1 / 15

Symposium Interpreting Privacy Principles: Chaos or Consistency? 17 May 2006, Sydney Interpreting the Security Principl

Symposium Interpreting Privacy Principles: Chaos or Consistency? 17 May 2006, Sydney Interpreting the Security Principle Nigel Waters, Principal Researcher. Methodology of Investigation. Identify issues Identify ‘cases’ expressly involving the security principle

agatha
Download Presentation

Symposium Interpreting Privacy Principles: Chaos or Consistency? 17 May 2006, Sydney Interpreting the Security Principl

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Symposium Interpreting Privacy Principles: Chaos or Consistency? 17 May 2006, Sydney Interpreting the Security Principle Nigel Waters, Principal Researcher

  2. Methodology of Investigation • Identify issues • Identify ‘cases’ expressly involving the security principle • Primary source - WorldLII Privacy Law Project

  3. Methodology of Investigation • Search for relevant material • Iterative process • Will review all published cases • Initial focus on information privacy laws • Progressively extension to other relevant laws

  4. Security measures are designed to mitigate the RISK of … … Unauthorised Use of p.i. … Unauthorised Disclosure of p.i. … … Loss or corruption of p.i. Misuse Including: Authorised but improper use? … by someone with authorised access i.e. exceeding their authority … by an unauthorised third party e.g. by hacking or phishing

  5. Security Principle - Issues • Reasonableness • Generic Industry standards vs customised standards for personal information? • Generic ‘all mode’ vs mode/technology-specific standards • Human (Personnel) security

  6. Security Principle - Issues • Liability – organisation vs employee vs contractors • Relationship between security and disclosure • Carelessness

More Related