Toll Free (Aus) 1300 851 557
Perth : (08) 6430 8000
Melbourne : (03) 8620 2600
Perth : (08) 6430 8000
Melbourne : (03) 8620 2600
20 May 2009
When it comes to the Internet I often wonder just how many places my email address, mobile phone number and other personal information has ended up. It’s not like I am hiding my identity on the web, I write for my blog, my corporate web site, this web site and others however the real concerns come from the details that I have given to organisations that have requested them, banks I am with, government agencies and so forth.
I mean how many times are we requested to fill in a form online and where do those details reside? For business owners there is a good 10 point check list from the Privacy web site. Summarised it looks like this:
• Principle 1 - Collection
• Principle 2 - Use and disclosure
• Principle 3 - Data quality
• Principle 4 - Data security
• Principle 5 - Openness
• Principle 6 - Access and correction
• Principle 7 - Identifiers
• Principle 8 - Anonymity
• Principle 9 - Transborder data flows
• Principle 10 - Sensitive information
Download the pdf here: http://www.privacy.gov.au/publications/npps01.pdf
I am really interested in Principle 3, Data Security and Principle 9 Transborder data flows. It is a good time to point out that the Australian Federal Privacy Act stipulates that the act only apply if a commercial or not-for-profit organisation is turning over more than $3million annually. Why does the Act not apply for organisations that are smaller? Does that mean a huge retail organisation like Coles or Woolworths can abrogate their responsibility by engaging a small Digital Services company to perform email marketing tasks using a hosted solution in the US, India or China? The Act provides this out by stating that you can transfer personal data across borders if it is to fulfil a contractual obligation, i.e. perform email marketing for your client.
What about splash campaigns and web hosting offshore? Should we Digital Marketers be allowed to collect information off shore without giving warnings to the user? If we do provide a warning perhaps it should read:
“Dear User, you are about to fill in this form but we really do not know what the hosting provider may do with your information even thought we think it is only accessible by us, good luck as we have no clue!”
There needs to be a reform around the collection and hosting of personal data in the cloud and it’s something that we as an industry can set standards and frameworks to help protect us all.
When it comes to the Internet I often wonder just how many places my email address, mobile phone number and other personal information has ended up. It’s not like I am hiding my identity on the web, I write for my blog, my corporate web site, this web site and others however the real concerns come from the details that I have given to organisations that have requested them, banks I am with, government agencies and so forth.I mean how many times are we requested to fill in a form online and where do those details reside? For business owners there is a good 10 point check list from the Privacy web site. Summarised it looks like this:
• Principle 1 - Collection
• Principle 2 - Use and disclosure
• Principle 3 - Data quality
• Principle 4 - Data security
• Principle 5 - Openness
• Principle 6 - Access and correction
• Principle 7 - Identifiers
• Principle 8 - Anonymity
• Principle 9 - Transborder data flows
• Principle 10 - Sensitive information
Download the pdf here: http://www.privacy.gov.au/publications/npps01.pdf
I am really interested in Principle 3, Data Security and Principle 9 Transborder data flows. It is a good time to point out that the Australian Federal Privacy Act stipulates that the act only apply if a commercial or not-for-profit organisation is turning over more than $3million annually. Why does the Act not apply for organisations that are smaller? Does that mean a huge retail organisation like Coles or Woolworths can abrogate their responsibility by engaging a small Digital Services company to perform email marketing tasks using a hosted solution in the US, India or China? The Act provides this out by stating that you can transfer personal data across borders if it is to fulfil a contractual obligation, i.e. perform email marketing for your client.
What about splash campaigns and web hosting offshore? Should we Digital Marketers be allowed to collect information off shore without giving warnings to the user? If we do provide a warning perhaps it should read:
“Dear User, you are about to fill in this form but we really do not know what the hosting provider may do with your information even thought we think it is only accessible by us, good luck as we have no clue!”
There needs to be a reform around the collection and hosting of personal data in the cloud and it’s something that we as an industry can set standards and frameworks to help protect us all.
- Template © Platform Interactive Pty Ltd by the SIMP aka R-Styles
This blog is for like minded Internet professionals that want to express their thoughts on the web development and web marketing industry.
