Bradfield Resident

Information. Issues. Insight. Investigation.

Sun 02 Oct 2011 | Social media data mining, spam and privacy

Posted by bradfieldresident on 2 October 2011

Facebook: one of the major players on the web, and one not generally regarded as an advocate of privacy. It is hard to imagine what they actually do with all the user data. There have been reports that at least some of the company’s offerings violate European data protection laws (eg see Germany: Facebook Like button violates privacy laws).

Facebook is a US-based company (“The company Facebook, Inc. has been established and registered according to the law of the state of Delaware. Registration number: 3835815, Secretary of State, State of Delaware”, maybe registered someplace else in Ireland for financial reasons), arguably free of local Australian regulation. When you use Facebook. you basically do it on the terms of wherever it is registered.

What about Australian businesses using Facebook? Following is a look at some claims made by an Australian company called MyGuestlist offering direct marketing services and software which leverages Facebook (and a whole heap of your personal information) to Australian (and apparently international) clients.

First, an article promoting MyGuestlist’s products and services:

MyGuestlist blog:
4 ways your Facebook fans/friends can now be treated like a real database. (World first!)

And then, Bradfield Resident’s comment, reproduced below.

Hi MyGuestlist,

I’m interested in this notion of “All very legal”. In which jurisdiction(s) are you referring to? The phrasing itself suggests that something dodgy is going on – perhaps legally permissible, if ethically questionable.

I’ve just this evening seen a venue in Sydney using your guestlist feature (which is how I arrived here), but I can’t see a link to terms and conditions, privacy policy or anything like that.

It is also curious that you promote your services as ‘non-spammy’, yet list the many ways to spam people with less effort than ever before. Marketing spin, I’m sure. I’d be interested to hear more about your ‘reputation’ system – [Both Facebook and MyGuestlist, will restrict how you use this particular tool to begin with and will only allow you to post to a larger number of groups/pages/profiles once you increase your reputation.] – one might suppose this works by allowing ‘popular’ (not-so-complained-about) clients to bulk message more. There may be some prickly details on what, in a legal sense, constitutes ‘spam’, but I don’t, for example, see anything on the guestlist page I mentioned earlier that indicates by providing some detail or other that I wish to start receiving SMS messages, wall posts, email, etc., so would, as I’m sure others would, consider any such message to be spam (unsolicited commercial messaging). Of course many people may not care or mind, but that doesn’t change the nature of it.

A search around the ‘net pops up the following from the Australian Government’s Department of Broadband, Communications and the Digital Economy under “Spam” (http://www.dbcde.gov.au/online_safety_and_security/spam): “The Spam Act 2003 prohibits the sending of spam, which is identified as a commercial electronic message sent without the consent of the addressee via email, short message service (SMS), multimedia message service (MMS) or instant messaging. The requirements under the Spam Act apply to all commercial electronic messages, including both bulk and individual messages.”

Beyond spam in particular is a more general privacy concern. It seems that Australia doesn’t yet have especially fair privacy laws (open question: does any country have actually fair privacy laws?), more to the point that privacy laws are currently not particularly protective of individuals, though laws still do exist.

It would seem that the National Privacy Principles apply to this business / activity.

From http://www.privacy.gov.au/law/act/npp : “The National Privacy Principles (NPPs) are the base line privacy standards which some private sector organisations need to comply with in relation to personal information they hold.”

The detail of “some private sector organisations” warrants attention. An unofficial source (Carlson Analytics [correction: Caslon Analytics]) providing a privacy guide proffers, regarding the 2000 Commonwealth privacy legislation:

(http://www.caslon.com.au/austprivacyprofile6.htm) “The Act covers private sector ‘organisations’: an individual, body corporate, partnership, an unincorporated association or a trust.

“That definition embraces:
* businesses (including nonprofit organisations such as sports clubs, charitable organisations and unions) with an annual turnover of more than $3 million
[…]
* organisations that carry on a business that collects or discloses personal information for a benefit, service or advantage (even if their turnover is less than $3 million).”

I suspect MyGuestlist falls into that second listed category, and that some of your clients could fall into the first (especially if they are larger venues, entities which involve multiple venues, or perhaps even large festival organisers or promotion brands).

That same page goes on to indicate what information is covered:

[— Begin quote —]
The Act covers personal information. It has special protection for personal information that is sensitive information.

Personal information is information or an opinion that can identify a person.

Sensitive information is information about an individual’s racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual preferences or practices, criminal record, or health information.

