Placeholder Content Image

Why do organisations still struggle to protect our data? We asked 50 professionals on the privacy front line

<div class="theconversation-article-body"> <p><em><a href="https://theconversation.com/profiles/jane-andrew-10314">Jane Andrew</a>, <a href="https://theconversation.com/institutions/university-of-sydney-841">University of Sydney</a>; <a href="https://theconversation.com/profiles/dr-penelope-bowyer-pont-1550191">Dr Penelope Bowyer-Pont</a>, <a href="https://theconversation.com/institutions/university-of-sydney-841">University of Sydney</a>, and <a href="https://theconversation.com/profiles/max-baker-25553">Max Baker</a>, <a href="https://theconversation.com/institutions/university-of-sydney-841">University of Sydney</a></em></p> <p>More of our personal data is now collected and stored online than ever before in history. The rise of data breaches should unsettle us all.</p> <p>At an individual level, data breaches can compromise our privacy, cause harm to our finances and mental health, and even enable identity theft.</p> <p>For organisations, the repercussions can be equally severe, often resulting in major financial losses and brand damage.</p> <p>Despite the increasing importance of protecting our personal information, doing so remains fraught with challenges.</p> <p>As part of a <a href="http://www.doi.org/10.25910/psq3-q365">comprehensive study</a> of data breach notification practices, we interviewed 50 senior personnel working in information security and privacy. Here’s what they told us about the multifaceted challenges they face.</p> <h2>What does the law actually say?</h2> <p>Data breaches occur whenever personal information is accessed or disclosed without authorisation, or even lost altogether. <a href="https://www.abc.net.au/news/2024-06-20/optus-hack/104002682">Optus</a>, <a href="https://www.abc.net.au/news/2022-11-09/medibank-data-release-dark-web-hackers/101632088">Medibank</a> and <a href="https://www.afr.com/technology/canva-criticised-after-data-breach-exposed-139m-user-details-20190526-p51r8i">Canva</a> have all experienced high-profile incidents in recent years.</p> <p>Under Australia’s <a href="https://www8.austlii.edu.au/cgi-bin/viewdb/au/legis/cth/consol_act/pa1988108/">privacy laws</a>, organisations aren’t allowed to sweep major cyber attacks under the rug.</p> <p>They have to notify both the regulator – the Office of the Australian Information Commissioner (OAIC) – and any affected individuals of breaches that are likely to result in “<a href="https://www8.austlii.edu.au/cgi-bin/viewdb/au/legis/cth/consol_act/pa1988108/#:%7E:text=Whether%20access%20or%20disclosure%20would%20be%20likely%2C%20or%20would%20not%20be%20likely%2C%20to%20result%20in%20serious%20harm%2D%2Drelevant%20matters%20%C2%A0">serious harm</a>”.</p> <p>But according to the organisational leaders we interviewed, this poses a tricky question. How do you define serious harm?</p> <p>Interpretations of what “serious harm” actually means – and how likely it is to occur – vary significantly. This inconsistency can make it impossible to predict the specific impact of a data breach on an individual.</p> <p>Victims of domestic violence, for example, may be at increased risk when personal information is exposed, creating harms that are difficult to foresee or mitigate.</p> <h2>Enforcing the rules</h2> <p>Interviewees also had concerns about how well the regulator could provide guidance and enforce data protection measures.</p> <p>Many expressed a belief the OAIC is underfunded and lacks the authority to impose and enforce fines properly. The consensus was that the challenge of protecting our data has now outgrown the power and resources of the regulator.</p> <p>As one chief information security officer at a publicly listed company put it:</p> <blockquote> <p>What’s the point of having speeding signs and cameras if you don’t give anyone a ticket?</p> </blockquote> <p>A lack of enforcement can undermine the incentive for organisations to invest in robust data protection.</p> <h2>Only the tip of the iceberg</h2> <p>Data breaches are also underreported, particularly in the corporate sector.</p> <p>One senior cybersecurity consultant from a major multinational company told us there is a strong incentive for companies to minimise or cover up breaches, to avoid embarrassment.</p> <p>This culture means many breaches that should be reported simply aren’t. One senior public servant estimated only about 10% of reportable breaches end up actually being disclosed.</p> <p>Without this basic transparency, the regulator and affected individuals can’t take necessary steps to protect themselves.</p> <h2>Third-party breaches</h2> <p>Sometimes, when we give our personal information to one organisation, it can end up in the hands of another one we might not expect. This is because key tasks – especially managing databases – are often outsourced to third parties.</p> <p>Outsourcing tasks might be a more efficient option for an organisation, but it can make protecting personal data even more complicated.</p> <p>Interviewees told us breaches were more likely when engaging third-party providers, because it limited the control they had over security measures.</p> <p>Between July and December 2023 in Australia, there was an increase of <a href="https://www.oaic.gov.au/privacy/notifiable-data-breaches/notifiable-data-breaches-publications/notifiable-data-breaches-report-july-to-december-2023">more than 300%</a> in third-party data breaches compared to the six months prior.</p> <p>There have been some highly publicised examples.</p> <p>In May this year, many Clubs NSW customers had their personal information potentially <a href="https://www.rimpa.com.au/resource/more-than-a-million-australian-data-records-potentially-exposed-in-nsw-club-and-pub-data-breach.html#:%7E:text=Outabox%2C%20the%20IT%20services%20provider,and%20has%20notified%20law%20enforcement">breached</a> through an attack on third-party software provider Outabox.</p> <p>Bunnings suffered a <a href="https://australiancybersecuritymagazine.com.au/bunnings-customer-data-compromised/">similar breach</a> in late 2021, via an attack on scheduling software provider FlexBooker.</p> <h2>Getting the basics right</h2> <p>Some organisations are still struggling with the basics. Our research found many data breaches occur because outdated or “legacy” data systems are still in use.</p> <p>These systems are old or inactive databases, often containing huge amounts of personal information about all the individuals who’ve previously interacted with them.</p> <p>Organisations tend to hold onto personal data longer than is legally required. This can come down to confusion about data-retention requirements, but also the high cost and complexity of safely decommissioning old systems.</p> <p>One chief privacy officer of a large financial services institution told us:</p> <blockquote> <p>In an organisation like ours where we have over 2,000 legacy systems […] the systems don’t speak to each other. They don’t come with big red delete buttons.</p> </blockquote> <p>Other interviewees flagged that risky data testing practices are widespread.</p> <p>Software developers and tech teams often use “production data” – real customer data – to test new products. This is often quicker and cheaper than creating test datasets.</p> <p>However, this practice exposes real customer information to insecure testing environments, making it more vulnerable. A senior cybersecurity specialist told us:</p> <blockquote> <p>I’ve seen it so much in every industry […] It’s literally live, real information going into systems that are not live and real and have low security.</p> </blockquote> <h2>What needs to be done?</h2> <p>Drawing insights from professionals at the coalface, our study highlights just how complex data protection has become in Australia, and how quickly the landscape is evolving.</p> <p>Addressing these issues will require a multi-pronged approach, including clearer legislative guidelines, better enforcement, greater transparency and robust security practices for the use of third-party providers.</p> <p>As the digital world continues to evolve, so too must our strategies for protecting ourselves and our data.<!-- Below is The Conversation's page counter tag. Please DO NOT REMOVE. --><img style="border: none !important; box-shadow: none !important; margin: 0 !important; max-height: 1px !important; max-width: 1px !important; min-height: 1px !important; min-width: 1px !important; opacity: 0 !important; outline: none !important; padding: 0 !important;" src="https://counter.theconversation.com/content/236681/count.gif?distributor=republish-lightbox-basic" alt="The Conversation" width="1" height="1" /><!-- End of code. If you don't see any code above, please get new code from the Advanced tab after you click the republish button. The page counter does not collect any personal data. More info: https://theconversation.com/republishing-guidelines --></p> <p><em><a href="https://theconversation.com/profiles/jane-andrew-10314">Jane Andrew</a>, Professor, Head of the Discipline of Accounting, Governance and Regulation, University of Sydney Business School, <a href="https://theconversation.com/institutions/university-of-sydney-841">University of Sydney</a>; <a href="https://theconversation.com/profiles/dr-penelope-bowyer-pont-1550191">Dr Penelope Bowyer-Pont</a>, Researcher, <a href="https://theconversation.com/institutions/university-of-sydney-841">University of Sydney</a>, and <a href="https://theconversation.com/profiles/max-baker-25553">Max Baker</a>, Associate professor, <a href="https://theconversation.com/institutions/university-of-sydney-841">University of Sydney</a></em></p> <p><em>Image credits: Shutterstock </em></p> <p><em>This article is republished from <a href="https://theconversation.com">The Conversation</a> under a Creative Commons license. Read the <a href="https://theconversation.com/why-do-organisations-still-struggle-to-protect-our-data-we-asked-50-professionals-on-the-privacy-front-line-236681">original article</a>.</em></p> </div>

Legal

Placeholder Content Image

Attempts to access Kate Middleton’s medical records are no surprise. Such breaches are all too common

