IIS' Managing Director Malcolm Crompton AM blogs and comments on Hunton & Williams' Privacy & Information Security Law Blog and Open Forum (

To subscribe to his Open Forum blog via RSS, click here RSS icon

Malcolm also periodically tweets @MalcomC.

Highlights from Recent Posts

"Ethical human research needs to ensure the welfare of its participants and the quality and effectiveness of research. Malcolm Crompton is Chair of PRAXIS Australia, a new initiative aimed at anybody involved in medical research."

"In a groundbreaking decision, and following a worldwide trend, journalist Ben Grubb just won a legal battle with Telstra for access to his metadata. Malcolm Crompton has some background information."

"A UK court recently ruled on what constitutes personal information in the landmark case Google v. Vidal-Hall. Malcolm Crompton says why this might be the most important Court judgment on privacy in years."

"We need a different approach to how organisations are held to account for their management of information if we are to have effective privacy protection in the era of Big Data and the Internet of Things..."

"What if everyone knew everything about everybody, but nobody talked about it (at least not in public)? Malcolm Crompton says the "commedia dell'arte" could have been onto something regarding privacy and security."

"What are the future challenges of living in a digital world? Malcolm Crompton wants to hear your thoughts and concerns for an upcoming forum on this topic..."

"Privacy should not be underestimated or taken for granted. Following the Privacy @ Play Summit last month, Malcolm Crompton explains why good privacy is good business..."

"The promise of cloud computing as information technology's 'next big thing' has now translated into practice for many businesses and governments, but obstacles to more widespread adoption remain..."

"National security remains high on the government's agenda. It is time to have a complete debate over the issue and think it through in order to avoid waking up in the Surveillance Society..."

"I have just seen the re-emergence of BOTPA - Because Of The Privacy Act - in an online debate elsewhere. It is time to take a cold drink of water, recall some history, then look in the mirror...."

" There is an important linkage between the broader civil rights movement and the impact on us with the current explosion of digital data being collected and created about us all...."

"We have been watching for the last 5-6 years a growing public realisation of the extent to which information about individuals is being collected, shared, analysed and acted upon and a growing sense of unease..."

"The Australian Privacy Amendment (Enhancing Privacy Protection) Act 2012 will make significant changes to the Privacy Act 1988. It's early days for the changes and the impact for organizations will depend on their circumstances..."

"Big Data is the hot issue of the moment worldwide , and it's going to have a profound impact on the way we deal with information and, in turn, our privacy..."

"The traditional privacy protection model focuses on user control at the point of data collection, but it is time to change our thinking on privacy to better serve individuals..."

"This year the United States took a big step in the protection of data by announcing an online privacy plan that would give consumers more control over how their personal data is collected, shared and used by websites and advertisers..."

"The European Commission's proposed reform of its data protection rules is a promising start to 2012. Here's hoping that we see the introduction of new privacy legislation in the coming months and an end to the lengthening hiatus on privacy law reform in Australia..."

"When Google+ launched, Google insisted that its members use real names and aggressively closed accounts that it considered were not based on real names. This reignited a debate that has periodically flared around the internet..."

"The process of reviewing and reforming the main law protecting privacy in Australia, the Privacy Act 1988 , had all but stalled by 30 June this year..."

"When you come under attack, it is imperative you have a plan of action...."

We have seen the incredible impact of the iPhone and iPad on the every day lives of so many of us. Overnight, they completely reset our expectations of benchmark usability...."

"It may take years, but substantive action on privacy at the global leadership level will happen..."

"Privacy will finally be on the agenda of the next G8 meeting. In an encouraging sign G8 leaders' 'sherpas' (or policy emissaries) are on the job to help them scale the issue..."

"Can we gain from the enormous economic benefits of Big Data while maintaining privacy? Is it time for an ethical approach to Search and Personalisation?..."

"One troubling implication for privacy with technological and policy development today is the unyielding belief that if somebody considers that something enhances our lives, it should be done...."

"In a Press Relese from the White House, the US Administration has just released a much more fully developed National Strategy for Trusted Identities in Cyberspace (NSTIC)..."

"Will the forthcoming G8 summit be seen in history as a peak in addressing privacy globally? ..."

"Even policies which are perfect in theory fail when they are not effectively supported in practice. The 'Accountability Concept', whereby accountability for privacy protection follows the date flow, is key development in making privacy policies more robust internationally ..."

"Have all the developments and controversy in the handling of personal information during 2010 produced a long lasting sea change in the global privacy debate? ..."

"In customer service, what is the line between being helpful and being too helpful? How do we get this right? ..."

"In the burgeoning digital social networking era, the oft-repeated assertion that "youth don't care about privacy" has become a cliché ..."

"Privacy by Design incorporates privacy from the planning stage rather than tacking it on at the end ..."

"The Asia-Pacific Economic Cooperation (APEC) has launched an initiative to help boost consumer trust in e-commerce by fortifying enforcement of regional data privacy laws ..."

