Electronic Frontiers Australia https://www.efa.org.au Promoting and protecting digital rights in Australia since 1994. Mon, 02 Jul 2018 10:27:46 +0000 en-AU hourly 1 Media Release: Doctors, Lawyers, and Privacy Experts Denounce HealthEngine Sharing Patient Health Data With Non-GPs https://www.efa.org.au/2018/06/25/media-release-doctors-lawyers-and-privacy-experts-denounce-healthengine-sharing-patient-health-data-with-non-gps/ https://www.efa.org.au/2018/06/25/media-release-doctors-lawyers-and-privacy-experts-denounce-healthengine-sharing-patient-health-data-with-non-gps/#respond Mon, 25 Jun 2018 04:46:30 +0000 https://www.efa.org.au/?p=9290 Continue reading ]]> Logo of EFA, FutureWise and Australian Privacy Foundation

Australia, Melbourne — Monday 25 June 2018 — EFA, Future Wise and APF today denounced the actions of HealthEngine and its doctor appointment booking system which has been sharing patient data with law firms, marketers, and other entities with the flimsiest pretense of patient consent.

“If this ethically dubious behaviour is technically legal, then Australia’s privacy legislation must be changed,” said Justin Warren, Electronic Frontiers Australia board member.

“People have made it clear time and time again that information about their health is extremely personal and private and they expect it to be kept secure, not shared with all and sundry,” he said. “I cannot understand how any doctor would allow their patients’ trust to be abused in this way.”

Dr Trent Yarwood, health spokesperson for Future Wise and a medical specialist, said “Making access to healthcare easier for people is critical. However, practice managers and healthcare professionals must understand the privacy implications of how they do this.”

“Too many services are set up with the primary aim of selling personal data to advertisers, and providing ‘convenient’ services to people purely as a hook to get this data,” he concluded.

The original ABC report noted that “HealthEngine also has a data-sharing arrangement with the Federal Government's My Health Record (MyHR) digital medical record system.” The precise nature of this data-sharing arrangement must be made public immediately. The government is making MyHR mandatory, save for a short once-only opt-out period, and the public must know what our health data is going to be used for if we are to have confidence in this system.

Kat Lane, vice chair of Australian Privacy Foundation, said “Data in the government’s MyHR can be downloaded to a GP system and is then freely available—no controls, no audit trail—including potentially to apps such as HealthEngine, without proper informed consent. This is a warning about serious issues of transparency and consent with such apps and MyHR.”

The law must be changed to provide robust privacy protections for all Australians, such as by finally giving us the right to sue for breach of privacy, requiring explicit consent for each disclosure of medical or health data to a third party, and proper auditing of record-access that is visible to the patient. The current system is too easy to bypass for unscrupulous operators looking to make a fast buck.

Download the media release:

Doctors, Lawyers, and Privacy Experts Denounce HealthEngine Sharing Patient Health Data With Non-GPs Joint Response to HealthEngine Data Sharing

Electronic Frontiers Australia is the premier voice for digital rights in Australia. Established in 1994, EFA is independently funded by members and donations. For more information about EFA, see https://www.efa.org.au

About Future Wise

Future Wise is an independent policy and advocacy organisation, focusing on technology, health, and education; and is a strong voice for digital privacy in Australia. Further information about Future Wise is available at their website: https://futurewise.org.au

About APF

The Australian Privacy Foundation is the primary association dedicated to protecting the privacy rights of Australians. The Foundation aims to focus public attention on emerging issues which pose a threat to the freedom and privacy of Australians.
For additional information about APF see https://privacy.org.au

Media Contacts

Email: media@efa.org.au
Twitter: @efa_oz
Phone: Justin Warren - 0412 668 526

Future Wise
Email: trent@futurewise.org.au
Twitter: @FutureWiseAU
Phone: Trent Yarwood - 0403 819 234

Email: kat.lane@privacy.org.au  
Twitter: @apf_oz
Kat Lane - 0447 620 694
Email: Bernard.Robertson-Dunn@privacy.org.au
Bernard Robertson-Dunn - 0411 157 113

https://www.efa.org.au/2018/06/25/media-release-doctors-lawyers-and-privacy-experts-denounce-healthengine-sharing-patient-health-data-with-non-gps/feed/ 0
Centrelink duty of care has failed, regardless of Information Commissioner ruling https://www.efa.org.au/2018/05/30/centrelink-duty-of-care-has-failed-regardless-of-information-commissioner-ruling/ https://www.efa.org.au/2018/05/30/centrelink-duty-of-care-has-failed-regardless-of-information-commissioner-ruling/#respond Wed, 30 May 2018 02:02:22 +0000 https://www.efa.org.au/?p=9270 Continue reading ]]> Privacy rights groups Digital Rights Watch, the Australian Privacy Foundation and Electronic Frontiers Australia have slammed a statement by the Office of the Information Commissioner and the Privacy Commissioner that their investigation found no wrongdoing in the release of personal information by a government department.

