At its April Board meeting, the Electronic Frontiers Australia Board voted unanimously to support the implementation of mandatory data breach notification regulations.

Karen Higgins, EFA Board Member said, "It is outrageous that an organisation can have a million people's private details exposed due to slack security, and then does nothing about it. If my birthdate and credit card details get into the hands of hackers, I want to know about it, so I can take steps to protect myself, such as closing the credit card account. And then I will stop doing business with the company that couldn't be bothered to protect my data."

In 2008, the Australian Law Reform Commission proposed many changes to the Privacy Act, including mandatory data breach notification. The Prime Minister and Cabinet grouped mandatory data breach notification into the second set of Privacy Act changes to make, and no action date has yet been provided.

A number of major organisations have stated opposition to mandatory notification, asserting instead that voluntary data breach notification is sufficient.

A number of high-profile data breaches have taken place in recent months, affecting businesses including Telstra, First Super, ANZ Bank and the global Sony Playstation network, and Australian Privacy Commissioner Timothy Pilgrim has said that there is evidence to suggest that data breaches are on the rise. He said, “The Office of the Australian Information Commissioner (OAIC) was notified of 56 data breaches in the last financial year, equivalent to a data breach a week. This is up from 44 in the previous year, an increase of 27 per cent.” However, the Privacy Commissioner also noted that he opened a further 59 investigations into other breaches where he wasn’t notified of the incident (see the full release here).

The Office of the Australian Information Commissioner (OAIC) this week released updated guidelines designed to assist organisations dealing with a data breach as well as providing advice on preventative measures.

The Australian Information Commissioner, Professor John McMillan has also this week stated that there is "strong support for the notion that the Government must treat data breach notification as a mandatory process", and that "Internationally, the tide is moving in this direction" (as quoted in itNews).

EFA supports these calls for mandatory data breach notification regulations and calls on the government to take prompt action in this regard.

• Data retention: Got nothing to hide?
• AFP pushing for invasive data retention
• IPND Bill introduced
• What are your concerns about online privacy?
• EFA decries money wasted on Internet Filtering

EFA congratulates iiNet Limited on its historic victory in the High Court in the long-running Roadshow v iiNet case. The High Court has unanimously dismissed claims made by rights owners that an ISP should act to stop copyright infringements by users or be held liable as authorising those infringements.

This means that ISPs don’t have to act on automated notices from worldwide rights societies, or threaten their users with “three-strikes” escalations.

The Chief Justice French and Justices Crennan and Kiefel noted that international approaches to discourage peer-to-peer copyright infringements varied:

The difficulties of enforcement which such infringements pose for copyright owners have been addressed elsewhere, in constitutional settings different from our own, by specially targeted legislative schemes, some of which incorporate co-operative industry protocols, some of which require judicial involvement in the termination of internet accounts, and some of which provide for the sharing of enforcement costs between ISPs and copyright owners.

Following the case, rights owners were quick to demand the Government step in to change the law – presumably to penalise ISPs or introduce a “three-strikes” regime by law. The Government indicated it wanted the closed-door discussions between rights owners and the big ISPs to continue to find an industry-based solution.

EFA has been critical of these secret talks, as commercial interests cannot represent the views of end-users and not-for-profit groups. The High Court did not accept that end-users or ISPs should have to accept automated notices as evidence, but the Government would stand by while the big ISPs and the studios hatch that deal.

Experience overseas shows that the practice of studios prosecuting peer-to-peer use is full of evidential lapses, unjust consequences, grossly-inflated damages and the crushing expense of the legal process. Yet the litigation benefits no creators or artists, just a business model that won’t keep up with the times.

As iiNet CEO Michael Malone said after the trial – the studios can stop piracy by improving online distribution:

“Mr Malone said the film industry should increase the availability of “lawful, online content” in a “timely, affordable and reasonably priced manner” to protect owners’ copyright. Increasing the availability of licensed digital content is the best, most practical approach to meet consumer demand and protect copyright,”

EFA says it’s time to stop propping-up prohibitions against online distribution of worldwide media. The millions of Australians who resort to peer-to-peer file searching don’t want to break the law, they want to change the law.

The 20th Century business model of studio distribution of copyrighted media is broken. Much entertainment media is not for sale in Australia at any price, other outlets offered only in other countries or via a single distribution channel at inflated prices.

Australia pays double for a fraction of available media for no good reason. Creators and artists also deserve a world-wide platform for their work, unencumbered by studio cartels and complex cross-licencing arrangements.

EFA calls upon the Government to resist knee-jerk toughening of copyright laws, and instead take time to ask the public how the copyright laws should serve the public and creators in a digital, global market.

Kimberley Heitman,
Secretary, EFA

• iiTrial: Federal Court denies AFACT appeal
• Pirate bay operators found guilty. Where to from here?
• Sanity prevails: iiNet did not authorise its users' infringements
• A remarkable victory: NZ s 92A delayed
• Public Interest Groups Lodge Submissions In File Sharing Case

Electronic Frontiers Australia (EFA) believes today’s judgement by the full bench of the Federal Court in relation to the Optus TV Now service clearly demonstrates the need for a flexible right of fair use to be introduced to the Copyright Act.

The Optus TV Now service is a cloud-based offering available to Optus mobile subscribers that allows free-to-air TV broadcasts to be recorded for viewing later on a mobile or other device.

The judgement, in the case National Rugby League Investments Pty Limited v Singtel Optus Pty Ltd [2012] FCAFC 59, denies Optus’ use of the ‘domestic and private use’ defence under section 111 of the Copyright Act. This ruling is based on the Court’s interpretation that Optus, rather than the subscriber was the party making the recording.

EFA believes this judgement is a blow for consumers, as it restricts their range of choices in how they watch free-to-air TV. EFA also believes this judgement will have a chilling effect on investment in cloud-based services specifically and internet-based technological innovation more generally.

EFA believes that the Copyright Act should be amended to include a flexible right of fair use, to replace the narrowly-defined and piecemeal exceptions that result in legal uncertainty and ensure that the law constrains innovation and restricts consumer choice. A flexible right of fair use is the basis for copyright law in the United States and has helped to ensure its position at the forefront of technological and service innovation.

Australian consumers have for too long had to wait for the law to catch up with new technologies and services. Australian technology and service innovators have similarly found themselves having to move to more flexible jurisdictions to avoid the legal uncertainty of the current Australian copyright regime.

EFA therefore calls on the Attorney-General to broaden the scope of the Australian Law Reform Commission’s review of the operation of the Copyright Act in the digital environment, to include consideration of a broad, flexible right of fair use.

• iiTrial: Federal Court denies AFACT appeal
• Public Interest Groups Lodge Submissions In File Sharing Case
• Media Release - Hyperlinking appeal causes concern
• Joel Tenenbaum and the $25,000 songs
• EFA concerned about movie industry lawsuit against iiNet