31 May 2013

IP Bar Raising

The Intellectual Property Laws Amendment Bill 2013 (Cth) introduced into Parliament this week amends the Patents Act 1990 (Cth), Trade Marks Act 1995 (Cth), Designs Act 2003 (Cth) and Plant Breeder's Rights Act 1994 (Cth), statutes through several schedules.

In summary it deals with
  • Crown use of patents - Provisions for the Crown use of patents have been clarified to "increase certainty and accountability". 
  • TRIPS Protocol - "Implementation of the TRIPS protocol should assist developing countries facing serious health problems". 
  • Plant breeder's rights - The Federal Circuit Court will have jurisdiction regarding PBR litigation. 
  • Trans-Tasman Single Economic Market - Provisions allowing for a single patent attorney regime and single patent application and examination process. 
  • Technical amendments - Minor corrections to the Patents Act 1990 (Cth), to ensure that the 'Raising the Bar Act' operates as intended.
Schedule 1 concerns Crown use, described as
an important, but rarely used, safeguard that allows governments to access patented inventions without the consent of the owner. It is necessary for a government to have the power to be able to make use of patented inventions to serve the interests of the community. Similarly, a patent holder should not be able to indefinitely frustrate the needs of the community, for example, by denying access to an important health technology. 
Amendment of the Patents Act will clarify the scope of Crown use and its operation, adopting recommendations of the Productivity Commission inquiry report into compulsory licensing of patents, particularly in the context of health care. The inquiry reflected concerns regarding gene patents, eg that "such patents do not lead to Australians being denied reasonable access to essential healthcare technologies".

Schedule 1  makes it clear that Crown use can be exercised when an Australian state or territory government has the primary responsibility for providing or funding the provision of a service.
 This allows governments to authorise private service providers to use an invention in areas where governments have primary responsibility, such as health. It strengthens governments' capacity to use this safeguard to address unreasonable patent holder conduct. If the government deems it necessary and appropriate to intervene to address unreasonable patent holder conduct that could result in patients being denied reasonable access to health care, it would be willing to invoke these refined Crown use provisions. 
The bill also introduces a number of measures to improve transparency and accountability in the exercise of Crown use. It will require government agencies to attempt to negotiate with the patent owner before invoking Crown use, will address current ambiguity around which bodies are considered to be the Crown for the purposes of the provisions, will require the government to give patent owners the reasons for any decision to invoke Crown use, and will introduce a benchmark to reassure patent owners that they will receive a fair price for the use of a patent.

Schedules 2 and 3 deal with the TRIPS Protocol interim waiver and TRIPS Protocol to "enable Australian laboratories to manufacture generic versions of patented medicines under specific conditions and export these medicines to address health crises in developing countries".  Manufacturers of generic pharmaceuticals will be able to apply to the Federal Court for a compulsory licence to make and export a patented pharmaceutical product. The Federal Court will have the power to grant compulsory licences, set conditions of use and amend the quantity of medicines required in the event that a health problem intensifies. Patent holders will receive adequate compensation to ensure that they are not disadvantaged by the arrangements.

Schedule 4 deals with the  Plant Breeder's Rights Act 1994 (Cth),  extend the jurisdiction of the Federal Circuit Court, formerly known as the Federal Magistrates Court, to include plant breeders' rights. At present, civil proceedings under the Plant Breeder's Rights Act may only be commenced in the Federal Court and are appealable to the High Court.

Schedule 5 allows for a single trans-Tasman patent attorney regime and single patent application and examination processes for Australia and New Zealand as part of the trans-Tasman Single Economic Market agenda highlighted here.
Under the single examination model, patent applications for the same invention will be examined by a single examiner in either country. The regime will take account of the separate national laws and will lead to two separate patents for Australia and New Zealand. A single patent application process will remove duplication, drive efficiencies and reduce costs, making it easier for businesses to protect their intellectual property in both countries. ... The bill will also facilitate a single trans-Tasman regulatory framework for patent attorneys across Australia and New Zealand. The Australian government has worked closely with New Zealand to establish a new framework that will include a single trans-Tasman register of patent attorneys, common qualifications for registration, a single Trans-Tasman IP Attorneys Board and a single Trans-Tasman IP Attorneys Disciplinary Tribunal.   
Schedule 6 (Part 1) makes minor administrative changes to the Patents, Trade Marks and the Designs Acts to repeal unnecessary document retention provisions on the basis that retention and disposal of these documents is already governed by the Archives Act 1983 (Cth). The amendments "will reduce government expense in maintaining warehouse facilities for documents that are no longer required".

Schedule 6 (Part 2) makes technical amendments to the Patents Act to address minor oversights in the drafting of the Intellectual Property Laws Amendment (Raising the Bar) Act 2012 (Cth).