In February 2017, writer Andie Fox wrote an article that was critical of Centrelink’s controversial debt recovery program. In response, the office of the former Human Services Minister Alan Tudge released Ms Fox’s personal details (including details of Fox’s relationship and her tax and claims history) to another journalist, who subsequently published an article countering Fox’s claims.

“It’s extremely concerning that the OAIC has ruled that there has been no breach of privacy here. To assume that the Australian Privacy Principles allow for release of information if a person has a ‘reasonable expectation’ is ludicrous, and tips the power way too much towards the holders of information rather than the individual,” said Digital Rights Watch Chair Tim Singleton Norton

The groups warned of the consequences of a government agency disclosing someone’s personal information due to unfavourable media coverage.

“Australian citizens such as Ms Fox should be able to exercise freedom of speech, particularly in relation to offering opinions and criticisms of government services, without the threat of their personal information being broadcast to the world,” said Mr Singleton Norton.

“There is concern about the appearance that the privacy regulator may have been ‘captured’ by the Canberra federal bureaucracy and politicians after the government’s thwarted 2014-15 campaign to abolish and defund it. Rather than independent and fearless protection for an individual being in effect told ‘you should have expected this smear campaign using you and your partner’s personal information, so it’s legal’, the finding appears to normalise abuse of a legitimate complainant, who now has no other remedy. Ms Fox shared her personal experience of a system we know to have been a case study in IT governance failure: she did not deserve this kind of treatment”, said Australian Privacy Foundation Chair David Vaile.

“Worryingly, this could be taken as a green light for politicians in power to dig dirt, leak and smear anyone who complains publicly about their treatment, exploiting the grossly disproportionate imbalance of power. This would be a real attack on freedom of speech, and on the right to hold government to account, as well as on privacy and data protection. This also raises questions about inconsistencies between ‘open government’ accountability policies and the ‘doxing’ of a complainant.”

“To witness such a fundamental breakdown of the right to freedom of the press is incredibly worrying,” said Electronic Frontiers Australia’s Lyndsey Jackson.

“That someone would speak out and then a Minister would order a staff member to go rifling through an individual’s personal file for ‘dirt’ and then share it with the media is clearly an act of silencing dissent.”

“Governments using the information Australians share with Centrelink, an agency people interact with at their most vulnerable point, to cover their own political agenda undermines public trust in the Privacy Act as well as trust in the OAIC having necessary autonomy.”

https://www.efa.org.au/2018/05/30/centrelink-duty-of-care-has-failed-regardless-of-information-commissioner-ruling/feed/ 0
Media Release: Electronic Frontiers Australia Welcomes Turnbull Government Support For Strong Encryption https://www.efa.org.au/2018/05/21/media-release-electronic-frontiers-australia-welcomes-turnbull-government-support-for-strong-encryption/ https://www.efa.org.au/2018/05/21/media-release-electronic-frontiers-australia-welcomes-turnbull-government-support-for-strong-encryption/#comments Sun, 20 May 2018 23:00:59 +0000 https://www.efa.org.au/?p=9256 Continue reading ]]> Electronic Frontiers Australia welcomes the recent acknowledgement by Angus Taylor during Privacy Awareness Week that strong encryption is vital for safeguarding the privacy and security of all Australians.

"Let me be clear about this, we support strong encryption for the security of information and the protection of privacy. We firmly believe that cybersecurity will be enhanced by encryption—it is a good thing," Taylor said, according to ZDNet.

While some other members of the Turnbull government have—at times—appeared to oppose the right of Australians to protect their private information with strong encryption, EFA is encouraged by Taylor’s pragmatic stance.

Strong encryption is a vital part of the modern world, and citizens depend on it to protect their finances, their private communications, and their interactions with governments at all levels. Undermining strong encryption would place citizens at risk of having their private information compromised by cyber-criminals, foreign spies, and other malicious actors.

