sb-au logo
Story image

New report considers consumer rights around personal data

Despite there being regulations and laws around privacy and data, a new report has found that there is no clear standard for access to consumer data.

This includes personal data collected via social media, online searches, telecommunications and leading fitness trackers.

The study, titled Consumer Rights to Personal Data, was conducted by researchers Dr James Meese, Dr Punit Jagasia and Professor James Arvanitakis from the University of Technology Sydney (UTS) and Western Sydney University (WSU).

The goal of the research team was to understand if people can access their own data from a range of communications companies, including social media platforms (Facebook, Instagram, Twitter), online companies (Google), telecommunications companies (Optus, Vodafone, Telstra) and fitness wearables (Fitbit, Apple Watch).

UTS researcher Dr James Meese says, “We established a set of best practice standards, based on what consumers could reasonably expect from companies, and then we assessed how each company performed against these standards.”

“While all companies were compliant with the data access procedures required under the Privacy Act, and provided the data that they were legally required to, we found that many companies failed to provide all the user data they were collecting,” Meese says.

The data provided by the communications companies was not always provided in a portable format, which meant that at times consumers could not transfer data to other service providers, the research found.

In some cases, it was also hard to interpret the data provided, which suggests there is scope for companies to improve the way they present data in order to assist consumer understanding, according to the study.

The report also considers the introduction of a Consumer Data Right (CDR), following on from these results and the growing information disconnect between consumers and companies.

The reform aims to simplify and standardise the process of accessing and transferring data, however the report notes that a range of valid stakeholder and consumer concerns are not adequately addressed in the draft bill.

Meese says, “The CDR should form part of a broader suite of comprehensive data rights for consumers.”

The report also notes that a range of government bodies are conducting reviews of privacy related issues.

It suggests the Federal government should wait until these reports are complete before introducing the CDR as part of a broader suite of data rights for Australian consumers.

The Consumer Rights to Personal Data study was funded by a grant from the Australian Communications Consumer Action Network and is available on the ACCAN website.

The project also produced a set of guides to help consumers understand existing data access procedures and a Facebook data visualiser to help consumers make sense of the Facebook data currently provided to them.

Story image
Thales: A/NZ cybersecurity approach more talk than action
“While some organisations are talking a good story … predicted spending shows that most have the wrong focus.”More
Story image
Ripple20 threat has potential for 'vast exploitation', ExtraHop researchers find
One in three IT environments are vulnerable to a cyber threat known as Ripple20. This is according to a new report from ExtraHop, a cloud-native network detection and response solutions provider. More
Download image
74% of APAC IT leaders say security culture is essential to business success
You can join these leaders in designing security awareness and training with your employees in mind.More
Story image
Check Point acquires Odo Security to bolster remote security offering
The deal will integrate Odo’s remote access software with Check Point’s Inifinity architecture, bolstering the latter company’s remote security capabilities in a time where working and learning from home has become the norm, and looks to largely remain that way in the near future.More
Link image
Webcast series: The necessary tools to secure a remote workforce
Experts from across the A/NZ region discuss the best security practices in a remote working world - with sessions available on the first Thursday of every month.More
Story image
APAC organisations struggle to find balance between digital adoption and cybersecurity
Organisations in the Asia Pacific (APAC) region are significantly concerned about security threats, but nevertheless are looking to advance operations through digital adoption.More