Office of the Australian Information Commissioner - Home

Australian Government - Office of the Australian Information Commissioner
Australian Government - Office of the Australian Information Commissioner

Main menu

Over the Horizon 2010

Presentation by Karen Curtis, Privacy Commissioner, Over the Horizon 2010, Sydney, 11 June 2010

pdfOver the Horizon 2010

Introduction

Firstly may I acknowledge the traditional owners of the land on which we meet, and pay my respects to their elders past and present.

Thank you very much Rob for that introduction.

Thank you also Senator Conroy for setting the scene for what I'm sure will be a thought provoking forum.

I also congratulate everybody involved in what has been a successful National Cyber Security Awareness Week. I was torn between coming here or going to the launch of Hector's World at Birchgrove Primary. So that's a good sign when you have attractive events competing.

Cyber security and privacy - a synergy

There is a clear and fundamental synergy or connection between cyber security and privacy.

It's like privacy and cyber security go together like Brad and Angelina, or Bonnie and Clyde. Or given the success of Masterchef: like Fish and Chips or Bangers and Mash.

Cyber security is no longer something you can just let the IT department worry about. Internet activity is, for most of us, an integral part not only of how we work, but also how we communicate, shop, plan our travel, socialise and bank.

And because this cyber activity often involves our personal information, privacy is a day-to-day issue in the online world.

Many of the key privacy issues my Office deals with - collection, data security, disclosure of personal information - arise in the cyber environment and raise security issues. Indeed telecommunications is one of our most complained about sectors and we provide a lot of policy advice in the ICT field. It is because of those connections that I'm pleased to be here.

Many of you may be aware that in early May my Office - the Office of the Privacy Commissioner - had its own promotional week: Privacy Awareness Week, or as we like to call it, 'PAW'.

It was a successful week, and one in which we also recognised the strong connection between privacy and cyber security.

We partnered with the Department of Broadband, Communications and the Digital Economy and the Australian Communications and Media Authority, to promote some messages common to all of our agencies.

Specifically, with the greater use of mobile phones to connect to the internet and facilitate online services, we were keen to produce materials to help raise awareness of both the privacy and cyber security issues arising out of this ubiquitous piece of technology.

The end result of this partnership was this pocket-sized quick reference guide titled 'Mobilise Your Mobile Phone Privacy'.

It is available from my Office's website - www.privacy.gov.au - and I'm sure our friends at DBCDE and ACMA will be able to provide you with some as well.

The guide gives ten simple, easy to understand tips for protecting privacy and security on using mobile phones. The guide not only demonstrates how intertwined privacy and cyber security are, but is a great example of how beneficial partnering arrangements can be.

Now that Privacy Awareness Week has passed and National Cyber Security Awareness Week is here, I am pleased to return a favour!  But it is also good because it gives me a chance to reiterate and reinforce some of the messages we promoted during our own awareness week.

Technology evolving

Today is 11 June, and it was on this day in 1977 that the Electric Light Orchestra released its huge hit "Telephone Line". It was a simple song about a guy waiting forlornly for his beloved to pick up the telephone.

But that was 1977. If this song were written today, I'm not sure it would be quite so poignant. Let's face it: in 2010, if he couldn't manage to get her on the phone, he'd be able to text her, email her, jump onto Skype or maybe Facebook her instead.

The point is that we are in a constantly changing technological world. As technology develops, our options for communicating grow all the time. Innovative solutions are constantly being developed to either help fix problems or simply make our lives easier.

But, as all of us know only too well, as the options increase so too do the challenges. For example, in the internet world, evolving technologies continue to mean there are more personal information data trails. It is a challenge that will require ongoing vigilance.

Today's forum has been dubbed a 'visioning forum'. You will, I'm sure, hear some interesting perspectives on what might be coming, to borrow the phrase from the name of this session, 'Over the Horizon'.

For example, Craig Scroggie will explore the concept of a future where the 'internet is everywhere'. We'll also hear about other emerging technological developments, such as cloud computing and greater use of Web 2.0 technologies.

But while it is important that we consider emerging issues, I also want us to remember that, in this era of profound technological change, there are some things that do remain the same. And one of those is our desire for privacy.

Now, you do hear of talk that privacy is dead. For example, you will occasionally hear this kind of position quoted: "you have zero privacy anyway - get over it!"

There is much spoken and written about a perceived modern tendency, especially amongst Gen Y, that people are caring less and less about their privacy.

