Australians can now register for the beta version of Australia Post Digital Mailbox. The service allows mail to be sent to you digitally, to pay bills, and aims to be your go-to storage solution for the business of life, so to speak: Copies of official documents, receipts, and family records, for example.

AusPostDigMail01

It's convenient, to be sure, but is this just making it a lot easier for the government to access sensitive data? Or, perhaps, non-governmental agencies, not to mention a ripe honeypot for hackers. Given recent revelations about US, UK, and Australian government surveillance privacy issues, what can we expect from Australia Post Digital Mailboxes? Now that the beta is open, we are taking a look at the service, starting with its Privacy Policy.

Good

EFA approves that the policy starts by at least citing and linking to Australian privacy legislation:

AusPostDigMail01a

The policy requires you to agree to share data as necessary to a very wide range of people, including marketers. However, EFA also approves that it claims, at least, to not sell or rent the information:

AusPostDigMail03-Replacement

Neutral

The policy also claims that the service will use industry standard SSL and TLS security protections, and the site runs in https by default. These security architectures are used by most e-commerce sites and most users trust them. EFA uses them and we certainly prefer them to more limited schemes. That being said, there are a lot of issues along the SSL/TLS chain that can be compromised, and Australia Post has suffered security lapses in the past:

AusPostDigMail04

It is also claimed that the service will be run on Australian servers, but given the news about the new server complex at HMAS Harman, this is not really a cause for comfort:

AusPostDigMail05

Bad

Let's start with accessing the privacy policy itself. The policy is not directly linkable not easily directly linkable or searchable. You need to go to the site and click on Privacy Policy at the bottom of the page. That opens a pop-up window which can not be directly accessed through a standard simple hyperlink unless you dig through the source code of the site to find this pretty URL (found by commenter trog): https://beta.digitalmailbox.auspost.com.au/content/marketing/en/fancybox/fancybox_footer_privacy.html. But you won't find that URL from a plain link on the site, nor in a Google search. Here, let me Google that for you to show you that the policy does not turn up in search results. Why prevent direct linking? It seems to be an aesthetic choice, but most other large companies, particularly those named in the Prism revelations, at least provide a direct and plain link to a plain page rather than a "fancybox". Further, searching for the privacy policies of FacebookGoogle, and Microsoft turns them up as the first link in a search. EFA would like to know if it's good enough for them, why not Australia Post Digital Mailbox, especially given that Australia Post itself has a direct and plain link to its privacy policy?:

APDMPP

The new service's privacy policy follows the lead of for-profit web services more than it represents the public good. While consumers agree to these kinds of policies every time we sign up for a new service or app (if you use Facebook you've agreed to similar conditions) the Australia Post Digital Mailbox is a wholly-owned subsidiary of Australia Post. Australia Post is a Commonwealth statutory corporation of which the government is the sole shareholder. Although it must operate as a separate for-profit entity, including paying all company taxes etc., it is still the country's official mail carrier and has special government privileges and carries out special government services. As such, it has the trust of Australians, and it should aim very high to maintain that trust.

EFA finds it concerning, then, that the policy requires you to agree to the collection of aggregated data, claiming that it will be de-identified and thus not personal. Aggregation does not necessarily equate with protection if it can be used to aid profiling and other pattern-based surveillance strategies:

AusPostDigMail06

Admittedly EFA's own privacy policy has similar clauses, but we are not asking to store your most essential digital files, nor are we so very closely aligned with the Commonwealth government.

The policy also requires you to agree to some invasive tracking technologies. Beyond cookies, which EFA also uses, the privacy policy also refers to the use of web beacons. In 2007 Facebook faced a backlash when it introduced web beacons into its service, because they can be used to track you outside of the service. EFA is concerned about the use of web beacons, and specifically a lack of detail as to whether or not this will occur with Australia Post Digital Mailboxes:

AusPostDigMail07

EFA is also concerned that the policy does not even make many guarantees about misuse of information beyond stopping spam, an intention to not use its own communications to users as direct marketing, and asking third parties undertake reasonable measures to protect the information from disclosure:

AusPostDigMail08

Even if we considered such reasonable measures reasonable, EFA considers it unreasonable that despite this undertaking, the privacy policy requires you to opt out of marketing, and that opting out is not an online process, you must call or write a letter:

AusPostDigMail02

Finally, EFA is concerned that if you want to find out what the service knows about you or change it, you might be charged an access fee or be denied. The policy says that you will be given reasons for the decision, but does not provide any detail:

AusPostDigMail09

Your Eggs. Their Basket

Summary: Adequate; Some concerns; Room to improve

  • Good: Cites Australian privacy legislation; Won't sell or rent your data.
  • Neutral: Industry-standard security.
  • Bad: Policy itself opens in a pop-up window that can not be directly accessed; non-online opt out of marketing only; allows for web-beacons; will aggregate data; might charge money or deny you the ability to view/change what they know about you.

We believe that Australians should demand a much higher standard of privacy for entities that are so closely perceived as related to the government, even if they are for-profit. There are few indications that this entity holds itself uniquely accountable based on its central and (usually) trusted part of Australian life.

The new Australia Post Digital Mailboxes may not, yet, deserve our trust. While features and usability are important, if Australia Post really wants to compete against Digital Post Australia, it could win the trust of Australians by working to both market-leading and world-leading privacy and security.

UPDATED

  • 19 June 2013: The paragraph about the indirect link has been amended to note that a commenter, trog, found a hidden but direct link to a plain version of the privacy policy.
  • 20 June 2013: Clarified the precise legal status of Australia Post as a Commonwealth statutory corporation.

4 comments