Twins

From Commissioner of the Australian Federal Police v Mulder [2013] NSWSC 621, featuring identity offences -
The applicant and his identical twin brother were born in 1949. They arrived in Australia in 1970. In 1977, the applicant was granted Australian citizenship, as was his brother in 1983. 
In 2003, the brother of the defendant left Australia and has not since returned. 
Between 2003 and 2011, it is alleged that the defendant assumed the identity of his twin brother, obtained various documents supportive of that identity, and carried out financial transactions in the name of his brother. 
On 2 February 2011, the defendant was arrested and charged with, in short, a number of offences related to obtaining and using a passport that had not been issued to him, and nine counts of receiving a designated service using a false customer name. 
On 4 February 2011, orders were obtained by the Commissioner restraining any dealings with money in two bank accounts, one with NAB and one with ANZ. An examination order was also obtained against the defendant on the same date. Those orders were obtained pursuant to ss 18 and 180 of the Proceeds of Crime Act 2002 (Cth) ("the Act"). 
On 28 March 2012, the defendant was convicted in the Local Court of five offences of receiving a designated service using a false customer name, along with a number of offences relating to passports. 
On 10 May 2012, the defendant was sentenced to imprisonment for 6 months. He lodged an appeal to the District Court of New South Wales. 
On 19 July 2012, the defendant was served with a notice by the Commissioner that the money in the restrained accounts would be automatically forfeited on 9 November 2012. That notice was served pursuant to s 92A of the Act. 
On 22 August 2012, the defendant was released from prison. 
On 10 September 2012, the defendant left Australia and travelled to China. 
On the same date, it is alleged that a person telephoned the ANZ bank, and represented himself to be the twin brother of the defendant. In fact, it is alleged, that person was the defendant. That allegation is founded, in short, on voice identification evidence from a police officer, combined with circumstantial evidence said to derive from a number of things said by the caller. 
On 19 October 2012, the defendant filed a motion seeking an extension of the period at the end of which the restraining order would automatically become a forfeiture order, and also exclusion from that forfeiture order. 
On 26 October 2012, Johnson J extended the period for which the restrained property would be forfeited to 9 April 2013. Subsequently, the period was further extended to 9 August 2013. 
On 4 January 2013, the applicant returned to Australia from China. He was arrested and charged with one count of giving false information to the ANZ Bank, founded on the phone call said to have occurred on 10 September 2012. That offence was brought pursuant to s 136 of the Anti-Money Laundering and Counter Terrorism Financing Act 2006 (Cth).

Oyston

The NSWCA in Oyston v St Patrick's College [2013] NSWCA 135 has affirmed the Supreme Court of New South Wales 2011 decision in Oyston, concluding that the NSWSC was correct to find that St Patrick's College breached its duty of care to Ms Oyston, who had suffered psychological harm attributable to bullying by other students. In the first instance Ms Oyston was awarded damages of $116,296.60, plus interest.

The Court of Appeal agreed with the NSWSC's conclusion that the college had failed to take reasonable steps to bring the harmful conduct to an end -
It is true, as the College submitted, that it was not required to ensure or guarantee that the appellant was not bullied. However, as her Honour recognised at [15] of her reasons, the College was obligated, in performing its duty of care towards the appellant, to take reasonable steps to ensure that the appellant was protected from bullying, including taking reasonable steps to ascertain the identity of the perpetrators and to take such action as was reasonable to prevent repetition by those persons of such conduct. That the College recognised that the scope of its duty of care so extended is to be found first, in its policies as set out at [18] above, and secondly, in Mrs Ibbett's statement to be read out by the roll-call teachers as recorded at [79] above. The latter, which occurred in June 2004, constituted plain evidence, coming shortly after the rumour incident, that Mrs Ibbett was well aware that bullying was a serious ongoing problem to eradicate which it was necessary to take active steps. 
Furthermore, the College was aware from February 2004 that the appellant was vulnerable in that she suffered from anxiety and panic attacks. Whether or not those attacks were brought on in whole or in part by bullying, it should have been clear to the College that the appellant was likely to be susceptible to psychological harm caused by such conduct. Indeed, as referred to at [148] above, Mrs Ibbett acknowledged that bullying, if unaddressed, could occasion a depressive condition in some people suffering from anxiety. The risk of psychological harm to the appellant was both foreseeable and not insignificant within the meaning of s 5B of the Civil Liability Act. The College was clearly required to take such active steps as were reasonable in order to prevent that risk from eventuating. Those steps were recorded in its own policies. 
In my view, the steps, such as they were, taken by Mrs Ibbett during 2004, did not provide a reasonable response to the not insignificant risk of harm to students such as the appellant if the bullying of them continued. In accordance with the College's own policies, it was insufficient merely to request teachers to keep an eye out for bullying; once a complaint of bullying was received, it required investigation and, if substantiated, action against the perpetrator. So far as the appellant was concerned, the evidence established that she was regularly bullied by JP and LM and to a lesser extent, AM. Reasonable steps should have been taken by Mrs Ibbett to carefully investigate the appellant's allegations and to act on them if she was satisfied that they were justified. 
In August 2004, LM was required to enter into a behaviour contract and was threatened with expulsion by the Principal if she reoffended. She did, but nothing was done about it. There could be no doubt, and Mrs Ibbett and Mrs Carroll-Fajarda accepted, that the failure to take action in accordance with the College's policies against known perpetrators would send the wrong message to others who might be considering similar behaviour. Steps ought to have been taken which would have brought home to perpetrators such as LM the unacceptability of their conduct. If that required the threat of expulsion to be carried out, so be it. The message which expulsion would have conveyed to other actual or potential bullies was that bullying would not be tolerated in any form, and that is exactly what the College's policy clearly stated. Empty threats were of no use. 
For the foregoing reasons, in my opinion, the primary judge was correct to find that the College was in breach of its duty of care to the appellant during 2004. Her conclusion at [249] of her reasons that the appellant was subject to ongoing bullying in 2004, that the College was aware that that was so, and that it failed to take reasonable steps to bring that conduct to an end, was amply justified by the evidence. 
It would be inappropriate at this point to comment upon whether the steps which ought to have been taken (short of expulsion) would have brought the bullying of the appellant to an end and, if so, when. Expulsion would obviously have brought to an end bullying by the individual student who was expelled, but what effect it would have had on that student's friends is another matter.

