Privacy Compliance: Why a Privacy Policy is Not Enough
Every other day we hear about a privacy issue, whether that be a data breach, the misuse of personal information by companies, or new privacy legislation. Privacy compliance is on everyone’s mind – which
My Health Record
The new deadline for opting-out of My Health Record is fast approaching. If you don't already have a My Health Record, and do not want one created for you, you will need to opt-out
Medical Records Trust & Transparency
Download Article Data use and an individual’s rights have become very topical with the increasing number of data breaches that impact us as individuals, including reports on data issues in
Crowd-sourced equity funding – a new way to raise capital
The Corporations Amendment (Crowd-sourced Funding) Act 2017 which commenced operation on 29 September 2017, aims to bridge the ‘capital gap’ experienced by many small businesses and start-ups as they struggle to finance further development
The First Line of Defence Against Cyber Criminals
In this blog, we discuss the importance of organisational culture to cyber resilience and security. While technical safeguards are important, the rise of social engineering as a method of breaching an organisation’s security means
Techniques for Cyber Testing your Technology Infrastructure
It’s no secret that constantly evolving security threats pose dangers to your organisation, but you may not be aware of the high rate of occurrence of cyber attacks and the likelihood that your organisation’s
ASD’s Essential Eight to Mitigate Cyber Security Incidents
In February 2017, the Australian Signals Directorate (ASD) expanded its Top Four cyber threat mitigation measures to the “Essential Eight”. What are the measures, what has changed, what is new and what do they
Cybersecurity: The Regulatory Environment
The cost of a cyber incident can be enormous. Beyond the costs associated with the technical investigation for determining the cause of the cyber incident, organisations will also have to fork out money for
Board Principles for Cyber Resilience
Increased use of technology is a key source of competitive advantage, but it is also a key driver of cyber risk. An organisation that hesitates to protect its information assets will likely fall behind
Data Breach Notification: Third Time’s a Charm
Australia will have a mandatory data breach notification regime within the next 12 months after the legislation passed parliament in February 2017. This was the third attempt by the Government to implement a system
Tips for Improving Your Organisation’s Cyber Resilience
In 2012, Robert Mueller, FBI Director famously said that he was “convinced that there are only two types of companies: those that have been hacked and those that will be.”[1] The statement’s relevance in
The Cost of Cyber Complacency
Within the rapidly globalising and integrated global community, the evolution and rationalisation of technology has presented the real and present danger of cyber-attacks, creating a threat environment for all businesses. With malware becoming more
Unfair Contract Terms Protection Extended to Small Businesses
The unfair contract terms protections under the Australian Consumer Law was extended to protect small businesses from 12 November 2016. In this blog, we will examine the far reaching implications of this change on
Know Your Obligations: Telemarketing and Spam
The Federal Court penalised travel agency Getaway Escapes over $300,000 and its director $25,000 for breaching their obligations under the Do Not Call Register Act 2006 (Cth) (‘Act’) and the Telemarketing and Research Calls
Electronic Voting: The Way of the Future?
The administration of our lives has become increasingly digitised. We bank on the Internet, complete our tax returns online, shop electronically, conduct business over e-mail. There is little that we don’t do online. So given
Lessons Learned From the DAO Hack: The Blockchain, Smart Contracts and Security
Blockchain technology is vulnerable to the same malicious hackers that target business and government - when things go wrong millions of dollars are at stake.
Blockchain in Action: Smart Contracts
Sainty Law examines smart contracts in our second blog in this series on blockchain. While smart contracts are a hot topic, are they really a viable alternative to traditional methods of contracting and transacting?
Blockchain Explained
An unavoidable consequence of our time is that an understanding of how technology works, and at the very least what it does and how to use it, is critical to running a dynamic business. In
The Future of Personal Privacy Protection in NSW – What does it look like?
In March 2016 the NSW Legislative Council’s Standing Committee on Law and Justice (Committee) released a report titled ‘Remedies for the Serious Invasion of Privacy in New South Wales’ (Report), recommending the adoption of a
Mitigating Conflict between the Australian Privacy Principles and Big Data Collection
In 2013 we did a series of blogs demystifying big data. We looked at what big data is, how big data is used and recommended some big data best practices. Since 2013 the big data
Cloudy with a Chance of Rain: Best Practice Tips for Cloud Computing
Cloud computing has many benefits for business and government – it is cost-effective, easily accessible and scalable and infinitely customisable. However, the growth of cloud computing has also created new security challenges. An understanding of what the cloud actually is and how it works is crucial to understanding the security risks which it poses and how these risks can be managed.
Cyber Security Blog #3 – Cyber Security: The Essentials for Business
The Australian Government released its Australian Cyber Security Strategy (“Strategy”) on 21 April 2016. In our last cyber security blog (2/3), we provided our analysis on the Strategy. It is clear that the Strategy places
Cyber Security Blog #2 – An ‘Open, Free and Secure’ Internet – The Australian Government’s Approach to Cyber Security
The Australian Government released its much anticipated Australian Cyber Security Strategy on 21 April 2016 (“Strategy”). The Strategy, which was commissioned in 2014, takes a top-down approach to cyber-security, with an emphasis on arming
The PirateBay Enables Free Streaming Through Torrents Time Plug-In
As of this year, The Pirate Bay, the notorious torrent-sharing site, offers free streaming via the plug-in Torrents Time (TT). This plug-in has transformed The Pirate Bay overnight into the largest video streaming website on the net, making it easier than ever before for users to access copyright-infringing content online. Will the Copyright Amendment (Online Infringement) Act 2015 apply to these new online innovations? And what does this mean for ISPs, copyright holders and web-surfers?