Privacy is a constant

I acknowledge that people's attitudes to their privacy do change over time. This is why we conduct regular Community Attitudes Surveys - to attempt to observe and document any emerging trends over time. Nonetheless, I really do believe that the community's valuing of privacy is a constant. It is invoked so often.

In our last survey on Community Attitudes to Privacy, half of the respondents were more concerned about providing information over the internet than they were two years ago, with 31% as concerned and a mere 11% less concerned. These responses also confirmed that Australians believe the internet is not as secure as other more traditional means of providing information.

I only need to mention recent media coverage to demonstrate this point. 2010 has been a big year for privacy in the media - issues about Facebook, Google WiFi collection, ID scanning in clubs and pubs and ID theft have been front page news.

And there's a reason for this. Privacy IS news. People are still interested in privacy issues. If they didn't value their own privacy and take an interest, then these would not be stories.

Sure it may be true that in this fast-paced and increasingly complex world, people can be a little less careful about their approach to protecting their own privacy from time to time.

With the phenomenon of social networking sites now firmly embedded in the mainstream (indeed there are 9 million Australians on Facebook alone); it is easy to look at the amount of personal information appearing online and think that people simply don't care.

But to construe all this as not caring would be a big mistake. Witness some of the recent backlash against Facebook.

People still need their privacy to lead full and dignified lives. Put simply, people still should be able to choose to be out of the spotlight, to metaphorically and actually draw their curtains when they're at home - even if they do seem to be on Facebook 24:7!

Our privacy futures?

So if privacy is still a constant in an ever-changing world, then where to from here for protecting privacy?

What better place than at an 'envisioning' forum, for me to offer two key thoughts that are vital as we envisage, and then set forth into, our privacy futures.

The first is the fact that technological developments bring both technological challenges and technological solutions.

I think if the technology is complex enough to create challenges for us, then it is also smart enough to provide the solutions.

Technology is what we make it. New technologies are not inherently good or bad for privacy, and privacy need not be a blocker to their use.

Technologies can become good or bad for privacy depending on how they are designed, developed and deployed.

By considering projects involving new technologies in the context of privacy, and by building in privacy from the very beginning of the design phase, we can ensure that technologies don't impinge on, but actually enhance, the privacy of individuals.

Enjoying the benefits of new technologies does not mean we have to give up other freedoms or rights. New technologies have a lot to offer. Let's take responsibility to develop systems carefully so that they achieve their aims while protecting privacy.

Let's see more PETS - Privacy Enhancing Technologies and less PITS - Privacy Invasive Technologies.

Privacy: It's in your Hands

So, it is clear that technology will have an important role to play as we consider the protection of our privacy in an increasingly complex future. However, on its own, technology fixes cannot deliver perfect privacy protection.

Which brings me to my second point. No matter how much things change, and no matter how many different technologies evolve, some privacy solutions will, quite simply, still reside here: in the hands of each one of us.

Privacy: It's in your Hands was the key theme of my Office's recent Privacy Awareness Week. I note that the architects of National Cyber Security Awareness Week have adopted a similar practical approach.

To help reinforce this message, we released a number of products designed to help individuals, agencies and organisations take privacy into their own hands.

I have already referred earlier to our mobile phone pocket guide, which was a great way to inform mobile phone users of simple things to do to make technology work for them and protect them.

My Office, in partnership with members of the Asia Pacific Privacy Authorities, also developed an online self help ID theft prevention tool.

It is a fun, quiz-based tool which helps you to work out how likely you are to be a victim of ID theft. It takes you through 11 areas in your life, exploring how you handle things such as your:

  • personal computer
  • online shopping
  • driver's licence
  • credit cards
  • and even your rubbish bin and letter box.

The tool also includes separate 'read and learn' pages with practical tips and ways you can improve your identity security.

According to the test, I'm at 15% risk, but I'm going to work on that!  The tool is available from http://www.privacyawarenessweek.org/, and what better week than this for all of you to give it a try and see how you are tracking.

Products like these can assist individuals, agencies and organisations to take positive action into their own hands. And from the feedback we have received to date, they have been successful.

Conclusion

So, before I leave you in the hands of the rest of today's speakers, I'd like to leave this thought with you as you contemplate your cyber futures:

Current and emerging technologies can provide great benefits and great convenience - but as influential as they are, they will not determine our futures all by themselves.

Everyone needs to be aware that they have a choice. A choice about:

  • how they will use and apply technology in their own life
  • who they will give their information to
  • the security settings they will use on their mobile phones and social networking sites, and
  • how they will protect themselves from the risk of identity theft.

Put simply, our privacy (and cyber security) future is in our hands.

Thank you.