<p><a href="https://theconversation.com/profiles/bruce-baer-arnold-1408">Bruce Baer Arnold</a>, <em><a href="https://theconversation.com/institutions/university-of-canberra-865">University of Canberra</a></em></p> <p>The <a href="https://www.abc.net.au/news/2024-03-20/claim-hospital-staff-tried-to-access-kate-middleton-health-info/103608066">alleged</a> data breach involving Catherine, Princess of Wales tells us something about health privacy. If hospital staff can apparently access a future queen’s medical records without authorisation, it can happen to you.</p> <p>Indeed it may have already happened to you, given many breaches of health data go under the radar.</p> <p>Here’s why breaches of health data keep on happening.</p> <h2>What did we learn this week?</h2> <p>Details of the alleged data breaches, by <a href="https://www.mirror.co.uk/news/royals/breaking-kate-middleton-three-london-32401247">up to three staff</a> at The London Clinic, emerged in the UK media this week. These breaches are alleged to have occurred after the princess had abdominal surgery at the private hospital earlier this year.</p> <p>The UK Information Commissioner’s Office <a href="https://ico.org.uk/about-the-ico/media-centre/news-and-blogs/2024/03/ico-statement-in-response-to-reports-of-data-breach-at-the-london-clinic/">is investigating</a>. Its report should provide some clarity about what medical data was improperly accessed, in what form and by whom. But it is unlikely to identify whether this data was given to a third party, such as a media organisation.</p> <h2>Health data isn’t always as secure as we’d hope</h2> <p>Medical records are inherently sensitive, providing insights about individuals and often about biological relatives.</p> <p>In an ideal world, only the “right people” would have access to these records. These are people who “need to know” that information and are aware of the responsibility of accessing it.</p> <p>Best practice digital health systems typically try to restrict overall access to databases through hack-resistant firewalls. They also try to limit access to specific types of data through grades of access.</p> <p>This means a hospital accountant, nurse or cleaner does not get to see everything. Such systems also incorporate blocks or alarms where there is potential abuse, such as unauthorised copying.</p> <p>But in practice each health records ecosystem – in GP and specialist suites, pathology labs, research labs, hospitals – is less robust, often with fewer safeguards and weaker supervision.</p> <h2>This has happened before</h2> <p>Large health-care providers and insurers, including major hospitals or chains of hospitals, have a <a href="https://www.theguardian.com/australia-news/2023/dec/22/st-vincents-health-australia-hack-cyberattack-data-stolen-hospital-aged-care-what-to-do">worrying</a> <a href="https://www.afr.com/technology/medical-information-leaked-in-nsw-health-hack-20210608-p57z7k">history</a> of <a href="https://www.innovationaus.com/oaic-takes-pathology-company-to-court-over-data-breach/">digital breaches</a>.</p> <p>Those breaches include hackers accessing the records of millions of people. The <a href="https://www.theguardian.com/world/2022/nov/11/medical-data-hacked-from-10m-australians-begins-to-appear-on-dark-web">Medibank</a> data breach involved more than ten million people. The <a href="https://www.hipaajournal.com/healthcare-data-breach-statistics/">Anthem</a> data breach in the United States involved more than 78 million people.</p> <p>Hospitals and clinics have also had breaches specific to a particular individual. Many of those breaches involved unauthorised sighting (and often copying) of hardcopy or digital files, for example by nurses, clinicians and administrative staff.</p> <p>For instance, this has happened to public figures such as <a href="https://www.latimes.com/archives/la-xpm-2008-mar-15-me-britney15-story.html">singer</a> <a href="https://journals.lww.com/healthcaremanagerjournal/abstract/2009/01000/health_information_privacy__why_trust_matters.11.aspx">Britney Spears</a>, actor <a href="https://www.nytimes.com/2007/10/10/nyregion/10clooney.html">George Clooney</a> and former United Kingdom prime minister <a href="https://www.theguardian.com/uk-news/2024/mar/20/when-fame-and-medical-privacy-clash-kate-and-other-crises-of-confidentiality">Gordon Brown</a>.</p> <p>Indeed, the Princess of Wales has had her medical privacy breached before, in 2012, while in hospital pregnant with her first child. This was no high-tech hacking of health data.</p> <p>Hoax callers from an Australian radio station <a href="https://theconversation.com/did-2day-fm-break-the-law-and-does-it-matter-11250">tricked</a> hospital staff into divulging details over the phone of the then Duchess of Cambridge’s health care.</p> <h2>Tip of the iceberg</h2> <p>Some unauthorised access to medical information goes undetected or is indeed undetectable unless there is an employment dispute or media involvement. Some is identified by colleagues.</p> <p>Records about your health <em>might</em> have been improperly sighted by someone in the health system. But you are rarely in a position to evaluate the data management of a clinic, hospital, health department or pathology lab.</p> <p>So we have to trust people do the right thing.</p> <h2>How could we improve things?</h2> <p>Health professions have long emphasised the need to protect these records. For instance, medical ethics bodies <a href="https://www.bmj.com/content/350/bmj.h2255">condemn</a> medical students who <a href="https://www.abc.net.au/news/2014-04-14/picture-sharing-app-for-doctors-raises-privacy-concerns/5389226">share</a> intimate or otherwise inappropriate images of patients.</p> <p>Different countries have various approaches to protecting who has access to medical records and under what circumstances.</p> <p>In Australia, for instance, we have a mix of complex and inconsistent laws that vary across jurisdictions, some covering privacy in general, others specific to health data. There isn’t one comprehensive law and set of standards <a href="https://theconversation.com/governments-privacy-review-has-some-strong-recommendations-now-we-really-need-action-200079">vigorously administered</a> by one well-resourced watchdog.</p> <p>In Australia, it’s mandatory to report <a href="https://www.oaic.gov.au/privacy/notifiable-data-breaches">data breaches</a>, including breaches of health data. This reporting system is currently <a href="https://theconversation.com/governments-privacy-review-has-some-strong-recommendations-now-we-really-need-action-200079">being updated</a>. But this won’t necessarily prevent data breaches.</p> <p>Instead, we need to incentivise Australian organisations to improve how they handle sensitive health data.</p> <p>The best policy <a href="https://onlinelibrary.wiley.com/doi/full/10.1111/1475-4932.12693">nudges</a> involve increasing penalties for breaches. This is so organisations act as responsible custodians rather than negligent owners of health data.</p> <p>We also need to step-up enforcement of data breaches and make it easier for victims to sue for breaches of privacy – princesses and tradies alike.<!-- Below is The Conversation's page counter tag. Please DO NOT REMOVE. --><img style="border: none !important; box-shadow: none !important; margin: 0 !important; max-height: 1px !important; max-width: 1px !important; min-height: 1px !important; min-width: 1px !important; opacity: 0 !important; outline: none !important; padding: 0 !important;" src="https://counter.theconversation.com/content/226303/count.gif?distributor=republish-lightbox-basic" alt="The Conversation" width="1" height="1" /><!-- End of code. If you don't see any code above, please get new code from the Advanced tab after you click the republish button. The page counter does not collect any personal data. More info: https://theconversation.com/republishing-guidelines --></p> <p><a href="https://theconversation.com/profiles/bruce-baer-arnold-1408">Bruce Baer Arnold</a>, Associate Professor, School of Law, <em><a href="https://theconversation.com/institutions/university-of-canberra-865">University of Canberra</a></em></p> <p><em>This article is republished from <a href="https://theconversation.com">The Conversation</a> under a Creative Commons license. Read the <a href="https://theconversation.com/attempts-to-access-kate-middletons-medical-records-are-no-surprise-such-breaches-are-all-too-common-226303">original article</a>.</em></p> <p><em>Images: Getty</em></p>

Legal

Placeholder Content Image

Investigation launched over "major security breach" at Princess Kate's hospital

<p>New reports have claimed that there was an alleged security breach at the hospital where the Princess of Wales was treated, and an internal investigation is currently underway. </p> <p>According to the <em>Daily Mirror's </em>Royal Editor Russell Myers, bosses at The London Clinic have launched a probe into the claims that Kate Middleton's confidentiality was breached by staff.</p> <p>"The reason [for the alleged investigation] is that there is allegations that a member of staff accessed her private medical records," Myers, said on <em>Today </em>this morning.</p> <p>He also described it as "a major security breach," citing an unidentified insider who claims that Kensington Palace was contacted by the hospital bosses  immediately after the alleged incident and "assured the Palace there would be a full investigation."</p> <p>"Kensington Palace and indeed the Princess of Wales have been extremely guarded about the nature of the surgery," he added. </p> <p>"Sources have told me that it's something she may wish to discuss in the future but it is a private medical matter now in the UK."</p> <p>Myers also claimed that he had spoken with London's Metropolitan Police, but said that they "haven't confirmed they are involved" at this stage.</p> <p>Just yesterday, Myers commented on the footage of Princess Kate <a href="https://www.oversixty.com.au/health/caring/princess-kate-filmed-in-public-for-the-first-time-since-christmas" target="_blank" rel="noopener">out in public </a>for the first time since Christmas, calling it "the video that everybody had been clambering for."</p> <p>"The main thing is, Kate looks very happy and fully healthy," Myers said on the <em>Today</em> show. </p> <p>Kensington Palace and The London Clinic have not provided a comment on the matter at this stage. </p> <p>The Princess of Wales is expected to return to her royal duties after easter. </p> <p><em>Images: Getty</em></p>