30 May 2013

Aust Data Breach Reporting

Hot on the heels of the Victorian Parliamentary Committee recommendation for a statutory tort regarding invasions of privacy the Australian Attorney-General has announced that new Commonwealth laws "will require businesses and government agencies to notify people when a data breach affecting their privacy occurs".

The Bill - the subject of an inept consultation exercise noted here - reflects recommendations over several years (just like the recommendation by the Victorian Law Reform Commission, NSW Law Reform Commission and Australian Law Reform Commission (eg here) regarding a privacy tort ... disregarded by the current national Government) and a discussion paper late last year [PDF].

The Attorney-General indicates that
With businesses and government agencies holding more information about Australians than ever before, it is essential that privacy is safeguarded. The new laws will alert consumers to breaches of their privacy, so that they can change passwords, improve security settings and make other changes as they see fit. ... Some data breaches have exposed the personal information of tens of thousands of Australians. The laws are good for consumers because they protect privacy, and are good for business because they will help create openness and trust.
Indeed, which is one reason why the Government's disregard is regrettable.

The Bill is a weak response to a substantive problem. The A-G's media release indicates that
The new laws will also require notification of data breaches to the Office of the Australian Information Commissioner. “To make sure that the new laws have teeth, the Information Commissioner will be able to direct agencies and business to notify individuals of data breaches,” Mr Dreyfus said.
The Attorney-General indicates that
The Government is serious about privacy and these new laws demonstrate our continuing commitment.
A weak and belated commitment, strongly expressed?

Neither the Attorney-General's media release nor that from the Office of the Australian Information Commissioner specifies the Bill. The Bill is the Privacy Amendment (Privacy Alerts) Bill 2013 (Cth), described in the Explanatory Memorandum as
This Bill amends the Privacy Act 1988 (the Privacy Act ) to introduce mandatory data breach notification provisions for agencies and organisations that are regulated by the Privacy Act (entities). The Bill will commence immediately after the amendments to the Privacy Act contained in the Privacy Amendment (Enhancing Privacy Protection) Act 2012 commence on 12 March 2014. ... 
This Bill implements the ALRC’s recommendation by requiring agencies and organisations regulated by the Privacy Act to provide notice to the Australian Information Commissioner ( the Commissioner ) and affected individuals of a serious data breach. The Bill contains general rules for the majority of entities regulated by the Privacy Act as well as analogous rules for credit reporting bodies and credit providers that are subject to specific regulation under Part IIIA, which deals with consumer credit reporting. The provisions in the Bill also apply to recipients of tax file number information. Each type of entity is subject to common requirements under the Privacy Act to protect the types of personal information it holds from misuse, interference and loss, and from unauthorised access, modification or disclosure. A data breach arises where there has been unauthorised access to, or disclosure of, personal information, or where personal information is lost in circumstances that could give rise to unauthorised loss or disclosure. A data breach is a serious data breach where there is a real risk of serious harm to the individual to whom the information relates as a result of the breach. This is the standard recommended by the ALRC and also incorporated in the current voluntary data breach guidelines issued by the Office of the Australian Information Commissioner. In addition, the Bill provides for regulations to specify particular situations that may also be serious data breaches even if they do not necessarily reach the threshold of a real risk of serious harm. For example, this could include the release of particularly sensitive information such as health records which may not cause serious harm in every circumstance but should be subject to the highest level of privacy protection. 
Serious harm, in this context, includes physical and psychological harm, as well as injury to feelings, humiliation, harm to reputation and financial or economic harm. The risk of harm must be real, that is, not remote, for it to give rise to a serious data breach. It is not intended that every data breach be subject to a notification requirement. It would not be appropriate for minor breaches to be notified because of the administrative burden that may place on entities, the risk of notification fatigue on the part of individuals, and the lack of utility where notification does not facilitate mitigation. 
In the event of a serious data breach, the regulated entity is required to provide notification to the Commissioner and affected individuals as soon as practicable after the entity believes on reasonable grounds that there has been a serious data breach.

