sb-au logo
Story image

New report considers consumer rights around personal data

Despite there being regulations and laws around privacy and data, a new report has found that there is no clear standard for access to consumer data.

This includes personal data collected via social media, online searches, telecommunications and leading fitness trackers.

The study, titled Consumer Rights to Personal Data, was conducted by researchers Dr James Meese, Dr Punit Jagasia and Professor James Arvanitakis from the University of Technology Sydney (UTS) and Western Sydney University (WSU).

The goal of the research team was to understand if people can access their own data from a range of communications companies, including social media platforms (Facebook, Instagram, Twitter), online companies (Google), telecommunications companies (Optus, Vodafone, Telstra) and fitness wearables (Fitbit, Apple Watch).

UTS researcher Dr James Meese says, “We established a set of best practice standards, based on what consumers could reasonably expect from companies, and then we assessed how each company performed against these standards.”

“While all companies were compliant with the data access procedures required under the Privacy Act, and provided the data that they were legally required to, we found that many companies failed to provide all the user data they were collecting,” Meese says.

The data provided by the communications companies was not always provided in a portable format, which meant that at times consumers could not transfer data to other service providers, the research found.

In some cases, it was also hard to interpret the data provided, which suggests there is scope for companies to improve the way they present data in order to assist consumer understanding, according to the study.

The report also considers the introduction of a Consumer Data Right (CDR), following on from these results and the growing information disconnect between consumers and companies.

The reform aims to simplify and standardise the process of accessing and transferring data, however the report notes that a range of valid stakeholder and consumer concerns are not adequately addressed in the draft bill.

Meese says, “The CDR should form part of a broader suite of comprehensive data rights for consumers.”

The report also notes that a range of government bodies are conducting reviews of privacy related issues.

It suggests the Federal government should wait until these reports are complete before introducing the CDR as part of a broader suite of data rights for Australian consumers.

The Consumer Rights to Personal Data study was funded by a grant from the Australian Communications Consumer Action Network and is available on the ACCAN website.

The project also produced a set of guides to help consumers understand existing data access procedures and a Facebook data visualiser to help consumers make sense of the Facebook data currently provided to them.

Story image
Businesses can save on the hefty cost of a security breach if they're honest
SMBs and enterprises that disclose breaches proactively tend to experience 40% less financial damage, according to new research from Kaspersky. More
Story image
CyberArk launches Forescout and Phosphorus integration to aid with IoT security
“Through our integration with Forescout and Phosphorus, CyberArk dramatically improves security and compliance, and alleviates the burden on IT and security teams."More
Story image
Cybermerc launches AU cyber threat intelligence platform, AUSHIELD
So far Australian National University, Fortinet, Anomali, Elastic, Vault Cloud, and startups SecureStack and Countersight have joined the project.More
Story image
Why 2021 will be the year of catch-up
The transition to remote work and new online contactless business models is not temporary and is affecting the future strategy on how organisations invest in cybersecurity, writes Radware vice president and managing director for EMEA and LATAM, Rob Hartley.More
Story image
Frost & Sullivan: Firewalls to drive network security market
Enterprises’ heightened threats from criminal entities and state-sponsored actors are strongly encouraging them to adopt network security solutions.More
Story image
Video: 10 Minute IT Jams - Vectra AI exec discusses cybersecurity for Office 365
In Techday's second IT Jam with Vectra AI, we speak again with its head of security engineering Chris Fisher, who discusses the organisational impact of security breaches within Microsoft O365, why these attacks are on the rise, and what steps organisations should take to protect employees from attacks.More