find the latest legal job
Corporate Counsel and Company Secretary
Category: Generalists - In House | Location: Newcastle, Maitland & Hunter NSW
· Highly-respected, innovative and entrepreneurial Not-for-Profit · Competency based Board
View details
Chief Counsel and Company Secretary
Category: Generalists - In House | Location: Newcastle, Maitland & Hunter NSW
· Dynamic, high growth organisation · ASX listed market leader
View details
In-house Projects Lawyer | Renewables / Solar | 2-5 Years PQE
Category: Generalists - In House | Location: All Australia
· Help design the future · NASDAQ Listed
View details
Insurance Lawyer (3-5 PAE)
Category: Insurance and Superannuation Law | Location: Brisbane CBD & Inner Suburbs Brisbane QLD
· Dynamic organisation ·
View details
Legal Counsel
Category: Corporate and Commercial Law | Location: North Sydney NSW 2060
· 18 month fixed term contract · 3-5 years PQE with TMT exposure
View details
Report decodes US data privacy

Report decodes US data privacy

A new whitepaper explores the issues affecting data sovereignty in the cloud in the wake of the US National Security Agency (NSA) secret surveillance leak.

Co-authors Adrian Lawrence, a partner at Baker & McKenzie, and David Vaile (pictured) from the Cyberspace Law and Policy Centre at the University of New South Wales (UNSW), joined in a panel discussion at Bakers’ Sydney offices yesterday (2 July) following the report’s launch.

“We’re not suggesting we’re going from blissful ignorance to blind panic about data jurisdiction in one jump,” said Vaile, adding that some data can happily live anywhere and some people don’t care if it’s accessed by law enforcement agencies offshore.

Data stored offshore is, however, subject to the laws in the jurisdiction in which it is stored. The report, which took a year to compile, says it is unclear the extent to which FBI/NSA top-secret PRISM data-mining of telecom and internet providers - which Edward Snowden blew the whistle on in June 2013 – would affect business-orientated cloud data services.

“US authorities will not apply particular self-restraint in scenarios involving foreign jurisdictions and US interests,” the report reads.

It’s fifth chapter looks at 10 ways an Australian company’s data can be accessed in the US (the main cloud-hosting jurisdiction), compared to the situation in Australia, with the aim of helping 

companies to consider whether a data-sovereignty-aware cloud policy is necessary.

“In some issues these two scenarios are identical, in [others] they’re quite different,” said Vaile.

The primary limit on the US government’s power to obtain personal information, the fourth amendment of the US constitution, considers whether a person has an objective “reasonable expectation of privacy” and it prohibits “unreasonable searches and seizures” based on that expectation.

While there are many exceptions to this protection, including for data held by a third party, much discussion in the US about the NSA breach has been based on the fourth amendment.

“In a sense, we don’t have that discussion here because we don’t have that sort of protection, so I suspect we probably do need, over time, if [not] constitutional protection, legal protections.”

Changing times

Last week, key legislation to introduce mandatory data breach notification fell by the wayside amid changes in Government and cabinet, despite numerous claims that it is long overdue.

The Privacy Amendments (Privacy Alerts) Bill 2013, which would ensure consumers have a right to know when their privacy has been breached, was one of 295 recommendations that the Australian Law Reform Commission (ALRC) made in 2008 as part of its landmark review of the Privacy Act.

Yesterday’s panel, which also included risk expert Eric Lowenstein from global insurer Aon, and Craig Scroggie, the CEO of data centre operator NEXTDC, were disappointed the inquiry had not been acted on, and called for swift passage of the recommendations.

“Of course we don’t need another review; it was on the point of having a law passed … properly implemented it’s not going to get in the way [of investigative journalism]; it’s for the most extreme and totally unjustifiable abuses that have no public interest component,” said Vaile.

Lawrence (pictured right) said it was difficult for privacy lawyers to advise clients on enforcement issues but that post March 2014, when more detailed evaluation of the Privacy Act is expected, it should become easier.

“This is an issue that is not able to be put into a little box of privacy law anymore, but it’s a key compliance issue right at the top level of corporations,” said Lawrence.

Vaile said that the topic of data retention, sovereignty and protection had gone from “nervous lawyer’s backroom stuff” to a mainstream business risk-management requirement in a couple of years.

“Flowing on from all of this [is] the potential pressure for local regulators to be real regulators rather than sleeping pussycats,” said Vaile.

Australian Communications and Media Authority chairman Chris Chapman gave a keynote address in which he praised the “timely report” and said a nuanced use of mixed strategies would be required to solve personal data collection concerns in the hyper-connected cloud environment.

Like this story? Read more:

QLS condemns actions of disgraced lawyer as ‘stain on the profession’

NSW proposes big justice reforms to target risk of reoffending

The legal budget breakdown 2017

Report decodes US data privacy
lawyersweekly logo
Promoted content
Recommended by Spike Native Network
more from lawyers weekly
LCA president Fiona McLeod SC
Aug 17 2017
Where social fault lines meet the justice gap in Aus
After just returning from a tour of the Northern Territory, LCA president Fiona McLeod SC speaks wit...
Marriage equality flag
Aug 17 2017
ALHR backs High Court challenge to marriage equality postal vote
Australian Lawyers for Human Rights (ALHR) has voiced its support for a constitutional challenge to ...
Give advice
Aug 17 2017
A-G issues advice on judiciary’s public presence
Commonwealth Attorney-General George Brandis QC has offered his advice on the public presence of jud...
APPOINTMENTS
Allens managing partner Richard Spurio, image courtesy Allens' website
Jun 21 2017
Promo season at Allens
A group of lawyers at Allens have received promotions across its PNG and Australian offices. ...
May 11 2017
Partner exits for in-house role
A Victorian lawyer has left the partnership of a national firm to start a new gig with state governm...
Esteban Gomez
May 11 2017
National firm recruits ‘major asset’
A national law firm has announced it has appointed a new corporate partner who brings over 15 years'...
opinion
Nicole Rich
May 16 2017
Access to justice for young transgender Australians
Reform is looming for the process that young transgender Australians and their families must current...
Geoff Roberson
May 11 2017
The lighter side of the law: when law and comedy collide
On the face of it, there doesn’t seem to be much that is amusing about the law, writes Geoff Rober...
Help
May 10 2017
Advocate’s immunity – without fear or without favour but not both
On 29 March 2017, the High Court handed down its decision in David Kendirjian v Eugene Lepore & ...