"Papers we began writing as early as 2004 are still relevant. One may have been ahead of its time, but its time is coming..."

"Done right, an approach based on Health Information Exchange would be vastly cheaper and better if government established a well regulated, competitive market place for the supply of services instead of building a monopoly that will inevitably fall behind the 8-ball..."

"If Privacy Week in May passed you by, here are a couple of quick tests you might like to do..."

"W3C and PrimeLife are convening a W3C Workshop on Privacy for Advanced Web APIs on 12-13 July. This is long overdue!..."

"As Privacy Commissioner of Australia, I helped get a resolution adopted by data protection regulators worldwide on better notices including layering. It is interesting that Lorrie Cranor has evidence for even better formats..."

"Two different days, two different events, one similar message: the next ten years will be a lot different from the last ten for privacy and the privacy professional..."

"Business is contributing to re-thinking effective privacy frameworks, too. Microsoft's Scott Charney has been developing his thinking on 'End to End Trust' for a couple of years now and returned to the theme at the RSA Conference 2010..."

"The European Commission (EC) and its partners hosted a conference on "Trust in the Information Society" in Spain 10-11 February where the winds of change became even more apparent..."

"At the risk of mixing metaphors, it seems that there is movement at the station, on both sides of the Atlantic, on the need for new thinking on how best to respect personal information about individuals and manage the risks to which they might be exposed as a consequence of its collection, use and disclosure..."

"Cloud computing has been a popular term for a year or two now, but many of us still don't know what it is or its implications. To a degree, it is old wine in new bottles (hotmail has been around for over a decade now), but it is also so much more..."

"A privacy paper from the UK tells only part the story of 'context specific authentication' and leaves at least two questions unanswered..."

"Without any expectation that privacy statements should be able to be read and understood by the average person, how is it reasonable to expect the average person to accept full responsibility for the disclosure of their personal private information?..."

"A person-controlled e-health record is not only the most speedy and cost effective solution for the national e-Health strategy, but it is also the approach with the best chance of achieving widespread consumer acceptance..."

"Neil Armstrong and Buzz Aldrin: both powerful advocates of a right to privacy; both choosing how little and how much of their private lives that they wanted to reveal..."

"The experiences of handling (and losing) personal information have a lot to tell us about better security in any organisation. The National Privacy Principles in the Privacy Act are just a start..."

"For all those Mac fans who think that they are immune from vulnerabilities, think again..."

"Cloud computing is bringing privacy out of dark corners of cuckoo land and into the daylight where it belongs..."

"As the political pendulum swings back over the next decade or so towards more regulation of the markets, how do we stop it from swinging too far?.."

"Identity management and how easy it is to mislead people, sometimes for mischievous intent, sometimes for profit & sometimes with very evil intent, will remain a major issue for us in Australia & worldwide in 2009..."

"As information flows ever more easily between jurisdictions, how can effective regulatory protections be put in place for the stakeholders? This question applies equally to the protection of intellectual property (IP) as it does to the protection of personal information (PI) or any other valuable information assets held by an organisation..."

"What is happening in the global debate on how to make it safe for individuals to share personal information (or have it shared), otherwise known as "information privacy"? What about a significant part of this discussion, developing identity management arrangements for the 21st century that respect the individual, otherwise known as 'user centric identity management'?.."

"The debate has been long on rhetoric and short on cold, hard analysis. But it may be about to improve...."

"In the world of information governance and a fair go for the individual in dealings with business and government, how has it felt this month?.."

"The upcoming identity conference in New Zealand is going to be a high spot for ID management in this part of the world; indeed anywhere..."

"Applying transparency and ratings to policing raises some fascinating questions that have been around for a long time..."

"The bar for acceptable ID management has just been suddenly raised. Microsoft has just announced it has purchased Stefan Brand's Credentica, a truly privacy enhancing Identity Management system that delivers on more of Kim Cameron's 7 Laws of Identity. ..."

"We are in an interesting period of leadership change. In Australia, we elected a new federal government at the end of 2007. The UK has a new PM & the USA will have a new president by the end of 2008. Is the privacy debate changing too, reflecting a new mood?.."

"Facebook has recently been rattling our confidence somewhat. On November 6, Facebook outlined a strategy to integrate more targeted advertising into its popular social networking website. By 5 December, the strategy had been wound back & the CEO of Facebook had offered an apology. What was this about & what has this to do with citizens and governments?.."

"We have been talking eHealth records for years. Almost worldwide, the topic is treated by many in the health informatics arena as a self-evident necessity, by some health service providers as an investment and retraining imposition with little direct return to their practices and by health consumers with suspicion..."

"We are watching a very rapid change in community attitudes on privacy. One of the strongest contributors is the repeated and significant loss of control of personal information by private and public sector organisations around the world. Nearly as many records of personal information about folk in the US have been lost as there are citizens. In the UK this month, in one hit, they got up to a 50 % ratio. Where does Australia stand?.."