Abstract
This report assesses the state of data access in the communications sector, with a specific focus on data-intensive products and services. Recognising that consumers are becoming increasingly concerned about their personal data, we decided to ask a simple question: can we access our data? The research team tried to access data from social media platforms (Facebook, Instagram, Twitter),online companies (Google), telecommunications companies (Optus, Vodafone, Telstra) and fitness wearables (Fitbit, Apple Watch).We found that access processes were convoluted and diverse and there was no clear standard across each product [i.e. wearables] and/or service category [i.e. telecommunications providers].While we could get access to some sort of data, the provision of data was not comprehensive in many cases and the data that was provided came in a variety of formats. Australia is about to introduce a Consumer Data Right (CDR), which aims to simplify and standardise the process of accessing and transferring data. Our findings have shown that such a reform is needed. We recommend the introduction of the Consumer Data Right. Our other central recommendation is that Australia needs an equivalent to the General Data Protection Right (GDPR). The European Union has introduced a foundational reform that provides citizens with a range of rights, including a right to be forgotten and a right to access data. While the CDR is an important reform, it is narrowly targeted. It introduces a new definition of consumer data that is broader than the existing definition of ‘personal information’ in the Privacy Act 1988. It also introduces additional legislative obligations. However, these new definitions and obligations only relate to data access and transfer. As a result, Australians will only have a very limited set of rights in relation to their data. Moreover, a range of other government bodies are conducting reviews of privacy related issues or proposing privacy reforms, alongside the CDR process. This has resulted in a series of overlapping reform agendas. We recommend that the Australian Government should wait until these reports are complete rather than engaging in patchwork reform. The CDR should form part of a broader suite of rights that update Australian privacy law for a data-driven economy. The rollout of the right has been delayed until February 2020. Subsequently, we have offered a series of more specific recommendations relating to the CDR and Australia’s broader data policy framework in Chapter 8. The consultation process has finished and the Bill is likely to be introduced as it stands. However, we hope that this analysis can inform the ongoing improvement of the right into the future.
Original language | English |
---|---|
Place of Publication | Sydney, N.S.W. |
Publisher | Australian Communications Consumer Action Network |
Number of pages | 42 |
ISBN (Print) | 9781921974571 |
Publication status | Published - 2019 |
Keywords
- Australia
- access control
- consumer protection
- data protection
- law and legislation
- privacy, right of
- telecommunication