Legal

Placeholder Content Image

"Disparaging and insulting": Kyle Sandilands found in breach of decency rules

<p>The Australian Communications and Media Authority (ACMA) found that Kyle Sandilands breached the decency rules over the <a href="https://www.oversixty.com.au/health/caring/kyle-sandilands-under-fire-for-hurtful-monkeypox-comments" target="_blank" rel="noopener">monkeypox comments</a> he made on-air in <em>The Kyle and Jackie O </em>show <span style="font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen, Ubuntu, Cantarell, 'Open Sans', 'Helvetica Neue', sans-serif;">last year</span><span style="font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen, Ubuntu, Cantarell, 'Open Sans', 'Helvetica Neue', sans-serif;">. </span></p> <p>The ACMA found that he breached the Commercial Radio Code of Practice with "offensive, exclusionary comments explicitly aimed at the presumed conduct of gay men". </p> <p>"The ACMA found that the overall sentiment of the segment stereotyped gay men as irresponsible in regard to their sexual health," the media watchdog found. </p> <p>"This made them the prime carriers of a virus that presented a danger to the community and, as a result, they were not deserving of sympathy or compassion."</p> <p>Monkeypox was declared a global health emergency in July 2022. </p> <p>At the time, Sandilands called the virus "the big gay disease" and that "it’s only gays getting it." </p> <p>In defence of Sandilands' comments, the broadcaster told the ACMA the segment may have contained "unfavourable descriptions of those susceptible to the virus, being homosexual males".</p> <p>They also claimed that the segment was "well-intended" in terms of bringing awareness to the community about the public health risk around the transmission of the virus and the availability of a vaccine. </p> <p>They also said that there was an insufficient amount of content that demonstrated  "ill-will towards (the) LGBTQIA+ community."</p> <p>However, ACMA Chairperson Nerida O'Loughlin called the comments "derisive and insulting". </p> <p>"We acknowledge that the program's audience does not expect the presentation style of either the program or the presenter to always be formal and nuanced," O'Loughlin said. </p> <p>"Although there was a basis at the time for a public discussion about mpox that involved reference to gay sexuality, the segment went beyond any acceptable standards by conveying that gay men were irresponsible, were a risk to the community and did not deserve any sympathy even when presenting for medical assistance."</p> <p>"Broadcasters have a responsibility to maintain appropriate levels of decency, and in this case the comments by Sandilands were overly disparaging and insulting."</p> <p><em>KIIS</em> have agreed to deliver sensitivity training to the hosts, producers, censors and other staff. </p> <p>They must also report back to the ACMA on their progress every six months for  two years. </p> <p><em>Images: KIIS FM</em></p>

Legal

Placeholder Content Image

Why Channel 10 is suing its former star host

<p>Channel 10 is suing its former political editor, Peter van Onselen, for an alleged breach of contract after he wrote a column tearing into his former employer’s business skills.</p> <p>Anonymous sources told news.com.au that Mr van Onselen signed a non-disparagement clause and received a financial settlement after leaving the network.</p> <p>He had announced he was returning to academia, leaving his daily political news role at Ten in March 2023 after four years. It followed reports he had become tired of the commute from Sydney to Canberra.</p> <p>“I’ve only been doing this for four years ... We sometimes forget the sacrifices they make!” he wrote.</p> <p>It’s believed that the alleged breach of contract that Ten Network has initiated action over relates to that secret clause, which required him not to badmouth the network.</p> <p><span style="font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen, Ubuntu, Cantarell, 'Open Sans', 'Helvetica Neue', sans-serif;">However, it’s now the court’s decision to decide whether his column — which only referred to publicly available information about the network — constitutes a breach, or whether he should be free to make such observations in his role as commentator.</span></p> <p>In The Australian on May 25, <a href="https://www.theaustralian.com.au/subscribe/news/1/?sourceCode=TAWEB_WRE170_a&dest=https%3A%2F%2Fwww.theaustralian.com.au%2Fbusiness%2Fmedia%2Fparamount-woes-raise-questions-about-the-long-term-viability-of-network-10%2Fnews-story%2Fe2dbfb95698c1eca1cb78f0dfd858c22&memtype=anonymous&mode=premium&v21=dynamic-low-control-score&V21spcbehaviour=append" target="_blank" rel="noopener">Mr van Onselen wrote</a> that Ten’s parent company, Paramount, was unlikely to have a promising future.</p> <p>“Paramount’s share price has plummeted more than 30 per cent in the past month, down more than 50 per cent in just a year,” he wrote.</p> <p>“You could choose to be a little more upbeat about Paramount (and Network 10’s) future if the streaming part of the business was firing, but it’s not.</p> <p>“So what does all of this mean for Network 10? It could be fine, limping along with little attention paid to it by its big overseas owner … Since that time the network’s ratings have slowly ebbed lower and lower, elongating the divide between it and its more successful commercial rivals in Australia.”</p> <p>Mr van Onselen also revealed during his tenure that NSW Premier Gladys Berejiklian criticised Scott Morrison in private text messages.</p> <p><em>Image credit: Getty</em></p>

Legal

Placeholder Content Image

Huge fallout after panicked passenger opens exit door midflight

<p>Asiana Airlines has immediately stopped offering its emergency exit seats after a passenger opened a door during a flight over South Korea on May 26, sparking panic inside the plane.</p> <p>Passengers will no longer be seated in emergency exit seats on its 174-seat A321-200 aircrafts and the 195-seat A321-200s, as a safety measure.</p> <p>According to airline officials, the man, 33, who opened the door was seated near the emergency exit.</p> <p>During preliminary questioning, the 33-year-old told investigators that he felt suffocated and tried to get off the plane quickly, police reported.</p> <p>Twelve people suffered minor injuries as a result, with air blasting in the cabin and terrifying passengers.</p> <p>Some testified they suffered severe ear pain and saw others screaming and crying.</p> <p>A video shared on social media shows passengers’ hair being whipped by air blowing into the cabin.</p> <p>The emergency exit doors usually cannot be opened mid-flight due to the difference in air pressure inside and outside the plane.</p> <p>However, the 33-year-old managed to open the door likely because the plane was flying at a low altitude while preparing to land and there wasn’t much difference to pressure, Asiana Airlines officials report.</p> <blockquote class="twitter-tweet"> <p dir="ltr" lang="en">(warning: distressing)</p> <p>A man traveling on an Asiana Airlines flight opened the plane's cabin door minutes before it came in for its planned landing. <a href="https://t.co/QUIUXuVDgD">pic.twitter.com/QUIUXuVDgD</a></p> <p>— NowThis (@nowthisnews) <a href="https://twitter.com/nowthisnews/status/1662179612804149249?ref_src=twsrc%5Etfw">May 26, 2023</a></p></blockquote> <p>The Transport Ministry said the plane was at 213 metres when the man pulled the door open.</p> <p>The aircraft, which was flying to the city of Daegu from the southern island of Jeju was carrying 200 passengers and landed safely.</p> <p>Passengers onboard included teenage athletes on their way to a track and field competition, according to Asiana Airlines.</p> <p>The 33-year-old told authorities that he had wanted to get out of the plane because he felt suffocated, <em>Yonhap</em> news agency reported, citing police.</p> <p><em>Yonhap</em> said the man told police he had suffered stress after losing his job recently.</p> <p>A district court in Daegu has since approved a warrant to formally arrest him.</p> <p>"I wanted to get off the plane soon," the man told reporters at the court ahead of his arrest warrant review.</p> <p>"I'm really sorry to kids," he said, likely referencing the teenage athletes.</p> <p>Daegu police said they have up to 20 days to investigate the man before determining whether to send him to prosecutors for a possible indictment.</p> <p>If convicted, he faces a maximum sentence of 10 years in prison for breaching the aviation security law that bans passengers from handling entry doors, emergency exit doors and other equipment on board, according to the Transport Ministry.</p> <p>Those who were taken to hospitals were primarily treated for minor issues such as breathing difficulties.</p> <p><em>Image credit: Twitter</em></p>

Travel Trouble

Placeholder Content Image

Optus data breach: regulatory changes announced, but legislative reform still needed

