Facebook, Microsoft, Google and Amazon have admitted to eavesdropping. It was recently revealed the industry giants paid hundreds of contractors to manually transcribe users’ conversations in an attempt to improve speech recognition technology and artificial intelligence algorithms. This revelation has left many users reeling.  

In a landmark decision, the Federal Trade Commission (FTC), the US consumer regulator, has announced that Facebook has agreed to pay a USD $5 billion (AUD $7.1 billion) fine for deceiving its 80+ million users about the social medial giant’s ability to protect user’s personal information. The multibillion dollar fine is in addition to a $100 million settlement with the US Securities Exchange Commission (SEC).  

Malicious or criminal attacks continue to be the main sources of data breaches with 60% of breaches notified during the Period being attributable to such attacks. Notably, phishing and spear phishing were the most effective methods by which entities were compromised. Human error accounted for 35% of notified breaches and systems fault for 5% of notified breaches. 

The pressures on employers are vice-like, how do you comply with requirements of the Fair Work Act to keep accurate attendance records to ensure correct pay, without monitoring employee attendance accurately?

A 6 year old girl made a complaint alleging that the private school she attended interfered with her privacy by inappropriately collecting and retaining videos and photos of her and her schoolwork; publishing or displaying images of her publicly; and not providing access to all personal information the school held about her.

On 10 December 2018, the Australian Competition & Consumer Commission (‘ACCC’) released its proposals on how Australia should respond to the expanding grip of technology giants, like Facebook and Google, on the lives of everyday Australians.

The Australian Government has released an issues paper outlining key principles that will guide the creation of proposed new legislation around the sharing and use of government data.

In CWI v The University of New South Wales [2018] NSWCATAD 12 the Civil and Administrative Tribunal of New South Wales (NCAT) was asked to make a decision regarding a review of a determination by the University of New South Wales (UNSW) in relation to a complaint made about the conduct of an officer of UNSW under the Privacy and Personal Information Act 1998 (PPIP Act).

In DDT v Charles Sturt University [2017] NSWCATAD 329 the Civil and Administrative Tribunal of New South Wales (NCAT) was asked to make a determination concerning an access to information application under the Government Information Public Access Act 2009 (NSW) (GIPA Act).

The NSW Civil and Administrative Tribunal (the Tribunal) was asked to review a decision made by The Charles Sturt University (the University) in relation to its refusal to allow the applicant access to an investigation report sought pursuant to the Government Information (Public Access) Act 2009 (the GIPA application).

The NSW Civil and Administrative Tribunal (the Tribunal) was asked to review a decision made by a Local Health District (LHD) pursuant to the Government Information (Public Access) Act 2009  (the GIPA application) to withhold certain information from the applicant. 

In August last year Jeremy Corbyn cried foul when he was, by his own account, forced to sit on the floor of a train vestibule of a Virgin Train due to overcrowding.  At the time Mr Corbyn’s spokesperson used the incident as evidence of why the Labour Party’s policy to bring trains back into public ownership was so popular.  Virgin Trains was quick to counter the allegation by releasing CCTV still footage which showed the politician walking past apparently unreserved seats.

A recent decision made by the Australian Information Commissioner, Timothy Pilgrim, has found that a government agency had the right to deny an employee access to workplace investigation documents.

After a long wait, the Australian Government has passed a Bill that will require organisations to notify individuals if an unauthorised person or group has had access to their personal information in a way that could cause serious harm.