Privacy Awareness Week 2016
Privacy Awareness Week 2016 This year’s Privacy Awareness Week ran from 15 to 21 May and was one of the most interesting and stimulating yet;
Cyber Security Blog #1 – Deception Technology: A More Aggressive Approach to Cyber Security
Cyber-attacks are a real and present threat for all businesses. With malware becoming more sophisticated and capable of outsmarting traditional anti-virus technologies, it is important for businesses to stay abreast of new security threats and methods of mitigating them.
ISPs Victorious Against Dallas Buyers Club Owner – what does this mean for illegal downloading?
As of the 11th of February 2016 the infamous proceedings between Dallas Buyers Club LLC (DBC) and iiNet (as well as five other Australian Internet Service Providers) came to an end, when DBC failed to
Metadata Stored by Telecommunication Companies Held to Not Be ‘about’ an Individual
The Administrative Appeals Tribunal (AAT) has upheld an appeal by Telstra against a decision of the Privacy Commissioner, denying Ben Grubb access to metadata attaching to his Telstra account, such as his IP addresses, web browsing history and cell tower location information. Such information however is readily available to government agencies without a warrant. So what does this decision mean for individual privacy and for companies storing customer metadata?
The EU-US Privacy Shield: Content
Last October the CJEU invalidated the Safe-Harbour agreement – the mechanism which allowed the lawful transfer of personal data from the EU to the US. You can read our blog post about that first decision here. Swift action has been taken to put together a new agreement – one that prioritises privacy, accountability and transparency.
Freelancer.com Privacy Breach Complaints
Lessons to be learned from Freelancer.com about Privacy The way that companies deal with personal information is increasingly scrutinised, as individuals become more wary about to whom they give their information and how that information
Mandatory Data Breach Notification Laws back on the Agenda
In December last year, the Federal Government released an exposure draft of the Privacy Amendment (Notification of Serious Data Breaches) Bill 2015 (the Bill) for public consultation. The draft Bill, which was promised by
Where to now? CJEU Declares EU-US Safe Harbour Invalid
UPDATE: On 16 October 2015 the Article 29 Data Protection Working Party released a statement in the wake of the CJEU’s landmark declaration that the US – EU Safe Harbour is invalid. The Working
The Wisdom of the Crowd – Crowd-Sourced Equity Funding in Australia
Starting a business is hard, and if the biggest challenge is coming up with a product or service that people actually want, the next challenge is finding the money to get the business off
#PrivacyMatters
Privacy Awareness Week (PAW) is here again. Sainty Law has been involved in PAW events for a number years now, but we have to say that PAW2015 feels quite different. It has often been said
Avoiding an Accident Waiting to Happen – OAIC’s Guide to Securing Personal Information
If your organisation handles personal information in any way, shape or form, you will by now be familiar with the Australian Privacy Principles (APPs). Introduced in March 2014, the APPs were designed to act as
Revised Guide to Information Security
Last month, the OAIC released a Revised Guide to Information Security for public consultation. The Guide was originally published in April 2013, to de-mystify the obligation under the Privacy Act 1988 (the Act) to take
The Online Copyright Infringement Discussion Paper – An Overview
This month, the Australian Attorney-General’s Department officially released its Online Copyright Infringement Discussion Paper, seeking comments from the public on how best to develop a legal framework to reduce online copyright infringement in Australia.
Data Security Strategies and the Privacy Act
Last week, the Privacy Commissioner found that online dating company Cupid Media had breached the Privacy Act 1988 (Cth) by failing to take reasonable steps to keep personal data held on its dating websites
EU Right to Be Forgotten
In a landmark decision, the Court of Justice of the European Union has ruled in favour of a right to be forgotten - an enormous win for privacy, and anyone who has google-searched their own
Image Rights for Young Athletes
Managing the Image Rights for Young Athletes Just as children are educated at school to manage their social media interactions, young athletes should be conscious of the way they use social media. There are certainly
Why Image Rights Matter
Image rights and sporting talent Endorsements, commercialisation and merchandise have long been an important component of the income stream of athletes and sports players. The evolution and growth of social media has meant this is
Image Rights, Social Media and Sporting Talent
What are image rights? The social media revolution has empowered individuals to take control of managing their own voice, image and the works they create. For ‘talent’, in this context being used to refer to
Demystifying Big Data – Responsible Big Data Practices (Part 3)
New Oil? In our recent “Demystifying Big Data” series, we have tried to do just that – chip away at some of the mystique that surround the phrase “Big Data” – a phrase that is
Demystifying Big Data – Big Data in Action (Part 2)
Everyone is racing for a bite of the Big Data pie; they want to gain the benefits of “nowcasting” – real time insights from the instream analysis of data. How are Organisations using Big
Demystifying Big Data – What is it? (Part 1)
The term Big Data has well and truly entered our vernacular but really, what on earth does it mean? This is one of the questions that is addressed in the Best Practice Guideline: Big
Crowdfunding and its Implications for Corporate Governance
Paul Fine - Consultant In an environment where the traditional means of raising capital for start-ups is far from buoyant, the momentum behind equity crowdfunding is accelerating - there’s a distinct exuberance among entrepreneurs
Ideas, Changing Technology and Implications for the Law
In an age of rapidly advancing technological trends and digital capability, there’s an interesting phenomenon that’s worth taking note of, as well as its structural implications in the law. Ben Hammersley, in his recent influential
Crowdfunding: Opportunity, Risk and Regulation
There’s no doubt that the speed of doing business continues to accelerate. Increasing numbers of entrepreneurs, social, artistic and not for profit groups are turning to crowdfunding as a new avenue that bypasses traditional, time