<p>In response to Australia’s biggest ever data breach, the federal government will <a href="https://ministers.treasury.gov.au/ministers/jim-chalmers-2022/media-releases/changes-protect-consumers-following-optus-data-breach" target="_blank" rel="noopener">temporarily suspend regulations</a> that stop telcos sharing customer information with third parties.</p> <p>It’s a necessary step to deal with the threat of identify theft faced by 10 million current and former Optus customers. It will allow Optus to work with banks and government agencies to detect and prevent the fraudulent use of their data.</p> <p>But it’s still only a remedial measure, intended to be in place for 12 months. More substantive reform is needed to tighten Australia’s loose approach to data privacy and protection.</p> <h2>Changing regulations, not legislation</h2> <p>The changes – <a href="https://ministers.treasury.gov.au/ministers/jim-chalmers-2022/media-releases/changes-protect-consumers-following-optus-data-breach" target="_blank" rel="noopener">announced</a> by Treasurer Jim Chalmers and Federal Communications Minister Michelle Rowland – involve amending the <a href="https://www.legislation.gov.au/Details/F2022C00329" target="_blank" rel="noopener">Telecommunications Regulation 2021</a>.</p> <p>This a piece of “subordinate” or “<a href="https://peo.gov.au/understand-our-parliament/your-questions-on-notice/questions/whats-the-difference-between-a-legislative-act-and-a-regulation/" target="_blank" rel="noopener">delegated law</a>” to the <a href="https://www.legislation.gov.au/Series/C2004A05145" target="_blank" rel="noopener">Telecommunications Act 1997</a>. Amending the act itself would require a vote of parliament. Regulations can be amended at the government’s discretion.</p> <p>Under the Telecommunications Act it is a criminal offence for telcos to share information about “the affairs or personal particulars of another person”.</p> <p>The only exceptions are sharing information with the <a href="https://www.infrastructure.gov.au/media-communications-arts/phone/services-people-disability/accesshub/national-relay-service" target="_blank" rel="noopener">National Relay Service</a> (which enables those with hearing or speech disabilities to communicate by phone), to “authorised research entities” such as universities, public health agencies or electoral commissions, or to police and intelligence agencies <a href="https://www.homeaffairs.gov.au/about-us/our-portfolios/national-security/lawful-access-telecommunications/telecommunications-interception-and-surveillance" target="_blank" rel="noopener">with a warrant</a>.</p> <p>That means Optus can’t tell banks or even government agencies set up to prevent identity fraud, such as the little-known <a href="https://www.afr.com/companies/telecommunications/banks-treasury-team-up-to-protect-optus-customers-20220928-p5blm3" target="_blank" rel="noopener">Australian Financial Crime Exchange</a>, who the affected customers are.</p> <h2>Important safeguards</h2> <p>The government says the changes will only allow the sharing of “<a href="https://ministers.treasury.gov.au/ministers/jim-chalmers-2022/media-releases/changes-protect-consumers-following-optus-data-breach" target="_blank" rel="noopener">approved government identifier information</a>” – driver’s licences, Medicare and passport numbers.</p> <p>This information can only be shared with government agencies or financial institutions <a href="https://www.apra.gov.au/register-of-authorised-deposit-taking-institutions" target="_blank" rel="noopener">regulated by</a> the Australian Prudential Regulatory Authority. This means Optus (or any other telco) won’t be able to share information with the Australian branches of foreign banks.</p> <p>Financial institutions will also have to meet strict requirements about secure methods for transferring and storing personal information shared with them, and make undertakings to the Australian Competition and Consumer Commission (<a href="https://www.accc.gov.au/publications/section-87b-of-the-competition-consumer-act" target="_blank" rel="noopener">which can be enforced in court</a>).</p> <p>The information can be shared only “for the sole purposes of preventing or responding to cybersecurity incidents, fraud, scam activity or identify theft”. Any entity receiving information must destroy it after using it for this purpose.</p> <p>These are incredibly important safeguards given the current lack of limits on how long companies can keep identity data.</p> <h2>What is needed now</h2> <p>Although temporary, these changes could be a game changer. For the next 12 months, at least, Optus (and possibly other telcos) will be able to proactively share customer information with banks to prevent cybersecurity, fraud, scams and identity theft.</p> <p>It could potentially enable a crackdown on scams that affect both banks and telcos – such as <a href="https://www.ato.gov.au/General/Online-services/Identity-security-and-scams/Scam-alerts/" target="_blank" rel="noopener">fraudulent texts and phone calls</a>.</p> <p>But this does not nullify the need for a larger legislative reform agenda.</p> <p>Australia’s data privacy laws and regulations should put limits on how much data companies can collect, or for how long they can keep that information. Without limits, companies will continue to collect and store much more personal information <a href="https://theconversation.com/what-do-tiktok-bunnings-ebay-and-netflix-have-in-common-theyre-all-hyper-collectors-187274" target="_blank" rel="noopener">than they need</a>.</p> <p>This will require amending the federal Privacy Act – subject to a <a href="https://www.ag.gov.au/integrity/consultations/review-privacy-act-1988" target="_blank" rel="noopener">government review</a> now nearing three years in length. There should be limits on what data companies can retain, and how long, as well as bigger penalties for non-compliance.</p> <p>We all need to take data privacy more seriously.</p> <p><strong>This article originally appeared on <a href="https://theconversation.com/optus-data-breach-regulatory-changes-announced-but-legislative-reform-still-needed-192009" target="_blank" rel="noopener">The Conversation</a>. </strong></p> <p><em>Image: Shutterstock</em></p>

Legal

Placeholder Content Image

How not to tell customers their data is at risk: the perils of the Optus approach

<p>Optus fears data on up to 9.8 million of its customers has been accessed in a <a href="https://www.optus.com.au/about/media-centre/media-releases/2022/09/optus-notifies-customers-of-cyberattack" target="_blank" rel="noopener">sophisticated cyberattack</a> – including, for some customers, passport and drivers licence details, as well as phone numbers, dates of birth and email addresses.</p> <p>It made the announcement through the media, in the middle of Thursday’s national day of mourning public holiday, and during the four-day long weekend in Melbourne in the lead-up to the AFL grand final.</p> <p>At first, it didn’t text or email its customers. Instead, it issued a <a href="https://www.optus.com.au/about/media-centre/media-releases/2022/09/optus-notifies-customers-of-cyberattack" target="_blank" rel="noopener">press release</a> in the belief this was</p> <blockquote> <p>the quickest and most effective way to alert as many current and former customers as possible, so they could be vigilant and monitor for any suspicious activity.</p> </blockquote> <p>Trust in the media is at an all-time low. Communications authority Edelman reports that globally, only <a href="https://www.edelman.com/sites/g/files/aatuss191/files/2022-01/2022%20Edelman%20Trust%20Barometer%20FINAL_Jan25.pdf" target="_blank" rel="noopener">50%</a> of people trust the media, down from 62% a decade ago. Far more people (61%) trust businesses.</p> <h2>Tweets rather than texts</h2> <p>It has been <a href="https://studycorgi.com/the-role-of-integrated-marketing-communications-campaign/" target="_blank" rel="noopener">conventional wisdom</a> that brands should take an integrated approach to marketing communications. Many channels are better than one, increasingly so as audiences for traditional channels continue to fragment.</p> <p>An integrated marketing approach need not mean communicating through every available channel, but it should mean strategically selecting channels that are trusted and consumed by the brand’s customers.</p> <p>One of the best channels Optus has is its own phone network, and it is experienced in using it to contact its customers.</p> <p>Customers are likely to expect this where Optus has something important to say, and they are likely to trust a direct message from Optus more than one filtered through the media.</p> <p>They are even likely to spread it via word of mouth through friends who also use Optus, giving the company a continuing role in shaping the message.</p> <p>Instead, Optus backed up its press release with tweets.</p> <blockquote> <p dir="ltr" lang="en">Hi Marie, we issued a press release and proactively reached out to media as this is the quickest way to inform all our existing and former customers so they can be on high alert for anything suspicious. Kartik</p> <p>— Optus (@Optus) <a href="https://twitter.com/Optus/status/1572949683332583428?ref_src=twsrc%5Etfw">September 22, 2022</a></p></blockquote> <p>Optus has around 5.8 million active users, around 21% of the Australian population. They are a cross-section of the population, having little in common other than the fact they use Optus for communications.</p> <p>Some of Optus’ customers, especially those in Gen Z, might not use traditional news media. They wouldn’t have received the message through that channel.</p> <p>Former customers dating back to 2017 are also likely to be affected by the breach, taking the total affected to around <a href="https://www.smh.com.au/technology/sophisticated-attack-optus-hackers-used-european-addresses-could-be-state-linked-20220923-p5bkfn.html" target="_blank" rel="noopener">9.8 million</a>, about one third of the population.</p> <p>Twitter is used by about only about <a href="https://www.genroe.com/blog/social-media-statistics-australia/13492" target="_blank" rel="noopener">18%</a> of the population, and the overlap with Optus customers might not be large.</p> <blockquote class="twitter-tweet"> <p dir="ltr" lang="en">We'll be contacting impacted customers soon with more information and details on how we'll support them. Optus will not be sending links in any emails or SMS messages. If you believe your account has been compromised, you can contact us on My Optus app (2/2) ^George</p> <p>— Optus (@Optus) <a href="https://twitter.com/Optus/status/1573136010904363008?ref_src=twsrc%5Etfw">September 23, 2022</a></p></blockquote> <h2>What can brands learn from Optus?</h2> <p>As marketing and branding experts, we’ve distilled three lessons, each well known before the data breach.</p> <ol> <li> <p>When you have news affecting your customers, tell them before anyone else, in a personalised, one-to-one approach.</p> </li> <li> <p>Use channels that are trusted and consumed by your customers.</p> </li> <li> <p>Encourage word of mouth through your relationships with your brand community and loyal customers.</p> </li> </ol> <p><strong>This article originally appeared on <a href="https://theconversation.com/how-not-to-tell-customers-their-data-is-at-risk-the-perils-of-the-optus-approach-191258" target="_blank" rel="noopener">The Conversation</a>.</strong></p> <p><em>Image: Shutterstock</em></p>

Legal

Placeholder Content Image

UN committee rules anti-lesbian sex laws breach human rights in landmark decision

