Search

Privacy Law and Policy Reporter

Search AustLII

Search Options
×
Close
  • Specific Year
    Any

Greenleaf, Graham --- "Commissioner misleads by avoiding hard questions on PKI" [2001] PrivLawPRpr 47; (2001) 8(5) Privacy Law and Policy Reporter 101

[1] Federal Privacy Commissioner (Australia) Privacy Issues in the Use of Public Key Infrastructure for Individuals and Possible Guidelines for Handling Privacy Issues in the Use of PKI for Individuals by Commonwealth agencies June 2001 (submissions closed 27 July 2001).

[2] This paper was originally a submission to the Commissioner in July 2001.

[3] See Privacy Act 1988 (Cth) Pt III Div 1 — Interferences with privacy, particularly s 13 (regarding IPPs) and s 13A (regarding NPPs). Section 13F states ‘[a]n act or practice that is not covered by s 13 or s 13A is not an interference with the privacy of an individual’.

[4] The Commissioner may be cautious (or, as I have called it, ‘robust’) in that he may choose to issue Guidelines recommending ‘best practices’ in order to avoid any doubt whether a Guideline is sufficient to comply with a NPP. This is one way of looking at his ‘robust’ NPP Guidelines.

[5] Draft PKI Privacy Guidelines, Preface ‘Possible privacy guidelines’.

[6] Draft PKI Privacy Guidelines, Chapter 2.

[7] Draft Guidelines 3 — ‘consistent with IPP 1’.

[8] Since the original version of this paper was submitted to the Commissioner in July 2001, the Commissioner’s Guidelines to the NPPs have gone from being a draft to a final version (September 2001), but the Guidelines are still simply stated to be ‘issued under s27(1)(e)’ with no further indication of what is meant.

[9] See Greenleaf G (2001) 8(1) PLPR 1.

[10] Draft PKI Privacy Guidelines, Chapter 2, Introduction.

[11] Clarke R ‘Conventional public key infrastructure: an artefact ill-fitted to the needs of the information society’ (2000) Euro Conf in Inf Syst (ECIS 2001) Bled Slovenia 27-29 June 2001, available at <www.anu.edu.au/people/Roger.Clarke/II/PKIMisFit.html>. Greenleaf G ‘Gatekeeper leaves the door ajar on privacy’ (1998) 5(1) PLPR. Greenleaf G and Clarke R ‘Privacy implications of digital signatures’ (1997) IBC Conference on digital signatures, Sydney March 1997, available at <www.anu.edu.au/people/Roger.Clarke/DV/DigSig.html>. These papers are not included in the Commissioner’s list of secondary sources (Draft PKI Privacy Guidelines, Appendix 9), and nor is anything else critical of PKI.

[12] Graham Greenleaf in 1998-99, Roger Clarke in 1999-2000, and Tim Dixon since 2001.

[13] Draft PKI Privacy Guidelines, Preface ‘Possible privacy guidelines’.

[14] Meeting between Privacy Commissioner and Privacy Advocates, May 2001.

[15] Draft PKI Privacy Guidelines, Preface ‘Possible Privacy Guidelines’.

[16] See <www.govonline.gov.au/projects/publickey/abn%2Ddsc%2Dangus.htm>.

Print

Download

No downloadable files available

Cited By

Join the discussion