EFA appreciates Mr Taylor taking a strong stance in supporting all Australians in keeping themselves safe by protecting the privacy and security of their information with strong encryption.

https://www.efa.org.au/2018/05/21/media-release-electronic-frontiers-australia-welcomes-turnbull-government-support-for-strong-encryption/feed/ 3
EFA statement regarding proposals for the Australian Signals Directorate to be handed warrantless domestic spying powers https://www.efa.org.au/2018/04/30/efa-statement-regarding-proposals-for-the-australian-signals-directorate-to-be-handed-warrantless-domestic-spying-powers/ https://www.efa.org.au/2018/04/30/efa-statement-regarding-proposals-for-the-australian-signals-directorate-to-be-handed-warrantless-domestic-spying-powers/#comments Mon, 30 Apr 2018 11:11:12 +0000 https://www.efa.org.au/?p=9237 Continue reading ]]> The proposal that the Australian Signals Directorate be permitted to access emails, bank records, and text messages of Australian citizens without their knowledge should be unequivocally rejected by all Australians.

EFA is deeply concerned that this is yet another example of governments considering intruding on the private lives of innocent Australians and further eroding what few checks and balances remain.

“I’m aghast that senior public servants would seriously propose this idea,” said EFA board member Justin Warren. “It suggests they are insufficiently aware of what history has taught us about what governments spying on their own citizens leads to. That or they are fully aware and made this proposal anyway, which would be even more disturbing.”

The powers of police forces and spying agencies have already been increased to levels not previously seen outside of wartime in Australia. There are already plenty of examples of these powers being abused, and of those responsible not being held properly to account. And yet it seems that there are those in authority who crave yet more unfettered, unaccountable power. Enough is enough.

It is time Australians had robust protections from these insatiable authoritarians. It is time that Australians had independent oversight of these shadowy agencies to ensure that they act in the best interests of all Australians, and not a dangerously ambitious few.

EFA joins the Australian Privacy Foundation in calling on the government to properly fund independent oversight bodies, and to ensure that our rights to privacy and security are adequately protected at law.

https://www.efa.org.au/2018/04/30/efa-statement-regarding-proposals-for-the-australian-signals-directorate-to-be-handed-warrantless-domestic-spying-powers/feed/ 1
EFA signs against Article 11 https://www.efa.org.au/2018/04/25/efa-signs-against-article-11/ https://www.efa.org.au/2018/04/25/efa-signs-against-article-11/#respond Wed, 25 Apr 2018 11:51:30 +0000 https://www.efa.org.au/?p=9226 Continue reading ]]> EFA has co-signed a letter, with 50+ organisations to call on Axel Voss MEP (Member of the European Parliament) to delete Article 11. Article 11 is a proposal that wants to demand licensing fees for sharing tiny snippets of text, extracts, even headlines, from news articles. It has been criticised over and over again: it will harm access to news and information by making it costly to support small publications, and entrench the power of the largest media groups.

While this legislation is being proposed in the European parliament, it poses a dangerous precedent for all internet users. EFA has signed this letter in solidarity with its European peers.

The latest amendments to this Article, proposed by Axel Voss MEP, only make the issues worse: fees would become attached to simple facts, and Creative Commons would become impossible for news sites.

With this open letter [PDF] we encourage Axel Voss MEP and his colleagues to find an approach to Article 11 that takes into account the interests of internet users, startups, small publishers and heritage institutions - rather than the small concentration of press publishers it is solely designed to support. We remind Voss of the wealth of evidence produced by researchers who have investigated how such proposals have played out in the past, and that "many studies some of which commissioned by the EU institutions themselves, show that these rules have had a disproportionate negative impact on the news industries, and information access."

You can read the full letter here.

https://www.efa.org.au/2018/04/25/efa-signs-against-article-11/feed/ 0
Turnbull Hates your Privacy Online https://www.efa.org.au/2018/04/13/turnbull-hates-your-privacy-online/ https://www.efa.org.au/2018/04/13/turnbull-hates-your-privacy-online/#comments Fri, 13 Apr 2018 03:59:44 +0000 https://www.efa.org.au/?p=9218 Continue reading ]]> We see today that the Australian government is still pushing for an encryption backdoor, and isn’t engaging with the Australian public about what they intend to do. The bill is apparently in “advanced stages” without any transparency on its impact to your privacy and security.

There are signs Labor may oppose the legislation, so all is not yet lost.

“Labor, which has typically supported the government in matters of national security, remains sceptical additional legislation of this nature is practical.”