Sexting and the Privacy Tort

The Victorian Parliament's Law Reform Committee has released the report of its inquiry into sexting.

The report features 14 recommendations to "protect people from the harms caused by non-consensual sexting" and recognises that "some sexting between young people should not be treated as child pornography".

The Committee was to report on -
(1) the incidence, prevalence and nature of sexting in Victoria; 
2) the extent and effectiveness of existing awareness and education about the social and legal effect and ramifications of sexting; 
3) the appropriateness and adequacy of existing laws, especially criminal offences and the application of the sex offenders register, that may apply to the practice of sexting, particularly with regard to the creation, possession and transmission of sexually suggestive or explicit messages and images in circumstances where a person: (a) creates, or consents to the creation of, the message or image for his or her own private use and/or the use of one or more other specific persons; or (b) creates, or consents to the creation of, the message or image and without their knowledge and/or their consent the message or image is disseminated more broadly than the person intended.
The Committee notes and endorses the Australian Victorian and NSW Law Reform Commission proposals for a tort of privacy (noted in posts in this blog). It comments that
The Committee notes that legislating to provide a cause of action for invasion of privacy is a significant task, and that it would comprise a fundamental change to the Australian legal landscape, with potentially far-reaching effects. Each of the law reform commissions have expended time and resources developing proposals for a privacy cause of action. 
While the Committee received limited evidence on broader issues surrounding the introduction of a privacy tort, it did receive evidence about how a privacy tort could assist to protect people who suffer an invasion of privacy from occurrences of sexting. Accordingly, the Committee has limited its consideration to a form of cause of action for invasion of privacy that would adequately protect those who are victims of a sexting-related breach of privacy. 
In this context, the Committee believes that the VLRC’s proposal for a cause of action for the offensive misuse of private information strikes an appropriate balance between protecting a person’s privacy, and not unnecessarily constraining freedom of speech. The relevant VLRC recommendations are listed in Appendix Four. The Committee supports the VLRC’s recommendations insofar as they relate to a cause of action for a serious invasion of privacy by misuse of private information. 
If implemented, the Committee believes that the VLRC’s proposal would provide an appropriate mechanism for a person to seek civil recourse where they have suffered embarrassment, humiliation or distress because someone else has distributed, or has threatened to distribute, an intimate image of that person. 
As this proposed cause of action is fairly limited, the Committee believes that it could be legislated without causing undue repercussions in terms of restricting freedom of speech or impinging unduly on personal freedoms. It could also be legislated immediately, leaving open the possibility of broadening the legislation at a later date to cover a wider range of conduct that could constitute a serious invasion of privacy. 
The VLRC recommended that injunctions should be a remedy available where a serious invasion of privacy is established. The VLRC indicated in the report that it was using the term ‘injunction’ broadly to refer to any order of a tribunal or court that compels specified conduct, and stated that this would include injunctions to prevent the initial or ongoing publication of material, and orders to direct a person to apologise for privacy-breaching conduct.  The Committee suggests that orders for the delivery up and destruction of material – a remedy that could be of some importance in sexting cases – should also be included within the ambit of injunction orders.
The Committee accordingly recommends that
That the Victorian Government consider introducing legislation to create a statutory cause of action for invasion of privacy by the misuse of private information, following recommendations 23, 25, 27, and 29 to 33 of the Victorian Law Reform Commission’s Surveillance in Public Places: Final Report 18 (2010).
It goes to comment that
A statutory cause of action for serious invasion of privacy will provide an important mechanism for people to prevent non-consensual sexting, and to send a strong message to the community that non-consensual sexting is not appropriate. However, civil action will not always provide the most effective means to prevent the distribution of intimate images, particularly for young people, who will generally have limited resources and be unable to pursue legal action. 
For example, if an intimate photograph of a person was published on a website without the person’s consent, it would be in that person’s interest to have a prompt and efficacious means of removing that material from the website before the images were distributed more widely (through copying and sharing). Ideally, such a mechanism should not be dependent on criminal or civil proceedings, which can be lengthy and, in the case of civil proceedings, expensive for the plaintiff. .... 
The Committee believes that there is a gap in existing administrative mechanisms for the resolution of complaints about offensive and harmful online content, and that this gap could be filled by a body empowered to hear and determine such complaints. The Communications Tribunal proposed by the NZLC, if created, would have the jurisdiction to deal with harmful communications matters beyond simply sexting-type images that have been posted to websites. In the Committee’s view, it is logical and appropriate that such a body would be empowered to deal with a range of harmful or offensive digital communications, not just those related to sexting. Accordingly, the question of creating such a body takes the Committee somewhat beyond this Inquiry’s Terms of Reference, as the establishment of such a body should take account of considerations about harmful digital communications more broadly. Nonetheless, the Committee recognises that there is merit to the NZLC’s proposal for a Communications Tribunal. In the Committee’s view, the Victorian Government should give serious consideration to creating a body with similar characteristics to that proposed by the NZLC .... 
