Having policies and procedures in place for the correct handling of personal data is only one part of solving the privacy puzzle.
With technology such as tablets and laptops a key part of the lives of Australians aged eight to 80 years, it would be easy to assume that our mission at Australia and New Zealand Recycling Platform (ANZRP) – collecting and recycling e-waste – is now easier than ever before. After all, with so many people regularly upgrading their technology, all we need to do is get the technology and recycle it, right? Well, that’s how things are supposed to work. But reality plays out a little differently. Recent ANZRP research into Australian attitudes to e-waste recycling found that 38% are afraid to drop off their e-waste for recycling due to concerns about a lack of better understanding of the privacy puzzle, especially over their personal data.
That translates to a lot of unwanted technology gathering dust in a cupboard instead of being properly handled and recycled by a service like ANZRP’s TechCollect program.
To get some clarity on how we can change things, ANZRP brought together some of Australia’s leading minds on cyber security to discuss how to get more Australians, including businesses, to actively recycle their technology, and to debate where the responsibility lies for ensuring data security – companies who collect data, consumers who provide that data or a combination of the two?
Where does the responsibility lie – company or consumer?
Head of Digital Law at EY, Mr Alec Christie, was in no doubt that companies have a legal obligation to do the right thing when collecting personal data.
“The privacy law is quite clear. There are already wonderful reasons to have information security, but the Privacy Act and the Australian Privacy Principles are very clear in that there is a requirement to secure the personal information that you collect and use,” said Christie.
Having policies and procedures in place for the correct handling of personal data is only one part of the story. According to Sydney-based Advisory practice owner, Mr Rob Livingstone, finding the sweet spot is the tricky part.
“From my point of view businesses generally need and want to do something, to do the right thing, protect customer information and the intellectual property. But how best to go about it is really the challenge.”
Mr Keran McKenzie, API Evangelist & Developer Relations at MYOB, maintains that there are many tools out there that can help consumers appropriately remove personal data but consumers may be overwhelmed with choice.
“Software exists to help remove data. These solutions often work by writing junk data over and over the disk sectors where original data had been stored. Many of these tools are free; however, a quick Google search for Data removal tools will show how confusing it can be for consumers to select the right solution,” said McKenzie.
Calling on the consumer to contribute
While the panelists were united that businesses have a key role to play in safeguarding personal data, ANZRP CEO Ms Carmel Dollisson feels there is a pressing need to persuade consumers that they can take a more active role in actively managing their personal data.
“The more we get the message out there that it is the consumer’s responsibility to delete their data, the more people will be comfortable doing so and the more product we will get at one of our collection points for responsible recycling,” Dollisson said.
For Dollisson, the next step is clear.
“We need to better educate the public so they can remove their information from the product and we can then recycle it. At the heart of our message there are two steps: they can check with the manufacturer, or search online for reputable data-wiping services or software.”
Inside Small Business