Electronic Frontiers Australia is appearing before Senate committee on online privacy tomorrow.

What are your concerns about online privacy? Leave your feedback in the comments below.

Feedback from Twitter and Facebook:

  • NewtonMark Mark Newton - @efa_oz The AG's #ozlog initiatives would be a good place to start.
  • mwyres Michael Wyres - @NewtonMark @efa_oz Agreed - #ozlog definitely the most obvious issue...
  • ‎Jay Stephens - 1. Concern that any rules mandating data retention will lead to my private data gathered by ISPs (for compliance) being held in tape backup or similar scattered around 3rd party locations, and possibly colocated outside Australia. 2. Concern that regulation of data sharing by companies will become weaker over time, allowing companies to effectively trade freely in any private data about me or my online behaviours that any of them may have gathered over time, including data being gathered and stored right now. 3. Expansion of the permissibility of the "selectable output control" concept ( http://a.gd/ed65b6 ) so that more and more of the hardware in my lounge at home has functionality that is remotely activated/controlled by ISPs, content delivery concerns, and other 3rd parties without my knowledge.
  • Travis Draper My concern is that demanding privacy has become an admission of guilt.
  • Thaao Crew privacy online? like there was any to begin with lol but its within a tolorable amount but all the new contoversys >.> its gonna get worse its like terrorists planning somthing on a mobile phone lol could it be stoped if its heard the short answer is no especaly if you talk in cryptic ways
  • nightkhaos NightKhaos - commented on the post. ACTA, iiNet vs AFACT and data-retention are my concerns.
  • Stu__H Stuart Hargreaves - @efa_oz #ozlog#acta#openinternet and #iitrial all have obvious privacy implications.
  • bookbuster Amy Hightower - @efa_oz #ozlog #acta and #nocleanfeed are the big three. The#iitrial probably also merits a mention.
  • Brad Matthews I am concerned by anything dealt with by this incompetent government. More to the point, gathering online data about specific people carried out by the government (or anyone else) is completely fucked.
  • LiamPomfret Liam Pomfret - @efa_oz Concerned about underinformed consumers who don't understand all the implications of sharing their info and conversations.
  • craigthomler CraigThomler - @efa_oz Concerns about Privacy: That corporations are asking us to give it up so they can look in our pockets for 'pirated' goods.
  • craigthomler CraigThomler - @efa_oz Concerns about Privacy: That governments are asking us to give it up so they can protect us from night terrors
  • craigthomler CraigThomler - @efa_oz Concerns about Privacy: And that people have unrealistic expectations about privacy - we demand personal service but refuse access.
  • golgy Leif - @efa_oz Concerns about Privacy: Data Security. Who's to say my data stored by anyone is truly safe. What is my data, what is it used for.
  • 13tales Tom Armstrong - @efa_oz Concerned by erosion of the means for digital privacy by gov & cops, who also don't protect us from exploit of our p.data by corps
  • LiamPomfret Liam Pomfret - @efa_oz Concerned that "protecting children" is being used as an argument to convince voters that erosion of privacy is a good thing.
  • digitalchris digital chris - Concerns about privacy: is there a nondisclosure list citizens can join - prevent collected incidental data from being used @efa_oz
  • DokterW Dr. W - @efa_oz My concern about privacy are those who think you are hiding criminal activities if you don't share you life willingly and openly.
  • damonreece Damon Reece - Concerned that the majority of the population is being punished for the actions of a very, very small minority.
  • Kronaz Nic - @efa_oz that govts are not content with their lack of control and will continue to try and undermine users security and privacy.
  • thecinemascene thecinemascene - @efa_oz My concern about privacy is the fact that governments from both sides' complete lack of action to create much stronger laws
  • RantRotAndRuin Rant, Rot and Ruin - @efa_oz Why should I trust my government to monitor my communications when it doesn't trust me enough to tell me why?#ozlog

6 comments

  1. My concern is given the recent victory in iiNet vs AFACT that there may be an attempt by organisations like AFACT to bypass the ruling by lobbying for a law change.