The Victorian Government could consider creating a stand-alone tribunal to deal with harmful communications, or extend the functions of the VCAT. The VCAT’s stated purpose – to provide Victorians with a “low cost, accessible, efficient and independent tribunal ...” – is consistent with how a proposed body to deal with digital communications complaints should operate. In addition, the VCAT has a number of ‘lists’ which specialise in particular types of cases, such as a Civil Claims List, a Guardianship List, and a Legal Practice List. It would be consistent with the way that VCAT operates to add a specific, specialised “Digital Communications List” to VCAT’s functions. 
Recommendation 13: That the Victorian Government consider creating a Digital Communications Tribunal, either as a stand-alone body or as a ‘list’ within the Victorian Civil and Administrative Tribunal, to deal with complaints about harmful digital communications. Development of the Digital Communications Tribunal should be informed by the New Zealand Law Commission’s proposal for a Communications Tribunal.
 Finally, the Committee notes that it would be ideal for there to be a national body to deal with and resolve complaints about harmful digital communications, rather than state-based bodies. A national body would provide consistency across the country, make it easier to enforce orders across states and territories, and be likely to gain international recognition and respect from international companies more quickly and easily than a state-based tribunal. The power in the Australian Constitution to legislate with respect to “postal, telegraphic, telephonic, and other like services”would appear to allow the Federal Parliament to create such a tribunal. 
The Committee suggests that the Victorian Government need not necessarily wait for the Commonwealth Government to act in this regard, but could proceed to establish a state-based tribunal. Should the state-based tribunal operate successfully, it could provide a model for a national tribunal and would be a compelling precedent in favour of the creation of a national body. 
Whether or not the Victorian Government decides to create a state based tribunal, the Committee considers that it would be beneficial to advocate for a Federal Digital Communications Tribunal.
The specific recommendations are as follows -
R1: That the Victorian Government periodically commission research to examine qualitative and quantitative aspects of sexting practices by children and adults in Victoria.
R2: That the  Government, through the Department of Education & Early Childhood Development (DEECD), ensure all Victorian schools adopt holistic, integrated programs for internet and communications technologies awareness and safety into the school curriculum.
R3: That the  Government, through the DDEECD, continue to encourage current and pre-service teachers to take part in professional development programs focusing on cybersafety education.
R4: That the  Government ensure that educational and media campaigns directed toward sexting focus on the appropriateness of the behaviour of people who distribute intimate images or media without consent, rather than on the person who initially creates the intimate images or media.
R5: That Victoria Police review its policies to ensure that opportunities are provided for adults charged with offences in relation to sexting-type behaviour, where there is no evidence of exploitative behaviour, to be offered diversion by Police prosecutors.
R6: That the  Government introduce legislation to amend each of the child pornography offences in the Crimes Act 1958 (Vic) and the Classification (Publications, Films and Computer Games) (Enforcement) Act 1995 (Vic) to provide defences to the effect of the following: It is a defence to a prosecution for an offence against subsection (1) to prove that: (a) The film or photograph depicts only the accused person; or (b) That, at the time of making, taking or being given the film or photograph, the accused was not more than 2 years older than the minor was or appeared to be and (i) The film or photograph depicts the accused person engaged in lawful sexual activity; or (ii) The film or photograph depicts the accused person and another person or persons with whom the accused could engage in lawful sexual activity; or (iii) The film or photograph depicts a person with whom the accused could engage in lawful sexual activity, or more than one person, all of whom the accused could engage in lawful sexual activity with.
R7: That at such time as the Victorian Parliament introduces legislation to give effect to R6, the Victorian Government advocate to the Standing Council on Law and Justice that the Commonwealth, States and Territories amend their criminal legislation to provide defences to child pornography offences, consistent with the new Victorian defences. 
R8: That following the coming into operation of legislation from R6, Victoria Police and the Victorian Office of Public Prosecutions adopt an express policy that they will not prosecute Commonwealth child pornography offences where an accused person would have a valid defence to child pornography charges under Victorian legislation.
R9: That the  Government introduce a specific offence for sexting to the Summary Offences Act 1966 (Vic).
R10: That, if R6 and R9 are not accepted in full, the  Government introduce legislation to amend the Sex Offenders Registration Act 2004 (Vic) so that sentencing judges have discretion whether to order that an adult offender convicted of a sexting-related offence be listed on the Sex Offenders Register. .
R11: That, following the coming into operation of legislation from R6, the   Government establish a mechanism to review the registration of any person currently listed on the Sex Offenders Register, where that person would have had a defence under legislation introduced in accordance with R6. .
R12: That the  Government consider introducing legislation to create a statutory cause of action for invasion of privacy by the misuse of private information, following recommendations 23, 25, 27, and 29 to 33 of the Victorian Law Reform Commission’s Surveillance in Public Places: Final Report 18 (2010).
R13: That the  Government consider creating a Digital Communications Tribunal, either as a stand-alone body or as a ‘list’ within the Victorian Civil & Administrative Tribunal, to deal with complaints about harmful digital communications. Development of the Digital Communications Tribunal should be informed by the New Zealand Law Commission’s proposal for a Communications Tribunal.
R14: That the Government advocate that the Standing Council on Law & Justice consider issues surrounding the creation of a national Digital Communications Tribunal.

