Hello privacy pros.

Coinciding with Australia's unfortunate resurgence in COVID-19 infections, this week's update is full of Australian pandemic privacy news.

With significant COVID-19 related restrictions and lockdowns in force for many Australian communities, mandatory check-ins at business and retail venues have become pervasive and widely accepted. This has resulted in troves of check-in data being collected from millions of Australians, which, according to CPO Magazine, has led police departments across Australia to seek warrantless access to this data to help solve crimes. The Office of the Australian Information Commissioner has called for a prohibition on such access to contact-tracing data by law enforcement to avoid undermining public trust and participation in the check-in system.

In 2020, when Australia deployed its COVIDSafe contact-tracing application, privacy advocates successfully secured legislative changes to the Australian Privacy Act to prohibit law enforcement access to contact-tracing data collected via the app. But today, many Australians are largely checking in via state-operated QR code check-in apps, where the data collected is not similarly protected against such access. It's a good illustration of the risk of legislation targeting specific technologies — i.e., the COVIDSafe app — rather than a more generalized activity — i.e., law enforcement access to personal information collected by health authorities for the purposes of contact tracing.

Western Australia has since banned police access to contact-tracing data for purposes other than contact tracing, and the Australian Capital Territory is considering doing the same. Graham Greenleaf and Katharine Kemp of the University of New South Wales outlined a proposal to uplift the protections and constraints relating not only to contact-tracing data but to the broad emergency powers established in the context of COVID-19 response.

South Australia announced its intention to expand the use of an app already in wide use in Western Australia, which collects facial recognition and GPS location data to confirm the respective identity and location of individuals in-home quarantine. Deakin University Senior Lecturer and Australian Privacy Foundation Vice-Chair Monique Mann acknowledged the technology may be the best available option, in contrast with ankle bracelets and hotel quarantine, but warned against the "normalisation of surveillance and surveillance technology under the cover of COVID, where people in society become used to or accept that there are all of these intrusions into their life."

If you're interested in getting to know some of your fellow ANZ privacy pros, be sure to register to attend our virtual KnowledgeNet Networking event 21 Sept. at 13:00 AEST. Bring a smile and a creative Zoom background, and I'll see you there!

Stay safe until next time!