The Privacy Act only applies to information that is recorded in some form. That recording need not involve paper: it can include data in an electronic record.
[— End quote —]

In your article on this page, you write “And to add to all this, the available info we can play around with for the moment are name, age, DOB and gender. Quite soon, you will also be able to filter by likes, interests, occupation, hobbies etc.”

Personal information? Check. Sensitive information? Coming soon, apparently. (I might suppose MyGuestlist is already harvesting this information even if it is not presently available to customers.)

So, how does MyGuestlist (and its customers, in using the MyGuestlist service) address the National Privacy Principles (a plain English summary thereof, below)?

[— Begin quote http://www.privacy.gov.au/materials/types/law/view/6893 —]
NPP 1: collection
Describes what an organisation should do when collecting personal information, including what they can collect, collecting from third parties and, generally, what they should tell individuals about the collection.

NPP 2: use and disclosure
Outlines how organisations may use and disclose individuals’ personal information. If certain conditions are met, an organisation does not always need an individual’s consent to use and disclose personal information. There are rules about direct marketing.

NPPs 3 & 4: information quality and security
An organisation must take steps to ensure the personal information it holds is accurate and up-to-date, and is kept secure from unauthorised use or access.

NPP 5: openness
An organisation must have a policy on how it manages personal information, and make it available to anyone who asks for it.

NPP 6: access and correction
Gives individuals a general right of access to their personal information, and the right to have that information corrected if it is inaccurate, incomplete or out-of-date.

NPP 7: identifiers
Generally prevents an organisation from adopting an Australian Government identifier for an individual (e.g. Medicare numbers) as its own.

NPP 8: anonymity
Where possible, organisations must give individuals the opportunity to do business with them without the individual having to identify themselves.

NPP 9: transborder data flows
Outlines how organisations should protect personal information that they transfer outside Australia.

NPP 10: sensitive information
Sensitive information includes information such as health, racial or ethnic background, or criminal record. Higher standards apply to the handling of sensitive information.
[— End quote —]

I suppose NPP 5 is a good place to find out. I am going to suppose MyGuestlist has a policy on how you manage personal information, and I ask you to send a copy of your policy to the email address I’ve listed in the ‘Mail’ field of this web form. Thank you.

I can understand the commercial desire to have more information about customers and I’m not suggesting that it is necessarily improper. I am interested, though, to know if your organisation’s general attitude to privacy is one of it being an inconvenience to the process of making money, or if, as an organisation that essentially exists by dealing in personal information of client customers, you treat the privacy of those customers seriously.

Bradfield Resident

Posted in Department of Broadband, Communications and the Digital Economy, Internet | Tagged: , , , | Leave a Comment »

Tue 08 Jun 10 | To: Child Wise | B.McMenamin quote in SMH article re mandatory internet filtering

Posted by bradfieldresident on 8 June 2010

From: Bradfield Resident
Date: Tuesday 08 June 2010 04:47 (+10)
Subject: B.McMenamin quote in SMH article re mandatory internet filtering
To: Child Wise – Office

Child Wise,

I refer to an article published on the Sydney Morning Herald website:

Filter goes ahead regardless
http://www.smh.com.au/technology/technology-news/filter-goes-ahead-regardless-20100529-wmg7.html
SARAH WHYTE
May 30, 2010

The article contains the following paragraph:

But Bernadette McMenamin of the child protection group Child Wise said it was 100 per cent behind filtering illegal material. ”Sites are going to be blocked that should be blocked, and it’s absolutely essential every parent is taught about the dangers of the internet.”

Is this an accurate quote and representation of Child Wise’s position?

I note the specification of filtering ‘illegal material’; is that detail part of Child Wise’s particular position, or has it been supposed by SMH? I am inferring from the “Sites are going to be blocked” statement that Child Wise supports the filter being implemented, without restricting it to child abuse material.

I am also concerned by the quote from Ms McMenamin on three separate issues:

1. “Sites are going to be blocked” – from a technical standpoint this is known to be false and any blacklist can only ever be behind in listing any sites that could/’should’ be on the list

2. “should be blocked” – the current definition of “should be blocked”, that is, content that is or would be refused classification, is far broader than many people believe is appropriate; is not well defined (insofar as refused classification is not well defined); is certainly in excess of any child abuse prevention objectives of Child Wise or any other child protection agency; and is subject to arbitrary expansion by this or future governments and possibly even by non-representative groups and organisations.

3. I agree that “every parent is taught about the dangers of the internet”; it is my belief, and a belief held by many, that the implementation mandatory internet filter would likely lead to an actual reduction in the vigilance of parents in both monitoring and educating their children on using the internet, including by parents viewing the need to do so as less important therefore avoiding the necessary (parental) education.