27 May 2013

Law Blogging

'Interconnectedness, Multiplexity and the Global Student: The Role of Blogging and Micro Blogging in Opening Students’ Horizons' by Kate Galloway, Kristoffer Greaves and Melissa Castan in (2012) 20 Journal of the Australasian Law Teachers Association 177-188 comments that
The concepts of interconnectedness and multiplexity resonate globally in contemporary higher education, legal practice, and in citizens’ social and economic experience, where engagement takes place daily over distances mediated by information and communications technology. meanwhile, literature regarding student transition identifies student engagement as a key to their retention – yet Australia’s universities are struggling to compete with our students’ employment and caring obligations. Is it possible for lecturers to retain an engaging presence with our students who are more likely than ever before to be distant from campus? How might we provide opportunity and experience to our students, beyond their own community and campus? Is it possible, or even desirable, for us to compete with texting, facebook and other social media used by our students within and without the physical classroom? In this paper, the authors explore the world of blogging and micro blogging (twitter) as a means of mediating engagement with students, lawyers, academics and other interested and interesting people around the world. Through the use of auto-ethnographic case studies of their own experiences with blogging and micro blogging tools, the authors propose that far from being a distraction from student learning, these tools have the potential to open up an international professional collaborative space beyond the physical classroom, for both academics and our students, from their first year experience through to practical legal training and continuing professional development.
They argue that
Our respective (and collective) experience on Twitter and blogging is borne out by the literature on social media in higher education. While there is some evidence that Facebook is regarded by students as a social space, differentiated from the learning environment, there is a growing body of literature supporting the use of Web 2.0 technologies generally in an educational context. Naturally, the considerations for using these tools as a teaching medium are similar to using other forms of ICT as a teaching medium. The medium is not the message, and it is only used to facilitate teaching and learning.
In the contemporary higher education context, the role of the academic as teacher has become more of a facilitator of student learning than the resident expert. While social engagement between student and academic via social media may not be attractive to students, the blurred boundaries between teacher and learner such as those we have observed, and the extended collegiate network available via Web 2.0 technologies including Twitter and blogging, do facilitate a less formal learning environment. This environment could be harnessed within the classroom, but in particular as we have observed it, most effectively as an adjunct to support student learning and connectedness.
Such an environment whether formal or informal, has been shown to foster collaboration skills in student cohorts – again, with multiple possible networks. Collaboration is recognised as a vital (indeed, threshold) skill for law graduates though it has sometimes been a challenge to incorporate and assess in the classroom, particularly in the law curriculum. The evidence concerning social media as a means of fostering collaboration suggests this tool might usefully be incorporated into the law curriculum to facilitate not just student engagement, but collaboration also.
Importantly however, use of these tools needs to start ‘at home’ and it is challenging indeed to consider how an academic could incorporate these tools into instructional design, or facilitate student use without themselves having experience in the media. The first step would be to set up a Twitter account. Relevantly, consider whether this will be a personal or professional account (or a combination). It is of course possible to have more than one account. Consider also the risks, and legal and professional ethics consequences of this form of engagement with students and others. One might flippantly say there is only one rule on social media, ‘Act Professionally’, however it is worth investigating in more detail what is reasonable and appropriate for your workplace.
Becoming globally connected through Twitter to: exchange, discuss, or collaborate on ideas takes only a little effort and time. Through Twitter it is possible to connect to other students, teachers, researchers and academics with a range of experience and expertise living and working in a variety of circumstances. For example:
  •  Investigate the use of Twitter hash tags and lists and think about how these can be used as teaching and learning or research tools, investigating what established users are doing with these tools. 
  • Consider using a unique hash tag for your class group, for example #adminlaw101, and instruct students to include the hash tag in their Tweets around the class topic. 
  • Some academics use Twitter as a way of making announcements, or posting leads to current developments relevant to the class topic (in addition to, or in support of the online learning management system).
If embedding Twitter into subject design, existing literature concerning the use of computer-mediated discussions in teaching may assist. This includes the instruction (and the ground rules) involving Twitter. In particular, see substantial literature around the community of inquiry framework approach to online discussions.
Most learning management systems incorporate a blog that can be used in subject design to promote student learning, however based on our own experience, blogging independently of the formal curriculum has proved an excellent way to understand how this medium can be incorporated into instructional design. Our own blogging demonstrates to students how this form of expression can be undertaken.
There are however many scholarly legal blogs available to showcase almost every legal topic to students as a means of connecting students with a wider world of discipline knowledge and evidence of applied legal thinking. As with Twitter, such blogs can be linked via the learning management system and students can follow these as they see fit, contributing to students developing their own personal learning environment.

