Leveson's privacy lessons for business
The Leveson inquiry and the 2Day FM scandal highlight the reputational risks that data breaches pose and the need for businesses to adapt as attitudes to privacy and data protection evolve.
Please check the following:
- {{x.value}}
FREE membership
FREE membership
Join InvestSMART today
{{ twilioFailed ? 'SMS Code Failed to Send…' : 'Enter verification code' }}
Please enter the 5 digit verification code sent to "{{user.DayPhone}}" Change number
We cannot send you a verification code via SMS to "{{user.DayPhone}}" Change number
{{ completedStep1 ? 'Authentication & Security' : content.trialHeading.replace('{0}', user.FirstName) }}
Please enter your mobile number and press send to receive a text message with a verification code.
{{ content.upgradeHeading.replace('{0}', user.FirstName) }}
The email address you entered is registered with InvestSMART
Please login to continue
Thank you
We have sent you an email with the details of your registration.
Purchase order
Sign up
Log in
Looks you are already a member. Please enter your password to proceed
{{ upgradeCTAText }}
Updating information
Please wait ...
Your membership to InvestSMART Group recently failed to renew.
Please make sure your payment details are up to date to continue your membership.
Having trouble renewing?
Please contact Member Services on support@investsmart.com.au or 1300 880 160
You've recently updated your payment details.
It may take a few minutes to update your subscription details, during this time you will not be able to view locked content.
If you are still having trouble viewing content after 10 minutes, try logging out of your account and logging back in.
Still having trouble viewing content?
Please contact Member Services on support@investsmart.com.au or 1300 880 160
Please click on the ACTIVATE button to activate your Intelligent Investor 15-day free trial
Please click on the ACTIVATE button to finalise your membership
Log in
Upgrade Today
Unsuccessful registration
Registration for this event is available only to Eureka Report members. View our membership page for more information.
Registration for this event is available only to Intelligent Investor members. View our membership page for more information.
{{eventFunction.Name}}
{{eventFunction.EventTypeName}}
{{eventFunction.StartDate}}
{{eventFunction.EventTimings}}
{{eventFunction.VenueName}}
{{ t.Cost === 0 ? "FREE" : "$" + t.Cost.toFixed(2) }}
Quantity *
- You are already registered for this event.
- This event is already full.
- Please select a quantity for at least one ticket.
- {{ i }}
Forgotten password
Please enter your email address below to request a new password
Check your inbox
- Verify your email address by clicking on the link we sent to {{user.Email}}
- You now have free access, we look forward to helping you on your financial journey.
Lord Justice Leveson's lecture tour of Australia has attracted attention for his views on Google and social media, however his speeches have a far more important message about the responsibilities of company directors and managers as privacy becomes a business risk.
"Data protection has become one of the burning issues of the day,” UK judge Lord Justice Leveson told the UTS Communications Law Centre privacy conference in Sydney last Friday.
Justice Leveson's inquiry into UK media ethics came into being because of a commercial privacy breach that allowed journalists to access the mobile phone message banks of murder victims, celebrities and anyone else in the news.
As the Leveson inquiry evolved, it became clear that poor privacy practices by businesses and government agencies had been the source of many UK tabloid stories for years and the results of those betrayed confidences had distressed families and cost people their jobs.
Last week's 2Day-FM scandal is a classic privacy breach where a patient's medical condition has been disclosed, and broadcast, due to poor procedures. The results of that have proved to be tragic.
Making privacy issues even more complex is the internet, or as Justice Leveson put, "the elephant in the room.” Easy access to poorly secured information has raised the stakes considerably for private and public organizations.
When computers became common in the 1980s, the information stored by businesses and government agencies exploded. As hard drives became cheaper and the internet appeared, the ability to acquire, store and process data using technologies lumped under the label ‘big data' has become a basic business function.
The arrival of big data is portrayed as manna to marketing folk – and so it is – but it is also a target for enthusiastic journalists, hackers and anyone else interested in peeking into the dealings of customers and staff.
Around the world governments have been reacting to the data explosion by tightening privacy acts. Last month the twenty-five year old Australian Federal privacy act was tightened up with increased penalties for breaches to come into effect in March 2014.
One of the notable points in the amended Australian privacy law is the lifting of the prohibition of storing data offshore implied in the old act which predated the internet and widespread offshoring.
The role of offshore privacy jurisdiction is important as the tightened Australian law still falls short of those in Europe and parts of the United States. In the US, Delta Airlines is facing a law suit from the state of California over not stating the privacy policies of the company's smart phone app.
Earlier this year the internet's big four – Apple, Amazon, Google and Facebook – along with many other major corporations agreed to comply with California's privacy rules. Delta is now facing the consequences of not submitting to the state's legal requirements.
That a smartphone app could get a major US corporation in trouble should be enough to convince directors and executives of the importance of privacy policies. That the law is rapidly evolving in this area should also make businesses think carefully about their obligations.
Much of this discussion isn't new. Similar privacy concerns were raised in the 19th century as new communications and business technologies developed.
