2020 – Year in Review
2020 – Year in Review 2020 was a rollercoaster of a year. Despite the disruption of COVID-19 much was achieved. Here’s a breakdown of some of the major legal developments of the year. Ad Tech
Security Tips for Video Conferencing
When any technology sees its popularity increase quickly, the number of malicious actors seeking to take advantage of new and untrained users also grows. Videoconferencing is one such technology. It has become an essential tool
Cybersecurity Resilience during COVID-19
Organisations and individuals are increasingly harnessing the opportunities presented by technology in the current COVID-19 climate. The pandemic has placed a growing reliance on data, cloud systems and online communications as organisations combat the
Australia Digital Platforms Inquiry
Calls for sweeping changes to the regulatory landscape governing digital platforms were made with the release of the Australian Competition and Consumer Commission’s (ACCC) Digital Platform’s Inquiry (Inquiry) Report earlier this year. The Inquiry
Consumer Data Right
The Australian Consumer Data Right will empower consumers but will increase regulatory burden and compliance for businesses. What privacy and data systems will your business need to comply with the new regime? On 1
A New Wave of Privacy – The California Consumer Privacy Act
New data access rights for Californian data subjects have been created by the California Consumer Privacy Act (CCPA), which came into force on 1 January 2020. Like the General Data Protection Regulation (EU) 2016/679
What is the value of data privacy?
The prevalence and value of data, particularly personal data, is continuing to grow exponentially. Data has become an increasingly valuable resource for businesses. But businesses need to be aware of, and balance the increasing
Cookies
Cookies – the aptly named ‘bite sized’ text files which reside in a user’s device can be helpful tools for both businesses and web users. Whether it’s to remember what’s in a shopping basket
Privacy Compliance: Why a Privacy Policy is Not Enough
Every other day we hear about a privacy issue, whether that be a data breach, the misuse of personal information by companies, or new privacy legislation. Privacy compliance is on everyone’s mind – which
My Health Record
The new deadline for opting-out of My Health Record is fast approaching. If you don't already have a My Health Record, and do not want one created for you, you will need to opt-out
Medical Records Trust & Transparency
Download Article Data use and an individual’s rights have become very topical with the increasing number of data breaches that impact us as individuals, including reports on data issues in
Crowd-sourced equity funding – a new way to raise capital
The Corporations Amendment (Crowd-sourced Funding) Act 2017 which commenced operation on 29 September 2017, aims to bridge the ‘capital gap’ experienced by many small businesses and start-ups as they struggle to finance further development
The First Line of Defence Against Cyber Criminals
In this blog, we discuss the importance of organisational culture to cyber resilience and security. While technical safeguards are important, the rise of social engineering as a method of breaching an organisation’s security means
Techniques for Cyber Testing your Technology Infrastructure
It’s no secret that constantly evolving security threats pose dangers to your organisation, but you may not be aware of the high rate of occurrence of cyber attacks and the likelihood that your organisation’s
ASD’s Essential Eight to Mitigate Cyber Security Incidents
In February 2017, the Australian Signals Directorate (ASD) expanded its Top Four cyber threat mitigation measures to the “Essential Eight”. What are the measures, what has changed, what is new and what do they
Cybersecurity: The Regulatory Environment
The cost of a cyber incident can be enormous. Beyond the costs associated with the technical investigation for determining the cause of the cyber incident, organisations will also have to fork out money for
Board Principles for Cyber Resilience
Increased use of technology is a key source of competitive advantage, but it is also a key driver of cyber risk. An organisation that hesitates to protect its information assets will likely fall behind
Data Breach Notification: Third Time’s a Charm
Australia will have a mandatory data breach notification regime within the next 12 months after the legislation passed parliament in February 2017. This was the third attempt by the Government to implement a system
Tips for Improving Your Organisation’s Cyber Resilience
In 2012, Robert Mueller, FBI Director famously said that he was “convinced that there are only two types of companies: those that have been hacked and those that will be.”[1] The statement’s relevance in
The Cost of Cyber Complacency
Within the rapidly globalising and integrated global community, the evolution and rationalisation of technology has presented the real and present danger of cyber-attacks, creating a threat environment for all businesses. With malware becoming more sophisticated
Unfair Contract Terms Protection Extended to Small Businesses
The unfair contract terms protections under the Australian Consumer Law was extended to protect small businesses from 12 November 2016. In this blog, we will examine the far reaching implications of this change on
Know Your Obligations: Telemarketing and Spam
The Federal Court penalised travel agency Getaway Escapes over $300,000 and its director $25,000 for breaching their obligations under the Do Not Call Register Act 2006 (Cth) (‘Act’) and the Telemarketing and Research Calls
Electronic Voting: The Way of the Future?
The administration of our lives has become increasingly digitised. We bank on the Internet, complete our tax returns online, shop electronically, conduct business over e-mail. There is little that we don’t do online. So given
Lessons Learned From the DAO Hack: The Blockchain, Smart Contracts and Security
Blockchain technology is vulnerable to the same malicious hackers that target business and government - when things go wrong millions of dollars are at stake.
Blockchain in Action: Smart Contracts
Sainty Law examines smart contracts in our second blog in this series on blockchain. While smart contracts are a hot topic, are they really a viable alternative to traditional methods of contracting and transacting?
Blockchain Explained
An unavoidable consequence of our time is that an understanding of how technology works, and at the very least what it does and how to use it, is critical to running a dynamic business. In
The Future of Personal Privacy Protection in NSW – What does it look like?
