that users were unable to exercise reasonable choice and control about how their personal information was disclosed," says Australian Information Commissioner and Privacy Commissioner Angelene Falk.
Assaults on Privacy in the USA
A good article in Harvard Magazine titled "How surveillance changes people's behaviour: assaults on privacy in America." See article here.
EU ePrivacy
On 10 January 2017, the European Commission published a
Proposal for a Regulation could have significant implications for Internet-based services and technologies.
The Proposal seeks to revise the current EU ePrivacy Directive. It creates strict new rules
regarding confidentiality of electronic communications, including
content and metadata. In addition, the Proposal amends the current rules
on the use of cookies and similar technologies, and direct marketing.
The rules apply to EU and non-EU companies providing
services in the EU, and are backed up by significant enforcement
powers—fines of up to four percent of a company's global turnover.
The Proposal is the next major step in the EU's review of its data protection legal framework and follows the adoption of the
General Data Protection Regulation (GDPR) in April 2016.
Apple Store Privacy Issues
Do you trust Apple Store employees when they take away your phone to fix it?
Staff in a Brisbane Apple Store reportedly lifted photos from some Apple customers' iPhones and took more than 100 close-up and explicit photos of female customers and staff without their knowledge.
This raises both privacy and copyright issues. It is also creepy.
See Brisbane Times
Staff in a Brisbane Apple Store reportedly lifted photos from some Apple customers' iPhones and took more than 100 close-up and explicit photos of female customers and staff without their knowledge.
This raises both privacy and copyright issues. It is also creepy.
See Brisbane Times
Personal Information
The Australian Administrative Appeals Tribunal has decided that companies who collect operational data about services they provide
to individual end users, is not personal information about customers.
See Telstra Corporation Limited and Privacy Commissioner [2015] AATA 99 (18 December 2015)
See Telstra Corporation Limited and Privacy Commissioner [2015] AATA 99 (18 December 2015)
Dallas Buyers Club decision - who won?
The Australian Federal Court decided today that ISP iiNet was required to identify some of its customers who have downloaded the movie "Dallas Buyers Club". The court imposed restrictions and costs on the copyright holder. No email addresses were ordered to be disclosed. Dallas Buyers Club LLC v iiNet Limited [2015] FCA 317.
See Court Decision and SMH Article.
See Court Decision and SMH Article.
Recommended Reading
I recommend these recent books, which relate to law and technology. Kindle editions are available.
Privacy
The Australian Privacy Commissioner has released a revised guide to "reasonable steps" to protect personal information.
Comments due 27 August.
"Effective ICT security requires protecting both computer hardware (the physical devices that make up a computer system) as well as the data (including personal information) that the computer hardware holds from misuse, interference, loss, unauthorised access, modification and disclosure. However, ICT security measures should also ensure that the hardware and the information stored on it remain accessible and useful to legitimate users."
Privacy in the Digital Era
The Australian Government announces the release of the Discussion Paper for this Inquiry, Serious
Invasions of Privacy in the Digital Era (DP 80).
The
Discussion Paper provides a detailed account of ALRC research so far,
and includes 48 proposals and a number of questions for people to
consider and provide feedback on. The ALRC
is proposing a model for a new statutory cause of action for serious
invasions of privacy to be included in a new Commonwealth Act, and also
is putting forward other alternative proposals to strengthen privacy
protection.
The Discussion Paper is available in HTML, PDF, and as an ebook.
·
See Media
Release >>
·
See Discussion
Paper >>
Privacy Guidelines in Australia
The Privacy Guidelines are no longer consultation drafts – the final version was released today (link below).
They have reversed
their view on the application
of the Privacy Act to foreign website operators. So much so that the
guidelines now conclude that “Where an entity merely has a website that can be accessed from Australia, this is generally not sufficient to establish that the
website operator is ‘carrying on a business’ in Australia”
Informational Privacy on the Web
A Data Broker Offers a Peek Behind the Curtain
The Acxiom Corporation is to open a Web site that will allow individual consumers to see some of the information that the company has collected about them. http://nyti.ms/17slfwv
Social Networks and Right of Publicity
From a Kenyon & Kenyon newsletter looking at legal trends for 2013:
An important “Right of Publicity” issue for 2013 is the use by social networks of their members' names and/or likenesses in advertising. Many social networks have broad Terms of Service which purport to allow them to exploit any content that a member posts on the networks' websites. Social networks take the position that these service terms permit them to use aspects of their members’ identities in advertisements appearing within the social networks. As social networks grow and compete for advertiser dollars, they will naturally want to allow advertisers to create the most effective ads possible. Studies have shown the persuasive potential of an online connection's recommendations (due to the apparent lack of bias), and therefore many advertisers are likely to request advertising that uses the identities of a social network's users.
An important “Right of Publicity” issue for 2013 is the use by social networks of their members' names and/or likenesses in advertising. Many social networks have broad Terms of Service which purport to allow them to exploit any content that a member posts on the networks' websites. Social networks take the position that these service terms permit them to use aspects of their members’ identities in advertisements appearing within the social networks. As social networks grow and compete for advertiser dollars, they will naturally want to allow advertisers to create the most effective ads possible. Studies have shown the persuasive potential of an online connection's recommendations (due to the apparent lack of bias), and therefore many advertisers are likely to request advertising that uses the identities of a social network's users.
Privacy for Mobile Apps
From The New York Times:
F.T.C. Suggests Guidelines on Privacy for Mobile Apps The Federal Trade Commission said the mobile industry should include a do-not-track feature in software and apps and take other steps to safeguard personal information. http://nyti.ms/X0xWcG
Subscribe to:
Posts (Atom)
How should damages be assessed for privacy and cybersecurity breaches
Listen to this podcast where I discuss how damages should be assessed in privacy and cybersecurity lawsuits. The Lawyers Weekly Show host J...
-
The United Nations intellectual property agency (WIPO) is the latest front in the US-China trade war. http://www.theage.com.au/world/sad-am...
-
The issue of content regulation in China was mentioned in this blog last year . In the last few weeks, this issue has once again pushed into...
-
Finally, what is called direct registration of domain names is coming to Australia. See https://www.auda.org.au/statement/australias-interne...