G’day from the country that doesn’t have a government after four days of counting. Democracy is a wonderful thing until you lift the cover ... As such, please do not expect sensible decisions for at least another week here. New Zealand is in charge.

But seriously gentle readers. In the past weeks, a number of things have happened on the privacy front in the Asia-Pacific region worth knowing about.

During the Australian election, there was some reporting about the use of elector databases by the major political parties, because in Australia, the Privacy Act mostly excludes politicians and their parties. “While private companies, banks and marketers are all legally barred from electronically accessing or using Electoral Roll information, it’s a very different story for political parties.” You can read more in governmentnews.com.au

ADVERTISEMENT

PLI, Earn privacy CPE and CLE credits: Watch anytime online or on our mobile app, topics include AI, privacy, cybersecurity, and data law

Under the heading, "We should be getting better at this”: It would seem that the breach on travel agency, JTB Corp. in Japan followed a familiar pattern, spear phishing and then a remote access trojan. Although a 7.93 million user data breach is not even close to a record. This breach is significant as it harvested passport numbers as well as other sensitive personal information.

The Chinese government has introduced new rules demanding that mobile app providers adopt real-name registration for users and keep their user activity logs for 60 days. Whilst on the face of it, the rule changes will have negative privacy implications for users, there may be some positives as app providers will also need explicit consent of users “to gain access to their geographic ­location and contact list, record video and audio through their mobile devices, or activate or bundle unnecessary functions.” This catches up with both Google and Apple who have been requiring for some time that apps in their stores get explicit permissionsfor the services they need.

Lastly, to New Zealand where there are reports that law enforcement agencies could get new powers to access information stored through cloud-based technology or social media following a review of the comparatively recent Search and Surveillance Act (2012). However, there does seem to be a quite mature conversation about the balance between citizen privacy and citizen protection with New Zealand Prime Minister John Key reportedly saying that he’s looking for a bipartisan approach.

Outside our region, you may be interested in this article in planetbiometrics.com saying that despite Brexit, the U.K. police are scrambling to retain access to the EU’s biometric and DNA databases. As the Brits look to an agreement, let’s hope that the police are subject to EU’s privacy framework as the British police have been criticised on a number of occasions about their biometric storage and sharing practices.