<p>On Wednesday, a United Nations committee became the first international law body to recognise that criminalising female same-sex sexual activity is a fundamental breach of human rights.</p> <p>The <a href="https://www.humandignitytrust.org/wp-content/uploads/resources/CEDAW-C-81-D-134-2018-English-clean-copy.pdf" target="_blank" rel="noopener">landmark decision</a> means all countries that criminalise women having sex with other women should immediately repeal these laws.</p> <blockquote class="twitter-tweet"> <p dir="ltr" lang="en">UN Body Condemns Sri Lanka’s Criminalization of Same-Sex Acts <a href="https://t.co/UW0Opoqfwc">https://t.co/UW0Opoqfwc</a></p> <p>— Human Rights Watch (@hrw) <a href="https://twitter.com/hrw/status/1506776054706458627?ref_src=twsrc%5Etfw">March 23, 2022</a></p></blockquote> <p><strong>Which countries criminalise homosexuality?</strong></p> <p><a href="https://antigaylaws.org/" target="_blank" rel="noopener">Seventy-one countries</a> still criminalise homosexual conduct. Many of these are our neighbours – <a href="https://antigaylaws.org/regional/asia-2/" target="_blank" rel="noopener">ten in Asia</a> and <a href="https://antigaylaws.org/regional/pacificoceania/" target="_blank" rel="noopener">seven in the Pacific</a>.</p> <p>Many people assume these laws only apply to men having sex with men, but that’s not the case. Sexual conduct between women is prohibited in the criminal codes of 34 of these 71 countries.</p> <p>Countries with sharia law such as Afghanistan, Nigeria and Saudi Arabia also essentially criminalise lesbian sex. So there are <a href="https://www.humandignitytrust.org/lgbt-the-law/map-of-criminalisation/?type_filter=crim_sex_women" target="_blank" rel="noopener">43 countries</a> where it’s a crime for women to engage in same-sex sexual activity – almost a quarter of all countries in the world.</p> <p>The majority of the countries that criminalise same-sex sexual activity are members of the <a href="https://journals.sagepub.com/doi/abs/10.1177/1037969X1403900203" target="_blank" rel="noopener">Commonwealth</a>, whose anti-homosexuality laws were introduced by the British Empire.</p> <p>However, Britain only ever criminalised male homosexual activity, and the expansion of these laws to explicitly include female sexual activity is a relatively recent phenomenon. Countries that have done so include: Trinidad and Tobago (1986), Solomon Islands (1990), Sri Lanka (1995), Malaysia (1998) and Nigeria (2014).</p> <p>In the past 35 years, <a href="https://www.humandignitytrust.org/wp-content/uploads/resources/Breaking-the-Silence-Criminalisation-of-LB-Women-and-its-Impacts-FINAL.pdf" target="_blank" rel="noopener">ten jurisdictions</a> that previously only criminalised same-sex male sexual intimacy changed their laws to include, for the first time, new criminal sanctions of lesbians and bisexual women.</p> <p>The laws criminalising same-sex activity between women aren’t just arcane laws that are never enforced. In Malaysia just over three years ago, two women were <a href="https://www.theguardian.com/world/2018/sep/03/women-caned-in-malaysia-for-attempting-to-have-lesbian-sex" target="_blank" rel="noopener">caned six times</a> for attempting to have sex.</p> <p>And late last year, a <a href="https://www.advocate.com/world/2021/12/14/lesbian-detained-iran-fears-life-sareh" target="_blank" rel="noopener">lesbian activist in Iran</a> was arrested while trying to flee to Turkey to seek asylum. Before this, she was detained for 21 days by the Iraqi Kurdistan police following an interview she did with BBC Persian about the situation of the LGBTQ+ community in Iraqi Kurdistan.</p> <blockquote class="twitter-tweet"> <p dir="ltr" lang="en">Atrocious punishment of lesbians in <a href="https://twitter.com/hashtag/Malaysia?src=hash&amp;ref_src=twsrc%5Etfw">#Malaysia</a> <a href="https://t.co/pknBrYnlO4">https://t.co/pknBrYnlO4</a></p> <p>— Amnesty UK Rainbow Network (@AmnestyUK_LGBTI) <a href="https://twitter.com/AmnestyUK_LGBTI/status/1037277740951584773?ref_src=twsrc%5Etfw">September 5, 2018</a></p></blockquote> <p><strong>The case</strong></p> <p>The case of <em>Flamer-Caldera v Sri Lanka</em> was brought by a lesbian activist to the UN Committee on the Elimination of Discrimination Against Women (CEDAW).</p> <p>She argued that Sri Lanka’s criminal laws violated her right to live her life free from discrimination based on her sexual orientation.</p> <p>The CEDAW committee agreed.</p> <p>It found the effect of Sri Lanka’s criminal code was that lesbian and bisexual women lived with the constant risk of arrest and detention. And the laws facilitate a culture where discrimination, harassment and violence against lesbians and bisexual women can flourish.</p> <blockquote class="twitter-tweet"> <p dir="ltr" lang="en">The verdict is clear: compulsory heterosexuality, enforced through legislation and policing as well as unchecked social stigma, violates women’s rights under international law. My piece for <a href="https://twitter.com/OutRightIntl?ref_src=twsrc%5Etfw">@OutRightIntl</a> on the <a href="https://twitter.com/hashtag/SriLanka?src=hash&amp;ref_src=twsrc%5Etfw">#SriLanka</a> <a href="https://twitter.com/hashtag/CEDAW?src=hash&amp;ref_src=twsrc%5Etfw">#CEDAW</a> ruling: <a href="https://t.co/cahtHV2k2d">https://t.co/cahtHV2k2d</a></p> <p>— Neela Ghoshal (@NeelaGhoshal) <a href="https://twitter.com/NeelaGhoshal/status/1507106976370769923?ref_src=twsrc%5Etfw">March 24, 2022</a></p></blockquote> <p>Law is a tool that governments use to communicate to society what is acceptable and unacceptable behaviour. When the Sri Lankan government declared any sexual intimacy between consenting women is a crime, it signalled to Sri Lankans that vilification, targeting and harassment of lesbians and bisexual women is acceptable, because they are criminals.</p> <p>The laws not only criminalise same-sex sexual conduct. They also perpetuate homophobia, stigmatise the LGBTQ+ community and sanction gender-based violence against lesbians and bisexual women.</p> <p>This decision sends a clear message to all governments who think it’s OK to persecute, harass and discriminate against lesbians and bisexual women – you are wrong.</p> <p><strong>What now?</strong></p> <p>Sri Lanka now has six months to provide a written response to the CEDAW Committee setting out the action it has taken, or will take, to give effect to the committee’s decision.</p> <p>Repealing the specific provision in the criminal law will not be enough. A much more holistic and nuanced response is required. In particular, the government will need to:</p> <ul> <li> <p>develop campaigns to counter prejudice and stereotypes directed at the LGBTQ+ community</p> </li> <li> <p>enact anti-discrimination laws prohibiting discrimination on the basis of sexual orientation, gender identity and intersex status</p> </li> <li> <p>embed human rights education in schools, promoting equality and respect for all regardless of their sexual orientation or gender identity</p> </li> <li> <p>provide training for police, judges and other law enforcement officials to increase their understanding of, and respect for, the human rights of LGBTQ+ people. This will also enable women to report homophobic crimes to the police without fear of retribution and with the knowledge the perpetrators will be prosecuted</p> </li> <li> <p>ensure there are adequate civil and criminal remedies for members of the LGBTQ+ community who are subjected to discrimination and gender-based violence.</p> </li> </ul> <p>The decision in <em>Flamer-Caldera v Sri Lanka</em> represents a watershed moment in international human rights law and will reverberate around the world.</p> <p>It’s now beyond dispute that criminalising consensual adult same-sex sexual conduct violates a woman’s right to privacy, dignity and non-discrimination.</p> <p>All governments have a duty to protect all women, including lesbians and bisexual women, from discrimination, gender-based violence and other harm.</p> <p>Any country that criminalises the sexual conduct of lesbians and bisexual women, regardless of whether they enforce the laws, is guilty of violating international law.<!-- Below is The Conversation's page counter tag. Please DO NOT REMOVE. --><img style="border: none !important; box-shadow: none !important; margin: 0 !important; max-height: 1px !important; max-width: 1px !important; min-height: 1px !important; min-width: 1px !important; opacity: 0 !important; outline: none !important; padding: 0 !important; text-shadow: none !important;" src="https://counter.theconversation.com/content/179936/count.gif?distributor=republish-lightbox-basic" alt="The Conversation" width="1" height="1" /><!-- End of code. If you don't see any code above, please get new code from the Advanced tab after you click the republish button. The page counter does not collect any personal data. More info: https://theconversation.com/republishing-guidelines --></p> <p><em><a href="https://theconversation.com/profiles/paula-gerber-4812" target="_blank" rel="noopener">Paula Gerber</a>, Professor of Human Rights Law, <a href="https://theconversation.com/institutions/monash-university-1065" target="_blank" rel="noopener">Monash University</a></em></p> <p><em>This article is republished from <a href="https://theconversation.com" target="_blank" rel="noopener">The Conversation</a> under a Creative Commons license. Read the <a href="https://theconversation.com/un-committee-rules-anti-lesbian-sex-laws-breach-human-rights-in-landmark-decision-179936" target="_blank" rel="noopener">original article</a>.</em></p> <p><em>Image: Getty Images</em></p>

