I’m a private citizen—aren’t I?

We share pictures of our kids and pets online, offer up our credit card details to shopping websites and have intimate ‘conversations’ with friends and relatives via text or messaging apps.

Most of us add to our deepening digital footprint in some way, every day. So we shouldn’t be surprised when our details are compromised and our privacy is breached – or should we?

We might not be surprised, but we should be concerned. When our personal information falls into the wrong hands, we can suffer financial or reputational damage or even physical harm, that can take months or years to remedy.

We all have a right to our privacy, and the increasing use of technology to manage our daily tasks and interactions, and the democratisation of data, should not affect the control we have over access to our personal details.

What are my rights to privacy?

In Australia, the Privacy Act 1988 regulates how personal information is handled by government agencies, businesses, the not-for-profit sector, credit reporting industry and health service providers. It enables you to know why your information is being collected, how it will be used, and who it will be disclosed to.

From February 2018, new Mandatory Data Breach Notification laws will see Australian businesses fined up to $1.8 million if they fail to report data beaches where there is unauthorised access, disclosure or loss of personal information, that is likely to result in ‘serious harm to individuals’.

Should I be worried?

Identity crime, including identity theft and fraud, is the fastest growing crime in Australia, costing up to $3 billion per annum. Every year the personal information of 1.7 million Australians is misused or stolen. Cybercrime is a massively profitable black-market industry, with criminals utilising increasingly sophisticated technology and techniques to scam unwitting consumers.

The Office of the Australian Information Commissioner’s 2017 Survey into Community Attitudes to Privacy found that people believe online services are their biggest privacy risk (32% of respondents), while 19% believe identity fraud and theft are the No. 1 risk, and 17% cite data breaches. The list of companies that have been a victim of hackers or poor security is long, and includes Uber, Equifax, Heathrow Airport, Citigroup, eBay, Facebook, Hilton Hotels and Sony Pictures, compromising the records of millions of people. Yahoo, with three billion user accounts, was the victim of the biggest data breach in history in 2013-2014.

McAfee’s recent study of 6400 people, New Security Priorities in an Increasingly Connected World, found that globally, 43% of people feel they lack control over their personal information and 33% are unsure how they can control how companies collect their personal information.

What can I do?

Choice magazine recommends doing a ‘privacy audit’ – checking your privacy settings (what are you sharing, and with whom, on Facebook and Twitter?), reviewing the online services you use, using a password manager to securely store passwords so that can avoid using the same password for everything, reviewing your footprint on Google MyActivity, using Virtual Private Networks (VPNs) to help shield web browsing, identity and location, and investigating messaging apps that have excellent security.

Top privacy tips include: never share phone numbers, addresses or personal email details on forums or open sites; avoid free public Wi-Fi particularly for internet banking or shopping; run up-to-date security software; subscribe to free newsletters using a free webmail account rather than your personal one; regularly delete information from your browser (such as browsing history and cookies); and never open emails from suspicious or unknown senders.

While you don’t have control over the ability of hackers to infiltrate company databases of which you are a member, you should make an effort to only deal with companies online that have clearly articulated their privacy policy and measures they take to keep your details secure.

Cited – helping avoid identity crime

Cited is an online platform that helps organisations verify the identity and credentials of the people they need to trust – their employees and contractors – and provides individuals with a way to prove themselves. Cited offers a wide range of Checks, including National Police Checks, Visa Checks and Checks on qualifications and licences, as well as providing streamlined online storage of workforce compliance information.

Cited is very clear about operating within the Australian Privacy Principles (Privacy Act 1988 (Cth) and its commitment to complying with all applicable laws regarding the collection, use, disclosure and storage of personal information.

Cited is hosted in Australia in secure, accredited facilities, and has in place many physical, technical and administrative safeguards to help protect people’s and organisations’ privacy.

For a full overview of Cited’s privacy policy, go to Privacy – Cited.