26 May 2013

Online Sharing

ACMA - Australia's national telecommunications regulator - has released another one of its rather self-congratulatory reports on privacy as part of its Cybersmart program, this time regarding young people. It is a shame that there was not more partnering with the Office of the Information Commissioner (i.e. the national government's privacy watchdog, but in practice ACMA and the OAIC are competitors.)

ACMA states that
In 2011–12, the Australian Communications and Media Authority (the ACMA) went into the field to survey children’s and young people’s attitudes towards the internet and social media. We looked particularly at their attitudes and behaviours around online risk and risk management, and explored the role of other people—mums and dads, brothers and sisters, and friends—in helping children and young people navigate their online lives.
This is the first in a series of related short reports to be published during 2013. The full report, Like, post, share—Young Australians experience of social media  — to be published later this year — sets out the findings from the qualitative and quantitative phases of the research. This evidence-based approach underpins Cybersmart program development, ensuring that the ACMA’s Cybersmart resources are relevant and tailored to address real concerns.
ACMA's report from the field - having dodged the pythons, tarantulas, crocodiles and other nasties in the telecommunications jungle - includes the following findings -
Australian children and young people are avid users of the internet and of social networking services (SNS). While access via a computer still predominates, increasingly children and young people are accessing the net on their mobile phones.
Popular SNS activities included playing games, posting comments on someone else’s posts or photos and—of course—posting their own updates. This activity is ‘out in the open’ and visible—at least to their friends and followers. However, another very popular activity we identified was private messaging. In the last four weeks, 28% of eight to nine-year-olds and 31% of 10 to 11-year-olds had sent private messages. In the older age groups, the rate climbed to 68% of 12 to 13-year-olds, 82% of 14 to 15-year-olds and 89% of 16 to 17-year-olds. The capacity for communications to be online, and yet under the radar, is something parents, teachers and policy-makers need to remain aware of.
A positive finding is that the majority of teen SNS users have set their profile to private.
However, the likelihood of children and young people posting personal information on social networks increased with age—from 28% of eight to nine-year-old SNS users to a significant 77% of 14 to 15-year-old users and 79% of 16 to 17-year-old users.
Eight to 11-year-olds were more likely to post their full name (16%) than they were to post other personal information. However, they were also more likely to post an age that wasn’t their real age (10%) than other information.
This has the same effect as posting under a pseudonym—it helps to mask true identity. However, it also signals the capacity for younger children to register for social networking services intended for those aged 13 years and older.
Older children (12 and older) and teenagers mainly posted photos of themselves (57–68%) and the name of their school (28–43%), followed by their full name (27–34%) and birth date (12–24%). A proportion (19–22%) also posted ‘ages that weren’t their real age’.
Relatively few of those surveyed posted their home address or mobile number—the age group most likely to post this information were the 14 to 15-year-old age group (11%). ....
Older teenagers were more likely than younger teenagers to report managing their privacy on social network services—51% of 12 to 13-year-olds had completed at least one of the identified actions, increasing to 68% of 14 to 15-year-olds and 67% of 16 to 17-year-olds. ...
ACMA concludes
On the whole, it seems that many Australian children and young people are aware of the need to stay safe and secure online. They acknowledge the importance of protecting their online privacy, and are actively taking steps to stay in control of the personal information they make public. However, the research indicates that while many are putting practical measures into place—setting their profiles to private, sharing passwords predominantly with parents rather than with others—children and young people from eight to 17 are sharing personal information and looking for new friends on the internet, and adding people they have never met face-to-face. While some of this may be inadvertent (for example, through unfamiliarity with the location-based capabilities of their smartphones or the actions of their friends) a significant proportion is self-initiated.
The answer? Unsurprisingly
The onus is on programs such as Cybersmart, working in partnership with families, schools, industry and other stakeholders, to ensure that children are given the information, skills and tools they need to be safe and secure digital citizens.