Legal

Placeholder Content Image

“Absolutely double standards”: Hillsong accused of breaching Health Order

<p><span style="font-weight: 400;">Australian artists have </span><a rel="noopener" href="https://au.news.yahoo.com/outrage-over-hillsong-video-showing-crowds-singing-dancing-nsw-085606215.html" target="_blank"><span style="font-weight: 400;">expressed their outrage</span></a><span style="font-weight: 400;"> after footage of people singing and dancing at a Hillsong event emerged online, despite new restrictions banning these activities from happening in NSW.</span></p> <p><span style="font-weight: 400;">Some have pointed out that Hillsong’s Wildlife Summer Camp, a three-day “summer camp” held near Newcastle, looks similar to a music festival - where singing and dancing have been prohibited.</span></p> <p><img style="width: 500px; height:281.25px;" src="https://oversixtydev.blob.core.windows.net/media/7846808/hillsong2.jpg" alt="" data-udi="umb://media/8b1806a689dd4ef182e72a7825f6258c" /></p> <p><em><span style="font-weight: 400;">Hillsong has been accused of breaching the Public Health Order banning singing and dancing at recreational facilities. Image: @hillsongyouth (Instagram)</span></em></p> <p><span style="font-weight: 400;">Images and videos from the event show teenagers dancing to religious music - with many appearing to be unmasked - sparking outrage from the entertainment industry, which has seen many scheduled events cancelled in wake of the state’s rules.</span></p> <p><span style="font-weight: 400;">Music festivals across the country have also been forced to be cancelled or postponed, prompting claims that Hillsong being allowed to hold such an event is a “double standard”.</span></p> <blockquote class="twitter-tweet"> <p dir="ltr">Seeing all the artists, promoters, staff and vendors in <a href="https://twitter.com/hashtag/NSW?src=hash&amp;ref_src=twsrc%5Etfw">#NSW</a> suffer after having outdoor events cancelled and then seeing THIS happening right now in NSW for <a href="https://twitter.com/hashtag/Hillsong?src=hash&amp;ref_src=twsrc%5Etfw">#Hillsong</a> is disgusting, a huge gut punch to the already suffering industry. Absolute double standards. <a href="https://twitter.com/hashtag/NswPol?src=hash&amp;ref_src=twsrc%5Etfw">#NswPol</a> <a href="https://twitter.com/hashtag/nswcovid?src=hash&amp;ref_src=twsrc%5Etfw">#nswcovid</a> <a href="https://t.co/fi5pyQZnrr">pic.twitter.com/fi5pyQZnrr</a></p> — Leon Sjogren (@Leonsjogren) <a href="https://twitter.com/Leonsjogren/status/1481460688032010241?ref_src=twsrc%5Etfw">January 13, 2022</a></blockquote> <p><span style="font-weight: 400;">Music producer Leon Sjogren wrote on Twitter: “Seeing all the artists, promoters, staff and vendors in NSW suffer after having outdoor events cancelled and then seeing THIS happening right now in NSW for Hillsong is disgusting, a huge gut punch to the already suffering industry.</span></p> <p><span style="font-weight: 400;">“Absolutely double standards.”</span></p> <p><span style="font-weight: 400;">NSW Premier Dominic Perrottet announced the new restrictions on singing and dancing last week, telling reporters the activities would be prohibited in indoor venues from January 8 until January 27.</span></p> <p><span style="font-weight: 400;">According to the Public Health Order, singing and dancing aren’t allowed at places such as music festivals, nightclubs, major recreation facilities, hospitality venues, and entertainment facilities.</span></p> <p><span style="font-weight: 400;">However, weddings, music classes, and churches are exempt.</span></p> <p><span style="font-weight: 400;">Although Hillsong defended the event, telling the ABC it was “not similar to a music festival in any way”, NSW Health has requested that the organisation “stop singing and dancing”.</span></p> <p><span style="font-weight: 400;">“Our camps involve primarily outdoor recreational activities including sports and games,” Hillsong said in a statement to the national broadcaster.</span></p> <p><img style="width: 500px; height:281.25px;" src="https://oversixtydev.blob.core.windows.net/media/7846809/hillsong1.jpg" alt="" data-udi="umb://media/ddd8f167cd714df785dde4fc56b5a6e6" /></p> <p><em><span style="font-weight: 400;">Despite footage showing unmasked teens singing and dancing, the religious organisation says it was not breaching the Public Health Order banning those activities. Image: @hillsongyouth (Instagram)</span></em></p> <p><span style="font-weight: 400;">The organisation added that they “follow strict Covid procedures” and “adhere to government guidelines”.</span></p> <p><span style="font-weight: 400;">But, a statement from NSW Health accused the organisation of breaching the Public Health Order, as “singing and dancing at a major recreation facility” is prohibited.</span></p> <p><span style="font-weight: 400;">Health Minister Brad Hazzard said: “While the Order does not apply to religious services, it does apply to major recreational facilities and this event is clearly in breach of both the spirit and intent of the Order, which is in place to keep the community safe.”</span></p> <p><span style="font-weight: 400;">Other Australian artists have also taken aim at the event, with rapper Illy criticising the banning of singing and dancing at festivals but not in churches.</span></p> <p><span style="font-weight: 400;">“You can postpone all our festivals and gigs, you can say no to dancing in clubs for the next 50 years, and you can make singing and shouting in public illegal except in sermons and the cricket for some reason,” he wrote on Twitter on Wednesday.</span></p> <blockquote class="twitter-tweet"> <p dir="ltr">I can handle the singing, the dancing, and the no mask wearing at this Hillsong festival last night, even though it’s illegal for the entire arts industry to do the same. But playing“turn down for what” in 2022?! Too far. <a href="https://t.co/byOWufUaWa">pic.twitter.com/byOWufUaWa</a></p> — Illy (@illyal) <a href="https://twitter.com/illyal/status/1481461459368701960?ref_src=twsrc%5Etfw">January 13, 2022</a></blockquote> <p><span style="font-weight: 400;">“FYI I’m for everyone’s religious beliefs. The post is a joke, aimed at the latest horse s*** double standard the music industry is ONCE AGAIN having to face. Not attacking religion at all.”</span></p> <p><span style="font-weight: 400;">Others said the rules should apply to everyone, religious or not.</span></p> <p><span style="font-weight: 400;">“The double standard applied to this Hillsong event vs other indoor or outdoor music festivals makes NO sense at all,” one critic shared on Twitter.</span></p> <p><span style="font-weight: 400;">“You risk a big increase in Covid infections &amp; prolonging this pandemic for all of us. The same rules need to apply to everyone.”</span></p> <p><em><span style="font-weight: 400;">Image: Getty Images / @hillsongyouth (Instagram)</span></em></p>

Music

Placeholder Content Image

Requiring people to check in with a QR code does not breach Australian law

<p>Across social media platforms, people are claiming that mandatory QR code check-ins for businesses are actually, against the law.</p> <p>“This requirement is illegal and puts my company in a position to be sued,” claims a typical Facebook post.</p> <p>Among the laws cited by social media users as evidence of the illegality of QR code check-ins are certain sections of the Commonwealth Privacy Act and the constitution.</p> <p>Others, meanwhile have cited the Numremberg Code, as well as the Australian Disability Discrimination Act and the Biosecurity Act, to argue that a requirement in some states to present proof-of-vaccination status in order to enter businesses likewise breaks the law.</p> <p>But do such laws render QR code check-ins and proof-of-vaccination requirements illegal? This is what the experts have to say on the matter.</p> <p><strong>QR code check-ins </strong></p> <p>Online, Section 94H(1) of the Commonwealth Privacy Act is being used as a common defence for not having to display a QR code for check-in purposes.</p> <p>Under the provision, which was added to the act last year, employers must not dismiss employees if they refuse to download the COVIDSafe app — the federal government's widely criticised contact tracing tool that has all but been abandoned.</p> <p>The section does not make it illegal to require businesses to display a QR code under public health orders, nor does it relate to check-in apps introduced by state governments (such as the Service NSW and Service Victoria apps).</p> <p>Another law regularly referenced by those arguing against QR check-ins is Section 51.5 of the Australian Constitution which confers on the federal government the power to make laws in regards to telecommunications.</p> <p>This is often incorrectly interpreted to mean that only the federal government can make laws about mobile phones, and the states cannot.</p> <p>However, Joellen Riley Munton, former dean of the University of Sydney Law School, told Fact Check this view reflected "a weak understanding of Australian constitutional law".</p> <p>"Section 51 of the constitution confers a power on the Commonwealth to make laws with respect to telecommunications, but it does not rob states of their plenary powers to make all manner of laws," Dr Riley Munton said in an email.</p> <p>"It is just that a state law that is inconsistent with a validly made federal law will be ineffective.</p> <p>"In any event, the QR code requirements can easily be characterised as laws related to public health, since it is a tool to assist with contact tracing. States certainly have powers to make public health orders."</p> <p><strong>Proof of Vaccinations </strong></p> <p>Arguments around the legality of proof-of-vaccination requirements have been similarly debunked.</p> <p>The Nuremberg Code, drafted in 1947 in response to deadly medical experiments carried out by the Nazis during World War II, is commonly referenced as grounds for sidestepping vaccination requirements.</p> <p>But the code applies to medical experiments, not COVID-19 vaccinations, with many fact checkers having addressed claims that it renders numerous pandemic public health orders illegal.</p> <p>Other social media users have listed sections 4 and 6 of the Disability Discrimination Act to argue against the requirement to disclose vaccination status, either to keep a job or enter premises.</p> <p>However, according to Tasmania's former anti-discrimination commissioner Robin Banks, a "very important point" about the act is that it only provides protection to people with a disability.</p> <p>"[It] doesn't provide protection if… you don't have a disability," Ms Banks told Fact Check.</p> <p>Section 4 of the act merely sets out the definitions used in the act — it provides no legal argument for why an individual should not disclose vaccination status.</p> <p>Section 6, meanwhile, makes it unlawful to engage in indirect disability discrimination; for example, a person with a disability being required to do something with which they cannot comply.</p> <p>But for discrimination to have occurred, Ms Banks explained, a person must be able to prove they are less able to comply with the requirement because of their disability, and the requirement must be "unreasonable" in the circumstances.</p> <p>Ms Banks said this was the point at which arguments against proof-of-vaccination requirements fell flat.</p> <p>"Vaccination status does not readily fall within the definition of disability, nor does being unvaccinated," she said.</p> <p>"There is no basis that I can see that it could be argued that being unvaccinated is a disability for the purposes of the protections under disability discrimination laws."</p> <p>She added that "requiring a person to disclose their vaccination status may be reasonable in many circumstances as it may be a necessary part of measures needed to reduce community transmission of a deadly and highly infectious, airborne virus".</p> <p>Finally, Section 95 of the Biosecurity Act, which states that "force must not be used against an individual to require the individual to comply with a biosecurity measure", also had "no role to play in relation to people who refuse to disclose their vaccination status", according to Ms Banks.</p> <p>"It protects against use of force in respect of such failures except in specific circumstances; for example, requiring [people] to be tested for the presence of a particular human disease, to provide particular body samples, to require them to stay in a particular place, or not visit a particular place or places.</p> <p>"Section 95 … does not appear to be directly relevant to the question of whether or not a person's vaccination status can be sought."</p>