I hope that Ms McMenamin (and Child Wise) are aware of these issues. If you could explain Child Wise’s position, making specific reference to these and any other publicly debated objectioned points to the mandatory filter that you choose to as additional detail, that would be of great interest to me and I imagine also beneficial to Child Wise’s public support for the filter.

Bradfield Resident
Sydney

Tuesday 08 June 2010


Bradfield Resident
bradfieldresident@gmail.com
https://bradfieldresident.wordpress.com

  • Posted in Cyber Safety Plan, Mail Sent, Sydney Morning Herald | Tagged: , , | 2 Comments »

    Wed 10 Mar 10 | To: Senator Stephen Conroy – Minister for BCDE | Cyber Safety Plan

    Posted by bradfieldresident on 10 March 2010

    [Note: instances of “BDCE” are mistakes, and should be “BCDE” for “Broadband, Communications and the Digital Economy”]

    From: […]
    Date: Wednesday 10 March 2010 00:30 (+11)
    Subject: Cyber Safety Plan
    To: Senator Stephen Conroy – Minister for BCDE
    Cc: Tony Smith MP – Shadow Minister for BDCE, Paul Fletcher MP – Member for Bradfield, Senator Scott Ludlam – Australian Greens spokesperson for BDCE

    Senator Conroy,

    from some time before 11:30pm (AEDT) on Tuesday 09 March 2010 I have been trying to access the “cybersafetyplan” page on the DBCDE website, but, as my browser informs me, “The server at www.dbcde.gov.au is taking too long to respond.”

    How often is this website unavailable? Does the department maintain statistics on availability?

    If the content allegedly provided at http://www.dbcde.gov.au/cybersafetyplan is available in document form (printed or electronic), please have someone in your department forward a copy to me.

    I am also interested to know, since it seems the vast majority of people I have spoken to, or hear or read about in the news, object to a mandatory internet filter, who exactly, aside from your department, are actually in favour of and support it. Indeed, given the severe technical limitations of the proposed filter, I would like to know who proposed and drafted it in the first place.

    I am deeply concerned that the filter, if it is implemented, will use a secret list of web sites, and especially that it could be the case that sites or pages that end up on the list – for whatever reason, legitimate or not – might not have any option to be removed from the list, or even be confirmed as to whether on the list or not. As the minister I am sure you are aware that such a system is obviously and easily open to abuse (either now or in the future) by design, not specifically by the good intentions (or not) of any particular people involved. If you or your department have done a thorough analysis of this risk and its implications, and subsequently found that this risk can, to a very high degree of certainty, be removed, please enlighten me with the department’s answer to this dire threat to freedom and democracy. Without a detailed guarantee of transparency and/or protection (by methodology, not just a promise) from these potential abuses, I cannot believe that the proposed filter is anything other than a tool for censorship; the thin end of the wedge, being hardware, software and processes installed at ISPs, as well as legislation, subject to feature creep, if you will, including unreasonable surveillance and spying on ordinary citizens, as well as reducing the possibilities for free and equitable access to communication (in this case via the medium of the internet).

    As a final note, about one hour since finding the DBCDE website unavailable, I find this still to be the case. A federal government department’s website should not be unavailable for this long without a serious excuse in the order of serious internet backbone failure or sustained denial of service attack. It does, however, serve to illustrate that the government would do better trying to improve access to content instead of actively trying to do the opposite.

    [name]

    [address]

    Email: [email]

    Posted in Cyber Safety Plan, Department of Broadband, Communications and the Digital Economy, Federal Legislation, Federal MPs, Internet, Mail Sent | Tagged: , , , , , , , | Leave a Comment »

    Wed 25 Nov 09 | From: Barry O’Farrell MP | Re: Stop the Coercive and Mandatory Immunisation (NSW) AHFA Petition (reply 2)

    Posted by bradfieldresident on 25 November 2009

    [This letter is in response to an email sent for the Stop the Coercive and Mandatory Immunisation (NSW) petition on the Health Petitions Australia website. Postal mail dated “25 November 2009”, refers to Barry’s 25 Setpember letter, and included the 19 November letter from Carmel Tebbutt MP.]

    Barry O’Farrell MP
    State Member for Ku-ring-gai

    Letter from Barry O'Farrell MP (2009-11-25)

    25 November 2009

    Dear […]

    I refer back to my letter of  25 September regarding immunisation.

    I have received a response form the Minister for Health and a copy is attached.

    I hope that the information is of assistance.