Deanonymisation

'Identifying Participants in the Personal Genome Project by Name' [PDF], a Harvard University Data Privacy Lab project white paper by Latanya Sweeney, Akua Abu and Julia Winn offers a sobering but - for this author - unsurprising - report on deanonymisation of data on the Personal Genome Project.

Sweeney, Abu and Winn state that
We linked names and contact information to publicly available profiles in the Personal Genome Project. These profiles contain medical and genomic information, including details about medications, procedures and diseases, and demographic information, such as date of birth, gender, and postal code. By linking demographics to public records such as voter lists, and mining for names hidden in attached documents, we correctly identified 84 to 97 percent of the profiles for which we provided names. Our ability to learn their names is based on their demographics, not their DNA, thereby revisiting an old vulnerability that could be easily thwarted with minimal loss of research value. So, we propose technical remedies for people to learn about their demographics to make better decisions.
They explain that
The freedom to decide with whom to share one’s own medical and genomic information seems critical to protecting personal privacy in today's datarich networked society. Individuals are often in the best position to make decisions about sharing extensive amounts of personal information for many worthy purposes like research. A person can weigh harms and benefits as relevant to her own life. In comparison, decisions by policy makers and committees do not usually allow fine-grained personal distinctions, but instead dictate sweeping actions that apply the same to everyone. But how good are the decisions individuals will make? A person may have far less expertise than vetted committee members or veteran policy makers. And potential harms and vulnerabilities may be hidden; if so, an individual may not be able to make good decisions.
For example, sharing information about sexual abuse, abortions, or depression medication may be liberating for one person yet harmful for another. Further, if the information is shared without the explicit appearance of name or address, a person may be more likely to share the information publicly because of a false belief she is anonymous. It is important to help people make good data sharing decisions. If people share data widely and thousands of people get subsequently harmed doing so, policy makers may respond and take away the freedom to make personal data sharing decisions, thereby depriving society of individual choice. To make smarter decisions, people need an understanding of actual risks and ways technology can help. xxxx
The authors comment that
Launched in 2006, the Personal Genome Project (PGP) aims to sequence the genotypic and phenotypic information of 100,000 informed volunteers and display it publicly online in an extensive public database [1]. Information provided in the PGP includes DNA information, behavioral traits, medial conditions, physical characteristics, and environmental factors. A general argument for the disclosure of such information is its utility. The PGP founders believe this information will aid researchers in establishing correlations between certain traits and conducting research in personalized medicine. They also foresee its use as a tool for individuals to learn about their own genetic risk profiles for disease, uncover ancestral data, and examine biological characteristics [2]. According to the project’s principal founder, Harvard geneticist George Church, the only real utility of this type of information is as data reflecting physical and genomic characteristics [3]. Along with Steven Pinker and Esther Dyson, he volunteered his information publicly as one of the first ten participants in the project. Currently, 2,593 individuals disclose their information publicly at the PGP website.
The PGP operates under a privacy protocol it terms “open consent”[4]. Individual volunteers freely choose to disclose as much personal data as they want, often including identifying demographic data, such as date of birth, gender, and postal code (ZIP). Online, the profiles appear in a “de-identified state,” being void of the direct appearance of the participant’s name or address. The result provides volunteers with seeming anonymity and a participant is assigned an identification number as the reference to his profile. Participants may upload information directly from external DNA sequencing service (e.g., from 23andMe), but these services often provide documents having additional personal information including the participant name. PGP participants are required to sign a range of consent forms and pass an entrance exam.
The consent form does not in any way guarantee participants a degree of privacy. To the contrary, the form explicitly states that participation may even reveal other non-disclosed information about the participant:
“If you have previously made available or intend to make available genetic or other medical or trait information in a confidential setting, for example in another research study, the data that you provide to the PGP may be used, on its own or in combination with your previously shared data, to identify you as a participant in otherwise private and/or confidential research. This means that any data or other information you may have shared pursuant to a promise of confidentiality or privacy may become public despite your intent that they be kept private and confidential. This could result in certain adverse effects for you, including ones not considered or anticipated by this consent form”.
Risks mentioned by the form include public disclosure and identification and the use of personal genomic information for non-medical purposes including cloning provided cell lines. It is emphasized that all risk lies with the individual. Once a participant uploads information to his online profile, the PGP offers almost no means to amend or modify information. Participants basically display all the contents of the profile or none at all unless they know how to edit files directly. Some of these files use complicated and unusual formats (e.g., a continuity of care report that holds the participant’s personal health record).