Legal

Placeholder Content Image

Human error to blame for COVID airport breach

<div class="post_body_wrapper"> <div class="post_body"> <div class="body_text redactor-styles redactor-in"> <p>Human error allowed two passengers to accidentally enter a "green zone" at the Brisbane International Airport after arriving on a flight from Papua New Guinea.</p> <p>The pair were in the area for an hour-and-a-half, shopping and using public toilets, before being retrieved by airport staff.</p> <p>Initial test results from one passenger for COVID-19 came back negative and the second passenger's test was inconclusive – but more samples sent to Queensland Health's Forensic and Scientific Services laboratory have since confirmed that he is COVID-positive.</p> <p>While the pair were in the green zone, three New Zealand flights took off with around 390 passengers – these were Air New Zealand NZ202 from Brisbane to Christchurch, Air New Zealand NZ146 from Brisbane to Auckland, and Qantas QF135 from Brisbane to Christchurch.</p> <p>Chief Health Officer Dr Jeannette Young said the pair posed a low risk to others.</p> <p>“While at the airport, they wore masks and socially distanced and neither has reported symptoms," she said.</p> <p>“They were in the wrong zone through no fault of their own and we appreciate their patience and cooperation while we rule them out as cases.</p> <p>“We’re also grateful for the prompt action by Brisbane airport staff once the mistake was identified.”</p> <p>In a statement from Brisbane Airport Corporation, the airline has "unreservedly apologised".</p> <p>"At approximately 9:30am, two transit passengers arrived on a 'red' flight from Port Moresby and proceeded through screening to transit as per normal process," a BAC statement said.</p> <p>"Initial review of CCTV indicates that at approximately 9:55am, these passengers were incorrectly allowed into the 'green zone'.</p> <p>"The breach is due to human error, and BAC is currently working with all relevant authorities including Queensland Health to investigate the circumstances of the breach."</p> <p>"BAC is conducting a thorough investigation and unreservedly apologises for this human error," the statement<span> </span><a rel="noopener" href="https://www.abc.net.au/news/2021-04-29/brisbane-airport-apologises-international-arrivals-covid-breach/100105700" target="_blank">said</a>.</p> </div> </div> </div>

News

Placeholder Content Image

Major royal security breach as intruder pretends to be engaged to Prince Andrew

<div class="post_body_wrapper"> <div class="post_body"> <div class="body_text redactor-styles redactor-in"> <p>A woman has sparked a major scare in Windsor Great Park after being found wandering around Prince Andrew's official residence.</p> <p>Guards accidentally let the woman in after she claimed she had a lunch appointment with Prince Andrew.</p> <p>An insider has provided more information, saying to<span> </span><a rel="noopener" href="https://www.thesun.co.uk/news/14700679/prince-andrew-security-scare-windsor/" target="_blank"><em>The Sun</em></a>: "She was apparently very smartly dressed, in suit trousers, a yellow blouse and peach jacket, and had her hair done up and full make-up.</p> <p>"She cut quite a glamorous figure and the guards were completely taken in by her.</p> <p>"The woman demanded they pay her cab fare as she was a close friend of Prince Andrew, and they obliged before helpfully pointing her on her way towards the Royal Lodge.</p> <p>"They had no idea this woman was a total stranger to Andrew and seemingly had a fixation with him."</p> <p>The only reason the woman was caught was because she went up to a royal staff member and asked where Prince Andrew was, claiming she was engaged to him.</p> <p>"The woman then went up to a member of staff and asked where Prince Andrew was," the insider continued.</p> <p>"She was then asked who she was and what she was doing here.</p> <p>"To the staff member’s shock, the woman then claimed to be engaged to Prince Andrew and said she was there to get married to him.</p> <p>"She said that was the reason why she had flown over from Spain a couple of days earlier."</p> <p>The issue is being dealt with as a "major security breach" as the woman was found with maps of the building as well as a self-defence keyring with two prongs on it.</p> <p>She was initially arrested under suspicion of burglary but has since been sanctioned under the Mental Health Act.</p> </div> </div> </div>

News

Placeholder Content Image

Ash Barty promises to "be better" after COVID-19 breach

<div class="post_body_wrapper"> <div class="post_body"> <div class="body_text redactor-styles redactor-in"> <p>Australia's world No. 1 tennis star Ash Barty has promised she will "be better" after accidentally committing a COVID-19 faux pas while shopping in Melbourne.</p> <p>She was in Coles shopping and forgot her mask after a pre-Australian Open training session at Melbourne Park.</p> <p>She ran into a Sky News reporter, who recognised she was maskless and took to Twitter to share the incident.</p> <p>“I accidentally forgot to wear a mask in a supermarket (on Thursday) in Melbourne,” Barty said.</p> <p>“I apologised as soon as I realised my mistake.</p> <p>“I understand we all need to do our bit to keep the community safe and I will be better next time.”</p> <blockquote style="background: #FFF; border: 0; border-radius: 3px; box-shadow: 0 0 1px 0 rgba(0,0,0,0.5),0 1px 10px 0 rgba(0,0,0,0.15); margin: 1px; max-width: 540px; min-width: 326px; padding: 0; width: calc(100% - 2px);" class="instagram-media" data-instgrm-permalink="https://www.instagram.com/p/CGRVvxjB97s/?utm_source=ig_embed&amp;utm_campaign=loading" data-instgrm-version="13"> <div style="padding: 16px;"> <div style="display: flex; flex-direction: row; align-items: center;"> <div style="background-color: #f4f4f4; border-radius: 50%; flex-grow: 0; height: 40px; margin-right: 14px; width: 40px;"></div> <div style="display: flex; flex-direction: column; flex-grow: 1; justify-content: center;"> <div style="background-color: #f4f4f4; border-radius: 4px; flex-grow: 0; height: 14px; margin-bottom: 6px; width: 100px;"></div> <div style="background-color: #f4f4f4; border-radius: 4px; flex-grow: 0; height: 14px; width: 60px;"></div> </div> </div> <div style="padding: 19% 0;"></div> <div style="display: block; height: 50px; margin: 0 auto 12px; width: 50px;"></div> <div style="padding-top: 8px;"> <div style="color: #3897f0; font-family: Arial,sans-serif; font-size: 14px; font-style: normal; font-weight: 550; line-height: 18px;">View this post on Instagram</div> </div> <p style="color: #c9c8cd; font-family: Arial,sans-serif; font-size: 14px; line-height: 17px; margin-bottom: 0; margin-top: 8px; overflow: hidden; padding: 8px 0 7px; text-align: center; text-overflow: ellipsis; white-space: nowrap;"><a style="color: #c9c8cd; font-family: Arial,sans-serif; font-size: 14px; font-style: normal; font-weight: normal; line-height: 17px; text-decoration: none;" rel="noopener" href="https://www.instagram.com/p/CGRVvxjB97s/?utm_source=ig_embed&amp;utm_campaign=loading" target="_blank">A post shared by Ash Barty (@ashbarty)</a></p> </div> </blockquote> <p>Barty has spent the last 10 months in Queensland where restrictions are much more relaxed than they are in Melbourne.</p> <p>She's making her first on-court appearance since last February alongside Serena Williams, Simona Halep, Naomi Osaka and men's legends Rafael Nadal and Novak Djokovic next Friday.</p> <p>She can't wait to return to the court.</p> <p>“We are so lucky in Australia to have a home grand slam; the support of the Australian fans means the world to me and I always want to do well here,’‘ Barty said.</p> <p>“I understand this year will be different in many respects but I hope I can do the local fans proud.</p> <p>“The circumstances around this year’s event are definitely challenging and I understand the frustration of all the players who have had to quarantine.</p> <p>“But keeping Melburnians safe and making sure we put health first has to be the priority.”</p> </div> </div> </div>

News

Placeholder Content Image

Meghan Markle asks for urgent court ruling over “breach of privacy”

