Thursday, April 29, 2021

Senate committee wants further protections inserted into Australia's data-sharing scheme

The Senate committee probing Australia's pending data-sharing laws has asked for further protections to be inserted before legislation is passed.

The Data Availability and Transparency Bill 2020 establishes a new data sharing scheme which will serve as a "pathway and regulatory framework" for sharing public sector data for three permitted purposes, subject to new safeguards and enforcement mechanisms.

The three purposes are: Improving government service delivery, informing government policy and programs, and research and development. However, the Bill also precludes data sharing for certain enforcement related purposes, such as law enforcement investigations and operations.

The Bill also does not authorise data sharing for purposes that relate to or could jeopardise national security, including the prevention or commission of terrorism and espionage.

Before data is shared, the data custodian must be content the recipient fulfils the requirements of accepting that data.

In a report [PDF] on the Bill, the Senate Finance and Public Administration Committee said it is of the view that a "proportionate and balanced data sharing scheme with appropriate privacy and security safeguards would help bring Australia into line with international best practice for data sharing in regard to government service delivery, policy and program development, and research purposes".

However, the committee is mindful that for a data sharing scheme to be successful and trusted by the community it must be underpinned by strong and effective safeguards and protections for privacy and security.

The committee made three recommendations to the government, with the first asking for assurances to be provided regarding appropriate ongoing oversight by security agencies of data sharing agreements and the potential security risks.

"The committee considers that it is imperative that national security concerns related to access to data have been fully considered and appropriately managed, particularly given the current concerns about cybersecurity and the covert influence of foreign actors in the university and research sector," the report says.

The second recommendation asks that any relevant findings of the Parliamentary Joint Committee on Intelligence and Security's current inquiry into national security risks affecting the Australian higher education and research sector are taken into account as part of the development of any additional data codes and guidance material, and that they inform continued engagement with the national security community.

The committee also asks that consideration is given to whether amendments could be made to the Bill, or further clarification added to the explanatory memorandum, to provide additional guidance regarding privacy protections, particularly in relation to the de-identifying of personal data that may be provided under the Bill's data-sharing scheme.

"The committee notes that the intention of the Bill is to provide a high-level, principles-based framework to facilitate the sharing of government data, and that in addition to the proposed legislative privacy protections in the Bill, many other potential privacy concerns would be addressed through further protections prescribed in regulation and guidance material, and in the exercise of appropriate judgement and controls by scheme users," it wrote.

"However, despite these layers of protection, it is evident that some stakeholders believe further privacy protections should be prescribed in legislation or specifically addressed in the EM to the Bill."

The Bill, as well as the Data Availability and Transparency (Consequential Amendments) Bill, were both introduced to Parliament in December, after two years of consultation.

Critics have labelled the data-sharing scheme as reflecting the ongoing erosion of Australian privacy law in favour of bureaucratic convenience.

MORE ON THE BILL

Commissioner content transparency measures are enough to deter data-sharing Act breaches

Australia's pending data-sharing Act will require Commonwealth entities to be satisfied with a proposal before sharing data and the reason for obtaining that data will need to be made public.

Critics label data-sharing Bill as 'eroding privacy in favour of bureaucratic convenience'

The Australian Privacy Foundation and the NSW Council for Civil Liberties are among those labelling the country's pending data-sharing Bill as a threat to basic fairness and civil liberties.

Privacy Commissioner wants more protections for individuals in Data Availability Bill

Additionally, the Australian Information Commissioner and Privacy Commissioner's office is concerned about the proposed exemption of scheme data from the Freedom of Information Act.



from Latest Topic for ZDNet in... https://ift.tt/3u4aZeK

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.