    Yours sincerely

    [signature]

    Barry O’Farrell

    Working for our community

    Phone 9487 8588 Fax 9487 8550 Electorate office 27 Redleaf Avenue, Wahroonga NSW 2076 Email barry@barryofarrell.com Website www.barryofarrell.com

    Posted in Health Petitions Australia, Mail Received, NSW Government, NSW Health, State MPs, Vaccines | Tagged: , | 1 Comment »

    Thu 19 Nov 09 | From: Carmel Tebbutt MP to Barry O’Farrell MP | Re: Stop the Coercive and Mandatory Immunisation (NSW) AHFA Petition

    Posted by bradfieldresident on 19 November 2009

    [This letter was forwarded by Barry O’Farrel MP with his 25 November letter in response to an email sent for the Stop the Coercive and Mandatory Immunisation (NSW) petition on the Health Petitions Australia website.]

    Carmel Tebbutt MP
    Deputy Premier | Minister for Health

    Letter from Carmel Tebbutt MP to Barry O'Farrell MP (2009-11-19)

    19 NOV 2009

    Mr B O’Farrell MP
    Member for Ku-ring-gai
    27 Redleaf Avenue
    WAHROONGA NSW 2076

    [Barry]

    Dear Mr O’Farrell,

    Thank you for your representations on behalf of […], […], concerning immunisation.

    The petition submitted by […] raises concerns about NSW Health Policy Directive PD2007_006 Occupational assessment, screening and vaccination against specified infectious diseases. Health facilities have a duty of care under occupational health and safety legislation to protect their staff, patients and other users of the health system from the risk of preventable illness, injury or death. I am advised that this policy directive provides a safe environment for staff and patients within NSW Health facilities by promoting vaccination against a number of vaccine-preventable infectious diseases.

    I am advised that, under the Policy Directive, health care workers who are existing staff are encouraged to provide evidence of their protection against the specified diseases and are to receive vaccination where they are not already protected against a disease. New recruits and health care students are required to provide evidence of their protection against the specified diseases before they commence work in a clinical area or before they commence their student clinical placements. This is to ensure that they are not placed at risk of acquiring or transmitting one of the infectious diseases when they commence in the workplace.

    The petition then raises a number of concerns about immunisation of infants and children. These arguments have been previously raised by individuals and organisations that are concerned about immunisation. The Australian Government has published a booklet to provide balanced, evidence-based answers to these concerns. The booklet, immunisation myths and realities: responding to arguments against immunisation, 4th edition, is available to order or download from: http://www.immunise.health.gov.au/

    Thank you for bringing […]’s issues to my attention. Should […] require further information, please ask him to contact Su Reid, Senior Policy Officer, Immunisation Unit, NSW Department of Health, on (02) 9391 9210.

    Yours sincerely

    [signature]

    Carmel Tebbutt MP
    Deputy Premier
    Minister for Health

    Level 30, Governor Macquarie Tower | 1 Farrer Place Sydney NSW 2000 | p 9228 4866 | f 9228 4855

    Reference:

    Posted in Health Petitions Australia, NSW Government, NSW Health, State Legislation, State MPs, Vaccines | Tagged: , , | Leave a Comment »

    Fri 06 Nov 09 | To: The Department of Health and Ageing | Private health insurance – legislation

    Posted by bradfieldresident on 6 November 2009

    [This message was posted via the Contact the Department feedback form on the Department of Health and Ageing website]

    091106 health.gov.au - Private health insurance - legislation

    Department of Health and Ageing screenshot

    From: Bradfield Resident
    Date: Friday 6 November 2009 16:06 (+11)  (approx)
    To: The Department of Health and Ageing
    Via: Contact the Department feedback form

    The “Private health insurance – legislation” page
    http://www.health.gov.au/internet/main/publishing.nsf/Content/health-privatehealth-consumers-legislat.htm

    holds a notice, “This page is currently being updated.”

    When was that notice posted, and when will the page actually be updated? The page also shows “Page last modified: 03 June, 2008”.

    Posted in Department of Health & Ageing, Federal Legislation, Mail Sent, Private Health | Leave a Comment »

    Sun 25 Oct 09 | To: Health On the Net | Fwd: Australian Dental Association (ada.org.au) HONcode compliance

    Posted by bradfieldresident on 25 October 2009

    From: Bradfield Resident
    Date: Sunday 25 October 2009 23:31 (+11)
    To: honcodecomplaint@healthonnet.org

    Health On the Net Foundation,

    please refer to the forwarded message below, previously addressed to honcode-en@healthonnet.org on 11 September 2009, which was not answered.