<p><span>Meghan Markle’s lawyers have asked a judge to settle her lawsuit against a newspaper before it goes to trial.</span><br /><br /><span>The 39-year-old Royal is suing Associated Newspapers for an invasion of privacy and copyright infringement over five articles published in the<em> Mail on Sunday</em> and the <em>MailOnline</em> through February of 2019.</span><br /><br /><span>Her legal team have asked a British judge to rule that the publication released a "deeply personal" letter to her estranged father that was "a plain and a serious breach of her rights of privacy".</span><br /><br /><span>The publications included portions of a handwritten letter to her father, Thomas Markle, after her marriage to Prince Harry in 2018.</span><br /><br /><span>Associated Newspapers is contesting the claim, and a full trial is due to be held in the autumn at the High Court.</span><br /><br /><span>It is set to be one of London's highest-profile civil court showdowns for years.</span><br /><br /><span>The Duchess is seeking a summary judgement that would find in her favour and dismiss the newspaper's defence case.</span><br /><br /><span>Her lawyer, Justin Rushbrooke, has that the publisher has "no real prospect" of winning the case.</span><br /><br /><span>"At its heart, it's a very straightforward case about the unlawful publication of a private letter," he said at the start of a two-day hearing, held remotely because of coronavirus restrictions.</span><br /><br /><span>Rushbrooke said Meghan had an understanding that "a heartfelt plea from an anguished daughter to her father" would remain private.</span><br /><br /><span>Lawyers for the Duchess say Thomas Markle, a retired television cinematographer, caused anguish for Meghan and Harry before their May 2018 wedding.</span><br /><br /><span>He gave multiple media interviews and posed for wedding-preparation shots taken by a paparazzi agency.</span><br /><br /><span>He did not attend the wedding ceremony after suffering a heart attack.</span><br /><br /><span>Rushbrooke said Meghan's letter was "a message of peace" and it’s aim was "to stop him talking to the press."</span><br /><br /><span>He said the Duchess took steps to ensure the five-page, 1,250-word letter would not be intercepted.</span><br /><br /><span>She sent it by FedEx through her accountant to her father's home.</span><br /><br /><span>The letter begged Thomas Markle to stop speaking to the media, saying: "Your actions have broken my heart into a million pieces."</span><br /><br /><span>The last sentences, read out in court, were: "I ask for nothing other than peace. And I wish the same for you."</span><br /><br /><span>Lawyers for Associated Newspapers however have argued that Meghan likely knew the letter would one day be published.</span></p>

Legal

Placeholder Content Image

Miranda Kerr receives police warning after quarantine breach

<p><span>Supermodel Miranda Kerr was issued an official warning from NSW Police, after she left her Hunter Valley residence while under a mandatory 14-day quarantine period.</span><br /><br /><span>The 37-year-old had been allowed by health officials to self-isolate at her rural Rothbury property after she came back from Los Angeles in October.</span><br /><br /><span>“Under the terms of an approved NSW Health exemption, she was allowed to leave the property for a specific purpose,” NSW Police said in a statement to 7NEWS.com.au.</span><br /><br /><span>The model reportedly left her residence for a “family matter”.</span><br /><br /><span><a rel="noopener" href="https://www.dailytelegraph.com.au/" target="_blank"><em>The Daily Telegraph</em></a> alleged the celebrity went to visit a sick relative in palliative care.</span></p> <p><img style="width: 0px; height: 0px;" src="https://oversixtydev.blob.core.windows.net/media/7839559/miranda-kerr-hunter-valley-5.jpg" alt="" data-udi="umb://media/55a0e34f640e47ab9adf775716a8ed1f" /><br /><br /><span>Officers went to speak with Kerr on October 5, where she was meant to be self-isolating.</span><br /><br /><span>However, police were allegedly unable to find her.</span><br /><br /><span>“The woman was required to complete a notification process prior to leaving the address, however, the process was not followed and she was issued with a warning,” NSW Police added.</span><br /><br /><span>Kerr is married to billionaire Snapchat founder Evan Spiegel and runs multi-million dollar skincare company Kora Organics.</span><br /><br /><span>She was not fined over the breach.</span><br /><br /><span>NSW Police said there had been no other issues or breaches that were detected for the duration of the 14-day self-isolation period.</span></p>

News

Placeholder Content Image

“We were scared”: Venue worker speaks out after police bust up health breach wedding

<div class="post_body_wrapper"> <div class="post_body"> <div class="body_text redactor-styles redactor-in"> <p>A waiter has spoken out about what happened after management allowed more than 600 guests at a wedding reception, which is in violation of current NSW COVID-19 restrictions.</p> <p>Norman, who's worked at the Imperial Paradiso in Fairfield, said that employees were "incredibly concerned" they'd get in trouble despite having no idea management breached restrictions until the hordes of guests arrived.</p> <p>“I was really worried about getting a personal fine,” he told <a rel="noopener" href="https://www.news.com.au/national/nsw-act/news/we-were-scared-waiter-at-a-fairfield-wedding-venue-fined-for-having-more-than-600-guests-speaks/news-story/1c3f0e1c9a8eda44695e0ec0bfcbbf7e" target="_blank"><em>NCA NewsWire</em></a>.</p> <p>“I didn’t know the amount of people who were coming and I don’t control the number of people, I’m not a manager.</p> <p>“We all knew once (we saw the guestlist) but as a normal employee if I said anything it wouldn’t have worked.</p> <p>“It was out of my hands.”</p> <p>NSW Police confirmed on Monday that the venue had been fined $5,000.</p> <p>Norman said things were tense as soon as police arrived, as staff were told to get in the kitchen and stay there.</p> <p>“The chefs were really upset too,” he said.</p> <p>“Even the band, I could hear them talking, and they said ‘let's eat dinner and leave’.”</p> <p>NSW Deputy Premier John Barilaro has warned that the breach could have drastic flow-on effects for the larger community.</p> <p>“Firstly can I say when you have a deliberate act like the venue operators – normally we thank businesses that are working hand in glove with government in relation with dealing with the pandemic, in this scenario and this case we got an example of someone who's done it bloody wrong,” he said.</p> <p>“He puts his own business and that business’s reputation at risk, the sector at risk, the broader economy and jobs, and worse the health of this state.”</p> </div> </div> </div>

News

Placeholder Content Image

Gladys Berejiklian reacts to another hotel quarantine breach

<p>NSW Premier Gladys Berejiklian has reacted to the news of another breach in the hotel quarantine system on ABC Breakfast.</p> <p>It was revealed on Wednesday morning that an aviation worker managed to avoid quarantine in Sydney and board a plane to Melbourne while Victoria was battling to contain its second wave.</p> <p>Ms Berejiklian said we have to "accept that human error and mistakes are going to happen".</p> <p>"I cannot promise that will not happen again. But we do need to do is make sure that anyone who may have been a close contact of that person or at risk is contacted and steps need to be taken and that is what is really important," she said.</p> <p>"When you are managing that many thousands of people every week, you're not going to have perfection as much as we would all like it.</p> <p>"I cannot guarantee that will not be incidents like that in the future. Of course they are infrequent. We hope they will not happen again but we cannot commit to that.</p> <p>"I want to thank the thousands of workers who are putting their safety at risk by keeping us safe and I take my hat off to them. We have to accept the rest."</p> <p>She also addressed the burden of international travellers arriving in Sydney.</p> <p>"Because Victoria has been out of action and the other state are not taking any people we are taking 3000 a week and 45 per cent of people who come through Sydney airport at this stage are not residents of NSW so we are taking care of people from all parts of Australia," she said.</p> <p>"We do that gladly because we have the capacity to do that but also because we are Australians and want to support residents coming back home."</p>

Travel Trouble

Placeholder Content Image

Health breach at Sydney airport has passengers from Melbourne disembark without health screening

<div class="post_body_wrapper"> <div class="post_body"> <div class="body_text "> <p>Passengers flying home from Melbourne to Sydney on a Jetstar flight on Tuesday night were able to get off the plane without undergoing a health screen for symptoms of coronavirus.</p> <p>The major health breach was confirmed by Jetstar to NCA NewsWire and allows some people to enter the major city without being tested. </p> <p>A Jetstar spokesman said crew assisted health officials who were reportedly not present at the time the plane landed by locating passengers in the terminal.</p> <p>The airline also provided officials with the aircraft manifest to assist them in contacting passengers who were not found in the terminal.</p> <p>“Together with Sydney Airport, we have refined our disembarkation procedures to prevent this situation from occurring again,” the spokesman said.</p> <p>Passengers had been screened in Melbourne but it is government policy that they are tested again before disembarking in Sydney.</p> <p>This process usually begins after health officials arrive at the gate and signal to plane crew that they are ready to receive disembarking passengers, but under the new protocol, planes will not be able to pull up to the gate before NSW Health Officials are ready.</p> <p>The screening test includes a temperature check and questions about whether passengers have experienced coronavirus symptoms and if they have travelled to any hot spots in the past two weeks.</p> <p>The NSW Government introduced new laws on Tuesday night that prohibits anyone from Greater Melbourne from travelling into the state. </p> <p>NSW chief health officer Kerry Chant said the government was “in the process” of chasing up the passengers.</p> <p>“If anyone is found to have travelled in breach of any orders we’ll refer them to police and take the appropriate action, depending on whether anyone is symptomatic, to ensure the community is protected,” she said.</p> </div> </div> </div>

Travel Trouble

Our Partners