Meanwhile the Department of Home Affairs is still building its Panopticon-like Facial Identification Service and ignoring the concerns of the Australian public. It sees concerns about letting privacy companies access the system as “overblown”.

“Home Affairs said that there should not be a warrant required in order to access the Face ID system.”

Your digital rights are being attacked by powerful and well-funded adversaries. We only stand a chance if we stand together to oppose them.

Donate now to help fund our important work. We are an entirely volunteer-run organisation, so every dollar goes towards supporting the work of the EFA.

Join us as an individual, concession or organisational member as we fight to preserve your digital rights - and tell your family and friends why they should care too!

https://www.efa.org.au/2018/04/13/turnbull-hates-your-privacy-online/feed/ 1
Australian Digital Rights Organisations Call For Politicians To Clarify Their Dealings With Cambridge Analytica https://www.efa.org.au/2018/03/19/australian-digital-rights-organisations-call-for-politicians-to-clarify-their-dealings-with-cambridge-analytica/ https://www.efa.org.au/2018/03/19/australian-digital-rights-organisations-call-for-politicians-to-clarify-their-dealings-with-cambridge-analytica/#comments Sun, 18 Mar 2018 23:06:55 +0000 https://www.efa.org.au/?p=9203 Continue reading ]]> JOINT MEDIA RELEASE BY ELECTRONIC FRONTIERS AUSTRALIA, FUTURE WISE, AUSTRALIAN PRIVACY FOUNDATION, AND DIGITAL RIGHTS WATCH

In light of the revelations that Cambridge Analytica has reportedly misused the data of over 50 million people on Facebook, Australia’s leading digital and civil rights advocates call on all Australian governments and political parties to categorically answer the following questions:

  • Have you, at any time, engaged the services of Cambridge Analytica or its parent company Strategic Communication Laboratories?
  • Have you, at any time, been provided with data on Australian citizens by Cambridge Analytica or its parent company Strategic Communication Laboratories?
  • Have you ever provided any Government data such as voter rolls to Cambridge Analytica or its parent company Strategic Communication Laboratories?
  • Do you believe that the linkage of this sort of data to generate sensitive political data meets the definition of consent required by Australian law?

Many Australian political parties and ministers have reportedly met with Cambridge Analytica over the past few years. We must know who in the Australian political sphere believes in informed consent, and who does not.

The New York Times and The Guardian have reported that Cambridge Analytica accessed the Facebook profiles of 50 million people without their informed consent. People who trusted Facebook to keep their private information private; people who did not give their informed consent that their data be shared in this way. Facebook has since suspended Cambridge Analytica from its platform, as well as its parent company Strategic Communication Laboratories.

Australian governments are pushing to collect more and more data on Australians, and to link it with larger and larger datasets. Australians must be confident that the custodians of our data will look after our best interests, proactively, and with due care and skill. We must know that our data is not being collected merely for narrow, self-interested reasons. We must be sure that this data is not being shared without our informed consent.

These should be simple questions for any government or political party to answer. We look forward to seeing how trustworthy they really are.

For Electronic Frontiers Australia
Justin Warren
Phone: 0412 668 526
Email: media@efa.org.au

For Future Wise
Dr Trent Yarwood
Phone: 0403 819 234
Email: trent@futurewise.org.au

For Australian Privacy Foundation
Liam Pomfret
Email: liam.pomfret@privacy.org.au

For Digital Rights Watch
Tim Singleton Norton
Email: info@digitalrightswatch.org.au

https://www.efa.org.au/2018/03/19/australian-digital-rights-organisations-call-for-politicians-to-clarify-their-dealings-with-cambridge-analytica/feed/ 1
FOI uncovers a three month window to opt out of the My Health Record Scheme - then what? https://www.efa.org.au/2018/02/13/foi-uncovers-a-three-month-window-to-opt-out-of-the-my-health-record-scheme-then-what/ https://www.efa.org.au/2018/02/13/foi-uncovers-a-three-month-window-to-opt-out-of-the-my-health-record-scheme-then-what/#comments Tue, 13 Feb 2018 01:24:55 +0000 https://www.efa.org.au/?p=9170 Continue reading ]]> More concerns than answers have been raised over the Governments My Health Record Scheme after EFA board member Justin Warren made a request for access to the "Operational Blueprint" through the Right to Know FOI platform. In it's response to the request, the Government made the information public.

Unfortunately for your priavcy, detail is light on and the information raises more questions than it answers. 

