False sense of security
Sydney Morning Herald
Tuesday March 9, 2010
I MET my local bank manager recently, standing outside the branch with a bucket in his hand.Ours is a community bank, so it seemed plausible that Peter was engaged in a collection for a local charity or club but the bucket contained just water and a sponge.Seeing my puzzled expression, Peter explained he liked to wash the ATM regularly, whether it needed it or not. In truth, he discreetly checks nobody has been tampering with it, as our branch has suffered the usual mix of attempted robbery, ATM raids and other less invasive mischief over the years.I was impressed by his diligence and conscientious professionalism - if only the banks, and corporate Australia in general, felt similarly obliged to care for our data.To illustrate, if Peter's laptop had been stolen, it is likely it would have contained private customer information. And we might never have heard about it, because banks and other corporations in Australia are under no legal obligation to disclose data loss.The worrying issue is that while a case of data loss by a bank, for example, might not put your money at risk, the information lost (such as your name, address, date of birth and other identity credentials) could be used to steal your identity for other purposes.In other developed countries there is a more enlightened attitude to privacy regulation. The British and US governments have legislated for any data theft situation by requiring mandatory disclosure of data loss, except in circumstances where the data has been encrypted.In May 2008, the Australian Law Reform Commission recommended the Privacy Act be amended to include a new obligation in regard to data breach notification.This would require an organisation to notify the Privacy Commissioner in the event that personal data had been or might have been released by virtue of theft or other compromise, except where the data was believed to have been encrypted satisfactorily.The federal government has indicated its willingness to legislate for many of the Law Reform Commission's recommendations and has introduced an amendment into the Senate. While we await the results, our personal privacy is at the mercy of the pedestrian whims of the parliamentary process.
© 2010 Sydney Morning Herald
Share This