Mark Burdon

Defining the Sensor Society

The proliferation of embedded and distributed sensors marks the increasing passive-ication of interactivity. Devices such as smart phones, cameras, drones, and a growing array of environmental sensors (both fixed and mobile) and interactive online platforms have come to permeate daily life in technologically equipped societies. Consequently, we are witnessing a shift from targeted, purposeful, and discrete forms of information collection to always-on, ubiquitous, opportunistic ever-expanding forms of data capture. The increased use of sensors marks important changes to our understandings of surveillance, information processing, and privacy. In this article, we explore the transformations associated with the emerging sensing environment. The notion of a sensor society provides a conceptual basis for understanding the characteristics of emerging forms of monitoring and control.

Commercializing public sector information privacy and security concerns

The enhanced development of information and communication technologies in government has created new opportunities for agencies to collect, share and re-use data. At the same time, the commercial worth of governmental data sets and value-added information products/services have increased. Government agencies are finding that data they have routinely collected to fulfil their statutory and business functions can now more easily be re-used for commercial purposes. The prospect of increasing revenue through the commercial re-use of public sector information (PSI) is clearly appealing for governments and their agencies. Examples of PSI that have been re-used commercially include residential property transaction details, land title information, ordanance survey data and street address registers. This article examines those shifting boundaries, particularly in light of information privacy and national security concerns arising from governmental commercialization of PSI that includes personal information. I seek to show that information privacy laws can be subverted in the face of overt commercialization by government agencies; that commercialization can have a negative impact on individuals; and can also give rise to societal concerns relating to privacy, security, and the open governance of the information society.

Protecting the protectors: Legal liabilities from the use of Web 2.0 for Australian disaster response

The traditional model for information dissemination in disaster response is unidirectional from official channels to the public. However recent crises in the US, such as Hurricane Katrina and the Californian Bushfires show that civilians are now turning to Web 2.0 technologies as a means of sharing disaster related information. These technologies present enormous potential benefits to disaster response authorities that cannot be overlooked. In Australia, the Victorian Bushfires Royal Commission has recently recommended that Australian disaster response authorities utilize information technologies to improve the dissemination of disaster related, bushfire information. However, whilst the use of these technologies has many positive attributes, potential legal liabilities for disaster response authorities arise. This paper identifies some potential legal liabilities arising from the use of Web 2.0 technologies in disaster response situations thereby enhancing crisis related information sharing by highlighting legal concerns that need to be addressed.

If it's encrypted its secure! The viability of US state-based encryption exemptions

US state-based data breach notification laws have unveiled serious corporate and government failures regarding the security of personal information. These laws require organisations to notify persons who may be affected by an unauthorized acquisition of their personal information. Safe harbours to notification exist if personal information is encrypted. Three types of safe harbour have been identified in the literature: exemptions, rebuttable presumptions and factors. The underlying assumption of exemptions is that encrypted personal information is secure and therefore unauthorized access does not pose a risk. However, the viability of this assumption is questionable when examined against data breaches involving encrypted information and the demanding practical requirements of effective encryption management. Recent recommendations by the Australian Law Reform Commission (ALRC) would amend the Privacy Act 1988 (Cth) to implement a data breach scheme that includes a different type of safe harbour, factor based analysis. The authors examine the potential capability of the ALRCs proposed encryption safe harbour in relation to the US experience at the state legislature level.

Access control in federated databases: how legal issues shape security

This paper will examine how legal considerations arising from the aggregation of data impact upon technical access control mechanisms. Research findings are based on a multi-disciplinary investigation of security issues regarding the aggregation of data in a governmental federated database system. The researchers conclude that the development of a federated architecture must consider technical security concerns within the context of legal risk management issues. As such, a holistic approach to the investigation of information security is required that incorporates the disciplines of information technology and law.