Justin Warren said "EFA are concerned that we are less than four months from the start of the compulsory My Health Record scheme and we still don't have any information on how to opt out of the system. A system that was originally supposed to be opt-in and was changed to opt-out in complete disregard for the advice the government received from multiple parties."

"According to this information, the opt-out period will end a mere three months after starting. What then? How do people opt-out of the system after this period?"

"Agencies are quick to trot out the 'We take your privacy seriously' line at every opportunity. We say talk is cheap. Prove it."

EFA members also expressed frustration that the Department of Human Services has no information about an opt-out trial completed in 2016. And members have questions, a whole bunch of them, and they are questions that really need answering if Government are really taking the health information of an entire country seriously...

Member questions include (and are certainly not limited to):

Is the opt-out procedure going to be given any prominence other than on a buried government website? Any consumer advisories about this option? Will health practitioners be provided equal information about opting out as well as the faux benefits (lies) about the "service" (sic)? What is the budget for 'fair and balanced' information to the public about this option?

Is opting out like death -- forever? Or if someone wants to participate in the future, will that also be an option? What is the truth about a person's relationship to this faux "service" (sic)?

How can a system only be opt-out for 3 months when there are people joining the health system every day? This window is a stupid view of the public. We don't have a static population. You know. Migrants. New citizens. Real people who will arrive here after that ridiculous "window".

Have more questions? Comment below or on our twitter or facebook posts on the topic.

Text: Historical opt-out trial information An opt-out model of participation for the My Health Record system trialled in North Queensland and Nepean Blue Mountain regions. The trial was completed in 2016. We do not have information about the outcomes of the trial.

From the Department of Human Services website

Read the article from 12/2/18: How to opt out of Australia's e-health record scheme published on ITNews.

Read: Opt-out for My Health Record 011-04150000 information page

https://www.efa.org.au/2018/02/13/foi-uncovers-a-three-month-window-to-opt-out-of-the-my-health-record-scheme-then-what/feed/ 2
ABC Radio Interview: Does technology know you better than your family or friends? https://www.efa.org.au/2018/02/12/abc-radio-interview-does-technology-knows-you-better-than-your-family-or-friends/ https://www.efa.org.au/2018/02/12/abc-radio-interview-does-technology-knows-you-better-than-your-family-or-friends/#respond Mon, 12 Feb 2018 02:26:53 +0000 https://www.efa.org.au/?p=9167 Continue reading ]]> EFA’s Chair Lyndsey Jackson spoke with ABC Radio’s Rod Quin and callers early Saturday (10/2/18) morning about the data we share and what it can reveal about us.

Increasingly people are discovering the impact and value of the information we give out.  Callers shared caution and distrust in the way data mining was building profiles of our lives and behaviour.

For EFA the radio interview presented a great opportunity to talk to people from a broad background. Ms Jackson reflected, “people are aware that private data has a value to business, and it’s an area that they want to know more about. We may not all understand all of the detail in how data matching and technologies work, but people are confident in talking about experiences where they see it touch their own lives and the stories and patterns people share”.

Listen to the ABC Overnights radio interview: Does technology knows you better than your family or friends?

https://www.efa.org.au/2018/02/12/abc-radio-interview-does-technology-knows-you-better-than-your-family-or-friends/feed/ 0
Human Rights Push into Digital Technology https://www.efa.org.au/2018/02/12/human-rights-push-into-digital-technology/ https://www.efa.org.au/2018/02/12/human-rights-push-into-digital-technology/#respond Mon, 12 Feb 2018 01:27:23 +0000 https://www.efa.org.au/?p=9165 Continue reading ]]> A new project by the Australian Human Rights Commission puts the relationship between human rights and technology into focus.

Electronic Frontiers Australia welcomes this directive. EFA’s charter is the protecting and building awareness of civil liberties and ongoing campaigning of digital rights as a human right.

The opportunity that technology represents must be countered by the very real risks of the liberties and ways of life that could be given up. Technology moves fast, much faster than governments, regulators, and the community at large. This initiative is a positive sign that community standards and awareness is evolving and agencies and government must respond.

From the article:

“The aim of the project is to come up with ways that human rights can be prioritised in the design and regulation of new technologies.

The AHRC intends to hold a conference in the middle of the year that will bring together "leading thinkers, technology and human rights experts" to discuss the impact new technologies are having on human rights.

It will also publish an issues paper to kick off a consultation period in the middle of the year.”

Read the full article: Australian project to embed human rights in new technology via IT News online

https://www.efa.org.au/2018/02/12/human-rights-push-into-digital-technology/feed/ 0