In March 2016 the NSW Legislative Council’s Standing Committee on Law and Justice (Committee) released a report titled ‘Remedies for the Serious Invasion of Privacy in New South Wales’ (Report), recommending the adoption of a
Mitigating Conflict between the Australian Privacy Principles and Big Data Collection
In 2013 we did a series of blogs demystifying big data. We looked at what big data is, how big data is used and recommended some big data best practices. Since 2013 the big data
Cloudy with a Chance of Rain: Best Practice Tips for Cloud Computing
Cloud computing has many benefits for business and government – it is cost-effective, easily accessible and scalable and infinitely customisable. However, the growth of cloud computing has also created new security challenges. An understanding of what the cloud actually is and how it works is crucial to understanding the security risks which it poses and how these risks can be managed.
Cyber Security Blog #3 – Cyber Security: The Essentials for Business
The Australian Government released its Australian Cyber Security Strategy (“Strategy”) on 21 April 2016. In our last cyber security blog (2/3), we provided our analysis on the Strategy. It is clear that the Strategy places
Cyber Security Blog #2 – An ‘Open, Free and Secure’ Internet – The Australian Government’s Approach to Cyber Security
The Australian Government released its much anticipated Australian Cyber Security Strategy on 21 April 2016 (“Strategy”). The Strategy, which was commissioned in 2014, takes a top-down approach to cyber-security, with an emphasis on arming
The PirateBay Enables Free Streaming Through Torrents Time Plug-In
As of this year, The Pirate Bay, the notorious torrent-sharing site, offers free streaming via the plug-in Torrents Time (TT). This plug-in has transformed The Pirate Bay overnight into the largest video streaming website on the net, making it easier than ever before for users to access copyright-infringing content online. Will the Copyright Amendment (Online Infringement) Act 2015 apply to these new online innovations? And what does this mean for ISPs, copyright holders and web-surfers?
Privacy Awareness Week 2016
Privacy Awareness Week 2016 This year’s Privacy Awareness Week ran from 15 to 21 May and was one of the most interesting and stimulating yet;
Cyber Security Blog #1 – Deception Technology: A More Aggressive Approach to Cyber Security
Cyber-attacks are a real and present threat for all businesses. With malware becoming more sophisticated and capable of outsmarting traditional anti-virus technologies, it is important for businesses to stay abreast of new security threats and methods of mitigating them.
ISPs Victorious Against Dallas Buyers Club Owner – what does this mean for illegal downloading?
As of the 11th of February 2016 the infamous proceedings between Dallas Buyers Club LLC (DBC) and iiNet (as well as five other Australian Internet Service Providers) came to an end, when DBC failed to
Metadata Stored by Telecommunication Companies Held to Not Be ‘about’ an Individual
The Administrative Appeals Tribunal (AAT) has upheld an appeal by Telstra against a decision of the Privacy Commissioner, denying Ben Grubb access to metadata attaching to his Telstra account, such as his IP addresses, web browsing history and cell tower location information. Such information however is readily available to government agencies without a warrant. So what does this decision mean for individual privacy and for companies storing customer metadata?
The EU-US Privacy Shield: Content
Last October the CJEU invalidated the Safe-Harbour agreement – the mechanism which allowed the lawful transfer of personal data from the EU to the US. You can read our blog post about that first decision here. Swift action has been taken to put together a new agreement – one that prioritises privacy, accountability and transparency.
Freelancer.com Privacy Breach Complaints
Lessons to be learned from Freelancer.com about Privacy The way that companies deal with personal information is increasingly scrutinised, as individuals become more wary about to whom they give their information and how that information
Mandatory Data Breach Notification Laws back on the Agenda
In December last year, the Federal Government released an exposure draft of the Privacy Amendment (Notification of Serious Data Breaches) Bill 2015 (the Bill) for public consultation. The draft Bill, which was promised by
Where to now? CJEU Declares EU-US Safe Harbour Invalid
UPDATE: On 16 October 2015 the Article 29 Data Protection Working Party released a statement in the wake of the CJEU’s landmark declaration that the US – EU Safe Harbour is invalid. The Working
The Wisdom of the Crowd – Crowd-Sourced Equity Funding in Australia
Starting a business is hard, and if the biggest challenge is coming up with a product or service that people actually want, the next challenge is finding the money to get the business off
#PrivacyMatters
Privacy Awareness Week (PAW) is here again. Sainty Law has been involved in PAW events for a number years now, but we have to say that PAW2015 feels quite different. It has often been said
Avoiding an Accident Waiting to Happen – OAIC’s Guide to Securing Personal Information
If your organisation handles personal information in any way, shape or form, you will by now be familiar with the Australian Privacy Principles (APPs). Introduced in March 2014, the APPs were designed to act as
Revised Guide to Information Security
Last month, the OAIC released a Revised Guide to Information Security for public consultation. The Guide was originally published in April 2013, to de-mystify the obligation under the Privacy Act 1988 (the Act) to take
The Online Copyright Infringement Discussion Paper – An Overview
The Australian Attorney-General’s Department officially released its Online Copyright Infringement Discussion Paper, seeking comments from the public on how best to develop a legal framework to reduce online copyright infringement in Australia. Online piracy is
Data Security Strategies and the Privacy Act
Last week, the Privacy Commissioner found that online dating company Cupid Media had breached the Privacy Act 1988 (Cth) by failing to take reasonable steps to keep personal data held on its dating websites
EU Right to Be Forgotten
In a landmark decision, the Court of Justice of the European Union has ruled in favour of a right to be forgotten - an enormous win for privacy, and anyone who has google-searched their own
Image Rights for Young Athletes
Managing the Image Rights for Young Athletes Just as children are educated at school to manage their social media interactions, young athletes should be conscious of the way they use social media. There are certainly
Why Image Rights Matter
Image rights and sporting talent Endorsements, commercialisation and merchandise have long been an important component of the income stream of athletes and sports players. The evolution and growth of social media has meant this is