The former justice secretary, Jack Straw, has called for the Human Rights Act to be amended to include a new clause on breach of privacy.

Giving evidence at the Leveson inquiry today, Straw said that when the Human Rights Act was passed in 2008 parliament felt the privacy element was best left to the senior judiciary to interpret and apply, but that had now changed.

He told the inquiry: “There is a need now for parliament to amend the law so there is a tort of breach of privacy that applies to everybody.

“I think it is time for parliament to accept the job we passed to the judiciary.”

Read more on Journalism.co.uk

The Federal Aviation Administration has announced new procedures for government agencies that operate drones in the United States. The procedures will streamline the process through which government agencies, including local law enforcement, receive drone licenses. However, the FAA has so far failed to establish privacy safeguards for drone use. On February 24, 2012, EPIC, joined by over 100 organizations, experts, and members of the public, submitted a petition to the FAA requesting a public rulemaking on the privacy impact of drone use in US airspace. For more information, see EPIC: Unmanned Aerial Vehicles (UAVs) and Drones.

So the FAA has made it easier for the government to have spies in the skies but has yet to impose any significant privacy protections? That’s not good. Not good at all.

The London Borough of Barnet has been issued with a penalty of £70,000 for losing paper records containing highly sensitive and confidential information, including the names, addresses, dates of birth and details of the sexual activities of 15 vulnerable children or young people.

The loss occurred when a social worker took the paper records home to work on them out of hours. The social worker’s home was burgled in April last year, and a laptop bag, containing the records and an encrypted computer, was stolen.

The ICO’s investigation found that the council failed to take appropriate organisational measures against the accidental loss of personal data held on paper records. Although the council had an information security policy and some guidance for staff on handling sensitive papers, the measures failed to explain how the information should be kept secure.

Today’s penalty comes after the council signed an undertaking in June 2010 following an earlier incident, during which an unencrypted device containing personal data was stolen from an employee’s home. While the council later introduced a paper handling policy following the undertaking, this policy was not in place at the time of the second loss.

Simon Entwisle, the ICO’s Director of Operations, said:

“The potential for damage and distress in this case is obvious. It is therefore extremely disappointing the council had not put in place sufficient measures in time to avoid this second loss.

“While we are pleased that Barnet Council has now taken action to keep the personal data they use secure, it is vitally important that organisations have the correct guidance in place to keep sensitive paper records taken outside of the office safe. This includes storing papers containing sensitive information separately from laptops.”

View a copy of the monetary penalty

How much privacy Canadians can expect when they use work computers for personal use will be under a microscope when the Supreme Court begins hearing arguments this week in a case that could have wide implications for many employees.

[...]

The case before the Supreme Court of Canada involves a high school teacher in Sudbury, Ont. who was charged with possession of child pornography, after nude pictures of a student were found on his work-issued laptop.

Read more on CTV.ca

Principals want the power to search students’ cellphones and laptops to combat cyber-bullying.

The call comes as part of a change in the way schools deal with the problem, with principals shifting away from restorative justice to suspending bullies.

Secondary Principals’ Association president Patrick Walsh said principals were being forced to take a heavier hand to ensure student safety, on the back of a backlash from parents, who say soft approaches don’t work.

The association is working with the Ministry of Education to give principals the power to confiscate phones, laptops and digital devices.

Read more on TVNZ.

Wait until they find communications between a teacher and a student. Then the fun should start as teachers jump into the fray….

A breach of privacy action brought by Nikki Pelley, the girlfriend of wife-killer Joe O’Reilly, against the Irish Sun newspaper has been settled, the High Court heard today.

Ms Pelley had sought an injunction, damages and declarations against the newspaper over the publication on March 19 and March 21, 2011, of private correspondence between her and Mr O’Reilly after he began serving a life sentence in 2007 for the murder of his wife Rachel in 2004.

Read more on The Independent.

It would be interesting to know whether the Irish Sun has removed all of the relevant articles from its site or other sites under its control, as initially sought by Ms Pelley.

The gist of the situation is that a programmer allegedly copied a database with the details of millions of Israelis. Over the years, that database was shared and integrated with at least 11 other databases, shared some more, and became so freely available that pretty much anyone could get a detailed database of over 9 million people. It’s not clear to me yet whether the databases that were integrated include any medical or mental health data.

But with so much data “out there” in the wild and with such comprehensive dossiers available to everyone, what harm, if any, has resulted?

With all the news coverage I’ve been reading this year on the breach, I’ve yet to see any clear statement that people have been harmed by what seems like a frightful privacy and data security breach.

Surely someone in Israel must have “something to hide” that got exposed by the breach, no?  How does knowing so much data on you is “out there” and available to your neighbors and co-workers affect you psychologically? Or doesn’t it?

Is it the case that privacy advocates like myself really are too worried about privacy protection? Or is it the case that the culture in Israel is such that the types of exposure we’d worry about here are not such big issues there?

The privacy community has a “natural experiment” in the Israeli breach.  We should take  the opportunity to try to understand the impact of what happens when almost an entire country has their details available to everyone else.

Data protection long has been a legal responsibility for lawyers. The American Bar Association now is proposing to make clear that the protection of a client’s data is an ethical responsibility of the lawyer as well.

The Commission on Ethics 20/20 of the American Bar Association released its Report to the House of Delegates recommending several modifications to the ABA Model Rules of Professional Conduct regarding lawyers’ use of technology and protection of client confidences. The proposals will be considered at the ABA’s 2012 Annual Meeting, and several of these proposed modifications incorporate established concepts from existing data protection and breach notification laws.

Read more on Hogan Lovells Chronicle of Data Protection.

The Indian government’s plan to issue all of its 1.2 billion citizens with biometric ID cards is gathering pace, with the IT firm that built and supports the software to enrol citizens revealing that it is completing 14 million enrolments a month.

In 2010, tier-two Indian supplier MindTree won the contract to create and support the software used to enrol citizens, which includes the use of biometrics.

Read more on ComputerWeekly.com.

A class of Hulu subscribers who claim the website discloses what they watch to third parties without their consent argued that their action should continue in San Jose’s federal court.

In their amended class action complaint, six Hulu subscribers said the video site “repurposed” its browser cache so a marketing analyst service called KISSmetrics could store their private data.

The class also claims Hulu shared their private viewing choices with Facebook, Google Analytics, and other online market research and ad companies.

Read more on Courthouse News.