From voluntary action and collaboration to legislation and classified capabilities: Australia’s Cyber Security Strategy 2020 released
3
EU Court of Justice Invalidates Privacy Shield
4
Privacy Professionals download COVIDSafe App
5
It’s Trace Time! The COVIDSafe App is open for business – Part II
6
It’s Trace Time! The COVIDSafe App is open for business – Part I
7
“This is a public health app, it’s not a surveillance app”: Review finds “nothing particularly disturbing” about the Federal Government’s coronavirus tracing app
8
Let’s Track This Through: Tracking Data at the Epicentre of Efforts to Stop COVID Outbreak as Federal Government Considers Implementing Opt-In Mobile Application
9
Zooming In: “Zoom’s” Significant Privacy and Data Security Risks brought to Light Again (and Again)
10
Forgotten Issues: What Business Continuity Planning in the COVID-19 Era Isn’t Contemplating
The Commonwealth Government is proposing to introduce a controversial new mandatory code that intends to regulate digital platforms and their distribution of news content.
In July this year, we blogged about the Australian Government’s plan to release Australia’s Cyber Security Strategy (Strategy). On 6 August 2020, the Strategy was released after consultation with the public and industry actors.
The Strategy will invest $1.67 billion over the next 10 years – the largest ever financial commitment to cyber security – to create a more secure online world for Australians, our businesses and the essential services which we depend upon. This will be achieved through the following:
On the morning of 16 July 2020, in a significant decision of the Court of Justice of the European Union (CJEU), the Privacy Shield was held to be invalid.
A number of legal professionals, with significant experience in the field of privacy law, have signed an open letter to encourage individuals to download the Commonwealth Government’s COVIDSafe App.
Among the privacy lawyers are members of K&L Gates own Australian privacy team (and the authors of this blog post) Cameron Abbott, Rob Pulham, Warwick Andersen, Michelle Aggromito and Allison Wallace.
The open letter is signed by members in their personal capacity, and signals that people who care about privacy a lot can still think that supporting the health and economic objectives of the App is more important at this time.
As at the date of this post, more than 5 million people have downloaded the App, with more needed to reach the Commonwealth Government’s target of 40% of the Australian population.
In Part I of this blog, we briefly touched on some of the safeguards that the Commonwealth Government has indicated that they will implement to address privacy concerns. Those proposed new safeguards are intended to satisfy many of the privacy concerns. However, there are additional safeguards that have been implemented in connection with the functionality of the App, which we focus on in Part II here.
The Commonwealth Government released its COVIDSafe App for download at 6.00pm AEST on Sunday 26 April, and it surpassed 1.13 million downloads within the first 12 hours. This was far greater than expectations, with Health Minister Greg Hunt commenting that, at best, the hope was that “we might get to 1 million in five days.”
The Federal Government’s coronavirus tracing app has raised some privacy concerns amongst the Australian public. Even some of our government Ministers have ruled out downloading the app due to such concerns! However, the independent cyber security body tasked with reviewing the app has said that it has found no major concerns with it.
We previously blogged
about the plethora of Asian countries who are using telecommunications
networks, smart phone applications and messaging services to inform, track and
monitor individuals who may have contracted COVID-19. It appears that
Australia’s eyes are on similar technology opportunities, as according to an
article from the SMH,
the Federal Government will ask Australians “within weeks” to opt in
and sign up for a mobile application that uses tracking data to alert
individuals as to their risks of contracting COVID-19.
According to the article, the
relevant application will monitor the movements of participants to inform
individuals whether they have been close to someone already infected with
COVID-19. The application also has the functionality to enable someone who has
contracted the virus to notify health authorities and ensure that an alert is
sent to anyone he or she has been in contact with over the previous 24 hours.
Both of these processes are part of what is known as “contact tracing”.
It hasn’t even been 10 days since our previous Blog on Zoom, which highlighted a number
of privacy and data security issues prevalent in the use of the popular
telecommunications software, and already further privacy issues have been
alleged. Let’s put these allegations under the magnifying glass:
Disclosure to Facebook: Even If You don’t have an Account
Firstly, Vice reports that the iOS version of the Zoom app transfers analytics data to Facebook, even if Zoom users don’t have a Facebook account, without disclosing as such in its Privacy Policy.
As the world grinds to a halt following
the dispersion of COVID-19 and businesses around the globe experience a
significant downturn, more and more businesses are turning towards their
Business Continuity Plan (BCP) in order to mitigate the potential
impacts of this worldwide emergency on business sustainability. However, a key
aspect of BCP’s is that they encapsulate the full scale of collateral issues
that may arise from such an emergency.
From a technology perspective, BCP’s
need to consider access. This issue is twofold: being access to premises
in which businesses operate in order to correct system defects and system
outages, as well as access to external premises that provide technology
services such as data storage or data security services.