find the latest legal job
Senior Associate - Litigation & Dispute Resolution
Category: Litigation and Dispute Resolution | Location: Melbourne CBD & Inner Suburbs Melbourne VIC
· Come work for a firm ranked in Lawyers Weekly Top 25 Attraction Firms
View details
Associate - Workplace Relations & Safety
Category: Industrial Relations and Employment Law | Location: Brisbane CBD & Inner Suburbs Brisbane QLD
· Employer of choice · Strong team culture
View details
Freelance Lawyers
Category: Banking and Finance Law | Location: All Perth WA
· Freelance opportunities through Vario from Pinsent Masons
View details
Freelance Lawyers
Category: Other | Location: All Adelaide SA
· • Qualified lawyer with a strong academic background
View details
Freelance Lawyers
Category: Other | Location: All Melbourne VIC
· • Qualified lawyer with a strong academic background
View details
Report decodes US data privacy

Report decodes US data privacy

A new whitepaper explores the issues affecting data sovereignty in the cloud in the wake of the US National Security Agency (NSA) secret surveillance leak.

Co-authors Adrian Lawrence, a partner at Baker & McKenzie, and David Vaile (pictured) from the Cyberspace Law and Policy Centre at the University of New South Wales (UNSW), joined in a panel discussion at Bakers’ Sydney offices yesterday (2 July) following the report’s launch.

“We’re not suggesting we’re going from blissful ignorance to blind panic about data jurisdiction in one jump,” said Vaile, adding that some data can happily live anywhere and some people don’t care if it’s accessed by law enforcement agencies offshore.

Data stored offshore is, however, subject to the laws in the jurisdiction in which it is stored. The report, which took a year to compile, says it is unclear the extent to which FBI/NSA top-secret PRISM data-mining of telecom and internet providers - which Edward Snowden blew the whistle on in June 2013 – would affect business-orientated cloud data services.

“US authorities will not apply particular self-restraint in scenarios involving foreign jurisdictions and US interests,” the report reads.

It’s fifth chapter looks at 10 ways an Australian company’s data can be accessed in the US (the main cloud-hosting jurisdiction), compared to the situation in Australia, with the aim of helping 

companies to consider whether a data-sovereignty-aware cloud policy is necessary.

“In some issues these two scenarios are identical, in [others] they’re quite different,” said Vaile.

The primary limit on the US government’s power to obtain personal information, the fourth amendment of the US constitution, considers whether a person has an objective “reasonable expectation of privacy” and it prohibits “unreasonable searches and seizures” based on that expectation.

While there are many exceptions to this protection, including for data held by a third party, much discussion in the US about the NSA breach has been based on the fourth amendment.

“In a sense, we don’t have that discussion here because we don’t have that sort of protection, so I suspect we probably do need, over time, if [not] constitutional protection, legal protections.”

Changing times

Last week, key legislation to introduce mandatory data breach notification fell by the wayside amid changes in Government and cabinet, despite numerous claims that it is long overdue.

The Privacy Amendments (Privacy Alerts) Bill 2013, which would ensure consumers have a right to know when their privacy has been breached, was one of 295 recommendations that the Australian Law Reform Commission (ALRC) made in 2008 as part of its landmark review of the Privacy Act.

Yesterday’s panel, which also included risk expert Eric Lowenstein from global insurer Aon, and Craig Scroggie, the CEO of data centre operator NEXTDC, were disappointed the inquiry had not been acted on, and called for swift passage of the recommendations.

“Of course we don’t need another review; it was on the point of having a law passed … properly implemented it’s not going to get in the way [of investigative journalism]; it’s for the most extreme and totally unjustifiable abuses that have no public interest component,” said Vaile.

Lawrence (pictured right) said it was difficult for privacy lawyers to advise clients on enforcement issues but that post March 2014, when more detailed evaluation of the Privacy Act is expected, it should become easier.

“This is an issue that is not able to be put into a little box of privacy law anymore, but it’s a key compliance issue right at the top level of corporations,” said Lawrence.

Vaile said that the topic of data retention, sovereignty and protection had gone from “nervous lawyer’s backroom stuff” to a mainstream business risk-management requirement in a couple of years.

“Flowing on from all of this [is] the potential pressure for local regulators to be real regulators rather than sleeping pussycats,” said Vaile.

Australian Communications and Media Authority chairman Chris Chapman gave a keynote address in which he praised the “timely report” and said a nuanced use of mixed strategies would be required to solve personal data collection concerns in the hyper-connected cloud environment.

Like this story? Read more:

QLS condemns actions of disgraced lawyer as ‘stain on the profession’

NSW proposes big justice reforms to target risk of reoffending

The legal budget breakdown 2017

Report decodes US data privacy
lawyersweekly logo
Promoted content
Recommended by Spike Native Network
more from lawyers weekly
Scales of Justice, ALA, right-to-die law
Oct 24 2017
‘Right-to-die’ laws would be a relief for terminally ill: ALA
The passage of an assisted dying bill through the lower house of Victorian Parliament has been haile...
Oct 24 2017
Diversity top of agenda for future WA Law Society president
The advancement of diversity in the Western Australian legal profession will be one of the key items...
Oct 23 2017
How to fail well
The legal profession is due for an attitude adjustment when it comes to perceived failures, accordin...
Allens managing partner Richard Spurio, image courtesy Allens' website
Jun 21 2017
Promo season at Allens
A group of lawyers at Allens have received promotions across its PNG and Australian offices. ...
May 11 2017
Partner exits for in-house role
A Victorian lawyer has left the partnership of a national firm to start a new gig with state governm...
Esteban Gomez
May 11 2017
National firm recruits ‘major asset’
A national law firm has announced it has appointed a new corporate partner who brings over 15 years'...
Nicole Rich
May 16 2017
Access to justice for young transgender Australians
Reform is looming for the process that young transgender Australians and their families must current...
Geoff Roberson
May 11 2017
The lighter side of the law: when law and comedy collide
On the face of it, there doesn’t seem to be much that is amusing about the law, writes Geoff Rober...
May 10 2017
Advocate’s immunity – without fear or without favour but not both
On 29 March 2017, the High Court handed down its decision in David Kendirjian v Eugene Lepore & ...