Justice Leveson's Sydney speech outlined how much of today's privacy discussion has in common with the past – the arrival of the penny press, the telegraph and later the Kodak box camera created fierce debates about protecting rights and privacy which took nearly a century to be settled.
For the media there's now the challenge of information becoming a commodity, driven by social media users and bloggers, many of whom have servers offshore that enable them to avoid local laws and regulations.
Overseas competitors and product commoditisation aren't just threats to the news media business model. The same issues have radically changed the retail, manufacturing and services industries in recent years. Now privacy considerations have to be added to the challenges facing executives.
Some of the participants at the Sydney conference suggested that businesses need to be held liable for serious privacy breaches and it's hard to see how increased penalties for lapses won't become law in the foreseeable future.
Even without stronger laws being passed, the reputational risks to businesses of data breaches are substantial – as Sony discovered after a series of security lapses in 2011.
The training of staff and changing management views on the value of data is as important as any technological measures. Much of this will change as attitudes to privacy and data evolve.
"Our view of privacy may change,” Justice Leveson said at the conclusion of his Sydney speech, "the question for us in this century will not simply be how to protect it, but what it is that we seek to protect.”
Like many areas, privacy and data protection is evolving as technology changes the way our businesses operate. Lord Justice Leveson's presentations in Sydney and Melbourne should serve to remind business leaders that those changes aren't just risk to media organisations and public servants.
"Data protection has become one of the burning issues of the day,” UK judge Lord Justice Leveson told the UTS Communications Law Centre privacy conference in Sydney last Friday.
Justice Leveson's inquiry into UK media ethics came into being because of a commercial privacy breach that allowed journalists to access the mobile phone message banks of murder victims, celebrities and anyone else in the news.
As the Leveson inquiry evolved, it became clear that poor privacy practices by businesses and government agencies had been the source of many UK tabloid stories for years and the results of those betrayed confidences had distressed families and cost people their jobs.
Last week's 2Day-FM scandal is a classic privacy breach where a patient's medical condition has been disclosed, and broadcast, due to poor procedures. The results of that have proved to be tragic.
Making privacy issues even more complex is the internet, or as Justice Leveson put, "the elephant in the room.” Easy access to poorly secured information has raised the stakes considerably for private and public organizations.
When computers became common in the 1980s, the information stored by businesses and government agencies exploded. As hard drives became cheaper and the internet appeared, the ability to acquire, store and process data using technologies lumped under the label ‘big data' has become a basic business function.
The arrival of big data is portrayed as manna to marketing folk – and so it is – but it is also a target for enthusiastic journalists, hackers and anyone else interested in peeking into the dealings of customers and staff.
Around the world governments have been reacting to the data explosion by tightening privacy acts. Last month the twenty-five year old Australian Federal privacy act was tightened up with increased penalties for breaches to come into effect in March 2014.
One of the notable points in the amended Australian privacy law is the lifting of the prohibition of storing data offshore implied in the old act which predated the internet and widespread offshoring.
The role of offshore privacy jurisdiction is important as the tightened Australian law still falls short of those in Europe and parts of the United States. In the US, Delta Airlines is facing a law suit from the state of California over not stating the privacy policies of the company's smart phone app.
Earlier this year the internet's big four – Apple, Amazon, Google and Facebook – along with many other major corporations agreed to comply with California's privacy rules. Delta is now facing the consequences of not submitting to the state's legal requirements.
That a smartphone app could get a major US corporation in trouble should be enough to convince directors and executives of the importance of privacy policies. That the law is rapidly evolving in this area should also make businesses think carefully about their obligations.
Much of this discussion isn't new. Similar privacy concerns were raised in the 19th century as new communications and business technologies developed.
Justice Leveson's Sydney speech outlined how much of today's privacy discussion has in common with the past – the arrival of the penny press, the telegraph and later the Kodak box camera created fierce debates about protecting rights and privacy which took nearly a century to be settled.
For the media there's now the challenge of information becoming a commodity, driven by social media users and bloggers, many of whom have servers offshore that enable them to avoid local laws and regulations.
Overseas competitors and product commoditisation aren't just threats to the news media business model. The same issues have radically changed the retail, manufacturing and services industries in recent years. Now privacy considerations have to be added to the challenges facing executives.
Some of the participants at the Sydney conference suggested that businesses need to be held liable for serious privacy breaches and it's hard to see how increased penalties for lapses won't become law in the foreseeable future.
Even without stronger laws being passed, the reputational risks to businesses of data breaches are substantial – as Sony discovered after a series of security lapses in 2011.
The training of staff and changing management views on the value of data is as important as any technological measures. Much of this will change as attitudes to privacy and data evolve.
"Our view of privacy may change,” Justice Leveson said at the conclusion of his Sydney speech, "the question for us in this century will not simply be how to protect it, but what it is that we seek to protect.”
Like many areas, privacy and data protection is evolving as technology changes the way our businesses operate. Lord Justice Leveson's presentations in Sydney and Melbourne should serve to remind business leaders that those changes aren't just risk to media organisations and public servants.
Share this article and show your support
Call 1300 880 160
Start a chat
Schedule a call
