Presentation is loading. Please wait.

Presentation is loading. Please wait.

8/25/20141 Portable/mobile devices and privacy in Local Government Dr Anthony Bendall Acting Victorian Privacy Commissioner.

Similar presentations


Presentation on theme: "8/25/20141 Portable/mobile devices and privacy in Local Government Dr Anthony Bendall Acting Victorian Privacy Commissioner."— Presentation transcript:

1 8/25/20141 Portable/mobile devices and privacy in Local Government Dr Anthony Bendall Acting Victorian Privacy Commissioner

2 Overview OVPC Surveys and Guide Privacy laws Recent developments : –Tablets –Smart phones –Portable hard drives –BYOD –Cloud computing Looking ahead

3 Example “A staff member was responsible for collating information about individuals from numbers sourced for the purpose of preparing reports. The staff member would often work on these reports at home and stored the work on a personal USB key. But the USB key was lost, possibly at a supermarket car-park, with over 30 reports.”

4 OVPC Surveys and Guide OVPC, Use of Portable Storage Devices: Privacy Survey, January 2009 OVPC, Portable Storage Devices: Privacy Survey 2011, December 2011 OVPC, Use of Portable Storage Devices – a guide to policy development, August 2009 All available at

5 8/25/20145 Privacy laws Information Privacy Act 2000 (Vic) IPP 4: Data Security –...”must take reasonable steps to protect personal information... from misuse, loss, unauthorised access, modification and disclosure.” –Personal information should be destroyed or de- identified when it is no longer needed. Similar laws at Cth level and in other States and Territories

6 2008 Survey 55 organisations “Major security risk” 17 recommendations Recommendation 1: formal policy –2009 Guide –27 point checklist

7 Surveys by others NZ 2010: –42 NZ agencies –120 devices lost in 12 months –“inadequate controls” Australian Privacy Commissioner 2009: –58% of agencies suffered loss or theft –“mixed results”

8 2011 Survey 31 of previous 55 organisations General improvement 12 organisations – no controls Lack of encryption 10 organisations – no tracking 8 – no improvement 2 – deterioration Local Councils – from “poor” to “commended”

9 Tablets and other developments Explosion in period between two surveys 2011 – 50% provide tablets to staff Portable hard drives

10 BYOD Increasing Lack of policy and technical controls

11 The cloud New challenges Loss of control Offshore storage OVPC Information Sheet: Cloud Computing, May 2011

12 2011 recommendations 6 additional recommendations: –Strict control over external hard drives –Control of all active ports –Encrypted USB keys Smart phones and tablets –Integrity –Expanded policies Privacy Impact Assessments –Collection & notice –data security –transborder flows Loss of control Accountability

13 Conclusion Accountability Costs Compliance notices Potential data breach laws

14 More information Privacy Victoria


Download ppt "8/25/20141 Portable/mobile devices and privacy in Local Government Dr Anthony Bendall Acting Victorian Privacy Commissioner."

Similar presentations


Ads by Google