    If such a law change were to take affect then we would get into a situation of guilt upon accusation which is a completely unacceptable outcome.

    I also have concerns that ACTA may result in similar law concessions. It is not the responsibility of the law to change, such that it violates a basic human right such as the right to privacy, to appease a small minority who are unable to deal with a changing economic climate.

    I also have major concerns about the proposed data retention law reforms for ISPs. In particular since the released document was redacted we have no way if knowing what the law reform will entail, I.e. what kind of data will be stored. I have concerns that the data will allow for bypassing of due process if the information is extensive enough and does not require a warrant to obtained by law enforcement.

    Comment by NightKhaos on 28 October 2010 at 11:55
  2. It's not the collection, retention or use of my data that is my primary concern. It is the opportunity for misuse of my data. And having worked for Government I know the procedures for who can access what are lax. The higher up the food chain you rise the more you can access and the less the controls are. Now, and this has been the case for many years, information collected by Govt. licencing authorities is and has been offered for sale with and without prompting by private enterprise. This is one example.
    There are many others. Resist it.

    Comment by jonakajon on 28 October 2010 at 13:19
  3. Privacy is interesting... I tend to feel that the biggest issues in privacy aren't privacy per-se, but rather information asymmetry in various forms. If people are recording information about you, then you should know what they know and be able to correct it if it is wrong. (Although that by itself isn't enough. I don't want to have my time wasted by huge amounts of wrong information about me - a human Denial of Service attack on the disclosure mechanism.)

    Other issues:
    - There should be a requirement that sensitive data isn't stored unless necessary. When necessary it should be stored in a manner that it cannot be accessed without appropriate safeguards. (I'm wary of mandating specific solutions like encryption - if the keys are stored with the data then it is useless.) I agree with Jon about knowing who has accessed data as well - this gets back to the information asymmetry in that you might want to force logging of who has accessed certain data and for what.
    - There should be a requirement that sensitive data is not stored longer than necessary. One wonders how this works with archives... are we destroying our history?
    - The AG logging stuff. Just knowing what is going on here would help. Will this outlaw new protocols because they don't meet logging requirements? Will this outlaw encryption because it makes the logging at certain net layers impossible?
    - Information aggregation - I might be happy with one person knowing my name, and another person knowing my coffee preferences, but I might not want anyone putting them together.
    - Related to the previous - information selling. When is it ok for someone to sell a database of information. What happens when one company buys another?
    - Information jurisdiction - When data gets moved offshore, what happens to any protections? Should the data be able to be moved off shore?
    - Disclosure obfuscation is an issue. I'm guessing that facebook generally comply with their privacy document (although I haven't checked details). The issue is that privacy documents generally have things buried in them that can be hard to decode. I don't know how you force those documents to be simple, and still allow people flexibility.

    On the flip-side, you don't want to make it too hard to run a company. It should be fine to keep web logs of IPs that accessed your web server without having to jump through hoops. One thought here is that disclosure of when you've recognised someone, and allowing them to say "that isn't me", would cure a lot of ills. If I'm buying gifts for my mother, the ability to say that I'm not me for that shopping session could be useful. I guess some reasonable safe-harbours here would be nice. Whether those harbours are large enough to berth Google is another matter... :)

    All in all it is a tricky area. :)

    Comment by Will on 28 October 2010 at 15:22
  4. It's better that the government do nothing, retain no data, disband the departments and repeal all laws... all the necessary protection can be provided for under common law.

    Comment by Alex on 28 October 2010 at 21:30
  5. my concerns focus on the intimidation the government applies to dissenting people.
    see mr.assange.

    Comment by thomas vesely on 5 December 2010 at 07:06
  6. efa must support wikileaks/assange.

    Comment by thomas vesely on 6 December 2010 at 09:50