    Bradfield Resident
    Sydney, Australia

    Quoted text:
    Fri 11 Sep 09 | To: Health On the Net Foundation | Australian Dental Association (ada.org.au) HONcode compliance
    Wed 09 Sep 09 | From: Health On the Net | In response to your complaint regarding the site : http://www.ada.org

    Posted in Australian Dental Association, Fluoride, Health On the Net Foundation, Mail Sent, Water Fluoridation | Tagged: | Leave a Comment »

    Tue 29 Sep 09 | From: Jillian Skinner MP | Re: Stop the Coercive and Mandatory Immunisation (NSW) AHFA Petition

    Posted by bradfieldresident on 29 September 2009

    [This letter is in response to an email sent for the Stop the Coercive and Mandatory Immunisation (NSW) petition on the Health Petitions Australia website. Postal mail dated “29 SEP 2009”]

    Jillian Skinner MP
    Member for North Shore
    Deputy NSW Opposition Leader
    Shadow Minister for Health

    Letter from Jillian Skinner MP (2009-09-29)

    Letter from Jillian Skinner MP (2009-09-29)

    29 September 2009

    Dear […]

    Thank you for your email outlining your concerns about the mandatory immunisation of health workers.

    I have reviewed numerous scientific studies into vaccination and have consulted with many groups and individuals, so I do understand that vaccination is an issue that attracts strong views on both sides.

    However, on balance, I believe that there is great value in the effectiveness of vaccines in preventing potentially deadly illnesses, and that it is imperative that health workers are vaccinated to protect both themselves and their patients.

    Thank you again for contacting me about this very important issue.

    Yours sincerely

    [signature]

    Jillian Skinner MP

    Electorate office 3/40 Yeo Street, Neutral Bay 2089 Phone 9909 2594 Fax 9909 2654
    Parliamentary Office Parliament House, Macquarie Street, Sydney 2000 Phone 9230 3080 Fax 9230 3406
    Email jillian.skinner@parliament.nsw.gov.au Website www.jillianskinner.com

    Posted in Health Petitions Australia, Mail Received, NSW Government, NSW Health, State MPs, Vaccines | Tagged: | Leave a Comment »

    Fri 25 Sep 09 | From: Barry O’Farrell MP | Re: Stop the Coercive and Mandatory Immunisation (NSW) AHFA Petition

    Posted by bradfieldresident on 25 September 2009

    [This letter is in response to an email sent for the Stop the Coercive and Mandatory Immunisation (NSW) petition on the Health Petitions Australia website. Postal mail dated “25 September 2009”]

    Barry O’Farrell MP
    State Member for Ku-ring-gai

    Letter from Barry O'Farrell MP (2009-09-25)

    Letter from Barry O'Farrell MP (2009-09-25)

    25 September 2009

    Dear […]

    Thank you for your email of 11 September 2009 concerning immunisation.

    At the outset I have to indicate my own support for immunisation. Using the “precautionary principle” you refer to, allowing some infants and children to avoid immunisation can threaten the health of the mast majority.

    Nevertheless, respecting your views and wishes, I have made representations to the State Health Minister, the Hon Carmel Tebbutt. I will keep you informed of the progress.

    Yours sincerely

    [signature]

    Barry O’Farrell

    Working for our community

    Phone 9487 8588 Fax 9487 8550 Electorate office 27 Redleaf Avenue, Wahroonga NSW 2076 Email barry@barryofarrell.com Website www.barryofarrell.com

    Posted in Health Petitions Australia, Mail Received, NSW Government, NSW Health, State MPs, Vaccines | Tagged: , | 1 Comment »

    Fri 11 Sep 09 | To: The Australian Dental Association | HONcode compliance

    Posted by bradfieldresident on 11 September 2009

    [Note: it appears that the email generated by the contact form bounced, so it is quite possible that no ADA representative received and read it.]

    From: Bradfield Resident <bradfieldresident@gmail.com>
    Date: Friday 11 September 2009 01:31 (+10) (approx)
    To: The Australian Dental Association – Complaints – National (ADA Inc.)
    Via: http://www.ada.org.au/contactus/ContactUs.aspx

    Australian Dental Association,

    I have contacted the Health On the Net Foundation about apparent HONcode compliance violations on the ada.org.au website.

    You can view my correspondence with the Health On the Net Foundation at https://bradfieldresident.wordpress.com

    More specifically under
    https://bradfieldresident.wordpress.com/category/health/organisations/health-on-the-net-foundation-organisations-health/

    You are invited to comment by email addressed to bradfieldresident@gmail.com

    Bradfield Resident
    Friday 11 September 2009

    Posted in Australian Dental Association, Fluoride, Health On the Net Foundation, Mail Sent, Water Fluoridation | Leave a Comment »