|
|
Home
| Databases
| WorldLII
| Search
| Feedback
Computers and Law: Journal for the Australian and New Zealand Societies for Computers and the Law |
AUSCL CONTRIBUTIONS TO POLICY ON COMPUTERS AND THE LAW
RAM SUNTHAR[*]
AUSCL aims to be Australia’s leading interdisciplinary think-thank on issues relating to the law, at the intersection of technology and society. It is a registered Australian non-profit charity with a charter to advance education and advocacy at that intersection.
AUSCL provides a lively forum for debate and is committed to providing balanced, informed and transparent advocacy on critical issues and promoting the education of its members and the wider community.
AUSCL members include legal and technology professionals, business leaders, government officials, academics across all disciplines and members of the bar and retired judiciary
AUSCL hosts several training sessions and master classes. Some of the sessions are recorded and hosted on AUSCL Youtube® channel. There are a total of 52 records sessions hosted within AUSCL Youtube Channel.
The AUSCL has been actively providing submissions to state and federal governments on various bills and amendments.
The AUSCL Policy Lab, together with the Allens Hub, The Law Society of New South Wales Future of Law and Innovation in the Profession (FLIP), and The Disability Innovation Institute at UNSW (DIIU), has made a submission to the Department of Industry, Science, Energy and Resources in response to a call for input into the development of an Artificial Intelligence (AI) Action Plan.
The submission covered the full spectrum of AI capabilities, from defining artificial intelligence to AI maturity. It addressed skills and capabilities that are required for AI enabled future, AI's contribution to legal sector, the expected law reform action for AI action plan and lowering the barriers to entry.
This submission proposed establishing guard rails to address online safety, including cyber-bullying, image-based abuse, harassment and abhorrent violent material, through policy development and draft legislation.
It proposed that the guiding principles must include respect for the rule of law and human rights, including the right that individuals not be subjected to arbitrary interference with their privacy. An emphasis on these guiding principles will promote human dignity, natural justice, procedural fairness, transparency and accountability, and predictability and consistency in the application of law. In circumstances where powers exist to limit an individuals’ rights and freedoms, including freedom of expression, it is necessary to ensure adequate safeguards to ensure those powers, and the limits they impose, are necessary, reasonable, proportionate and justifiable on the grounds of public interest.
This submission reviewed ACCC’s Digital Advertising Services Inquiry: Interim Report (‘Interim Report’) by focusing on three issues
• The scope and focus of the inquiry;
• The analysis of issues at the intersection of competition and privacy; and
• International (trade and conflicts of laws) considerations that should be included in the analysis.
This submission acknowledged that the Bill contains some commendable transparency measures such as the public availability of Data Sharing Agreements (‘DSA’). The submission covered following propositions.
Objects of Bill. A reference to accountability should be inserted into the Bill’s Objects. This would strengthen the functionality of existing safeguards and ensure accountability plays a central interpretive role. In addition, the Objects clause should note that consent remains the primary basis for sharing personal information.
Private Sector Research and Research Ethics. Private sector organisations seeking to use data for research should be required to prove a rigorous ethics process.
New Data Attributes. Interaction with the review of the Privacy Act 1988 definition of “personal information” should be managed.
International Data Sharing. Accreditation of foreign entities should be subject to proof that the relevant foreign country has a comparable privacy law framework.
Transparency. Transparency measures should be put in place with respect to the operation of Clause 15(4). Further, there should be ongoing transparency about flaws in the data protections applied in clause 16(7).
Interaction with Other Legislation. Details of interaction with other legislation should be published, ideally within the Bill. Consistent terminology across legislation should be a long term goal.
Handling of Data After Project Completion. Requirements on termination of a project or suspension of an accredited entity, such as data deletion, should be specified.
Accountability. Transparency and accountability should be enhanced through additional language in privacy policies and a requirement for data scheme entities to raise complaints. Data subjects should also be encouraged to make complaints.
Consent. The threshold for circumstances when it is unreasonable or impracticable to seek consent should be incorporated as part of the ethics function governed by the National Data Advisory Council.
Data Sharing Controls and Environment. There should be minimum standards for security and data protection practices, including training.
Guidelines to Address Data Procurement. The scope of guidelines be amended to cover data procurement and pre-processing as well as the operation of clause 15(4).
This submission focused on the following topics.
• The scope of what constitutes a critical infrastructure asset should be narrowed to ensure proportionality with respect to the grant of government powers contemplated by the Bill.
• In deciding what is a critical infrastructure asset, it is important to understand network interactions; dependencies are relevant in determining which components are critical.
AUSCL submission focused on seven issues:
• The scope and focus of the proposed changes
• Definition of ‘Eligible Data Breach’
• Resourcing the regulator
• Extensions to assessment periods
• Public Notification
• Exemption from Notification to affected individuals; and
• Reconciliation with other data breach notification obligations.
AUSCL contributed to digital identity legislation on Position Paper (Phase 2) and Exposure Draft (Phase 3).
• Independent oversight of the system
• Onboarding to participate in the system
• Individual and User expectations
• Privacy and consumer safeguards;
• Security requirements and incident responses;
• Record keeping and data retention; and
• Liability and redress framework.
AUSCL contributed to the Data strategy discussion paper covering the following areas:
• Data sharing agreement
• International data sharing
• Data provenance
• Data sovereignty
• Data quality
• Data access
• Data traceability
• Standards for data
• Data integration
• Data lifecycle management
Further submission covered the expected top three outcomes from Australian Data Strategy by 2025.
AUSCL submission focused on ensuring that regulations that govern the execution documents are light-touch fit for purpose and reflect the way businesses and consumers want to engage and communicate digitally.
Privacy review submission addresses a number of proposals.
1. The existence of policy issues remains beyond the scope of the Privacy Act Review;
2. The fact that information cannot be cleanly divided into ‘personal’ and ‘nonpersonal’, but that much data that has undergone a de-identification process is reidentifiable with some measure of risk (proposal 2);
3. Concerns about the relationship between the small business exemption and Consumer Data Rights;
4. The importance of removing or narrowing the employee records exemption in order to ensure cyber security requirements apply in this context;
5. A requirement for privacy notices to be accompanied by code that can be automatically processed by computers (so that privacy settings can be used to control what an individual agrees to);
6. The limitations of relying on consent as a solution to consumer issues with privacy (proposal 9);
7. The importance of transparency about research uses (proposal 10.4);
8. How proposal 11 could be strengthened;
9. The ability to use a range of existing security standards to reduce compliance costs in proposal 19.2;
10. Support and further suggestions for strengthening enforcement powers (proposal 24);
11. Suggestions for a direct right of action (proposal 25); and
12. Specific issues around biometric identifiers.
The AUSCL submission on Copyright Amendment (Access Reform) bill addressed a selection of the issues covered by the proposed legislation in relation to orphan works, namely, Schedule 1 – Limitation on remedies for use of orphan works.
[*] Architect, CitiPower, Powercor and United Energy.
AustLII:
Copyright Policy
|
Disclaimers
|
Privacy Policy
|
Feedback
URL: http://www.austlii.edu.au/au/journals/ANZCompuLawJl/2022/12.html