I am not a privacy professional. But, I am a digital privacy nerd. So, I headed to the International Association of Privacy Professionals Australia and Aotearoa New Zealand Summit, with the knowledge that even though I wasn’t quite their target audience, I was excited to see what I could learn.
The summit was filled with talks on everything from privacy reform to biometrics and AI (which as many speakers joked, seems to be a topic you can’t avoid in 2023). Emcee Dan Ilic kept the sessions moving with jokes about data breaches and privacy issues, such as a ‘press release’ from Medibank Public and my personal favourite joke about asking privacy professionals to accept the cookies when they were offered for afternoon tea.
The Summit opened with a keynote conversation between the Australian Information and Privacy Commissioner Angelene Falk and member of the IAPP Board Anna Gamvros. The Commissioner described how privacy reform was “answering a call of the community”, particularly when 47% of the respondents to the latest Australian Community Attitudes to Privacy Survey had reported that they had been informed that their personal information was included in a data breach in the twelve months prior. Commissioner Falk encouraged the audience to not wait for reform to be legislated, instead to embrace privacy by design.
My favourite session was a panel titled “Critical Thinkers, Missing Voices”, featuring Dr Kate Bower, Samantha Floreani and Kathryn Gledhill-Tucker, and moderated by Anna Johnston from Salinger Privacy. Dr Kate Bower, a fellow at the UTS Human Technology Institute and Consumer Data Advocate at CHOICE, began by explaining how consumer advocacy was connected with digital rights activism, as digital practices have the potential to be unfair, unsafe and to erode consumer rights. When asked about whether organisations should be worried about digital rights and consumer advocates working together, Samantha Floreani, a digital rights activist and Head of Policy at Digital Rights Watch, responded that “if they are doing the right thing, they shouldn’t be afraid of us.” Kathryn Gledhill-Tucker, a Nyungar technologist, digital rights activist and Vice-Chair of the Board of Electronic Frontiers Australia, described how organisations have been on a “data hoarding mission”, which now required systemic change to shift practices.
The panellists spoke about multiple different areas where these privacy issues have arisen. Floreani spoke about the digital rights of renters within the “immensely data intensive” world of real estate. Floreani explained RentTech intervenes in every stage of the process, often providing a way to escape regulation through digital intermediaries. In this way, both data and housing are areas of significant power imbalances, as they have become commodified for the accumulation of wealth. Gledhill-Tucker echoed the importance of considering privacy through the lens of privacy, speaking about how it is not always a question of technical literacy. Dr Bower spoke about a medical practice that had been requiring patients to sign up for a loyalty program in order to access bulk-billing and the invasive practices of fertility tracking apps.
Gledhill-Tucker and Floreani both spoke about the benefits of data minimisation. When asked about how companies should deal with these concerns when developing new programs, Gledhill-Tucker said that “if your app is going to need data that impacts human rights, then it’s not a good app and you shouldn’t be making it.” The vast commercial collection practices of companies have further flow on impacts due to their intertwining with government, who can buy access to this data instead of collecting it themselves, explained Floreani. All panellists emphasised the importance of thinking about the real people impacted when considering data collection and management.
After attending a number of other sessions, I felt that the label “missing voices” became increasingly accurate, as I frequently found myself wondering if we’d all skipped over the question of whether we should even be using a technology in the first place, in favour of discussing how to improve its use.
With multiple sessions running in almost every time slot, I wandered into a presentation sponsored by a certain organisation known for their almost ubiquitous search engine, curious about whether I was about to hear a sales pitch. One presenter joked that since she didn’t like Justin Bieber merchandise, she was glad that there was “personalised advertising”. To be honest, this baffled me, because — whilst I would prefer ads for Taylor Swift merch — I would actually prefer ads about Justin Bieber to an information economy that is based on collecting and using my data for profit. It wasn’t until a panel discussion in the final part of the session that someone dared to utter the words “targeted advertising.”
Between interesting speakers, wide-ranging topics and jokes about accepting the cookies, the 2023 IAPP ANZ Summit was a thought-provoking and interesting experience. I can now confirm that privacy nerds do have fun.