The privacy commissioner has found Kmart broke the Privacy Act with its use of facial recognition technology, ordering the retail giant not to repeat the practice.
Crazy how when a huge company breaks a law and wrongs thousands of people, the “punishment” is being asked not to do it again. Can I get that punishment next time I commit a crime? Rob a bank and…oh well, just don’t do it a second time buddy!
Now wait. Let me really be fair here. There is an actual difference. Robbing a bank is known to be illegal, whereas the way in which Kmart broke the law was arguably not known to be illegal. I’m not being facetious here, this is an actual important difference.
But…let’s say then that I did something like that. I break some law unknowingly, or by mistake. Will I then merely be asked not to do it again? I doubt it…and so the point stands.
I spent a few years as a trainer and one of the induction training sessions I took every new starter through was the Australian Privacy Principals. Every single new starter regardless of their role in the business went through these.
I struggle to believe that anyone a management level in any medium-to-large organisation dealing with customers is not fully aware of these principals.
The data collected about you needs to be necessary for the business to provide services to you. You have the right to not provide any information if it isn’t required to provide their primary service. You have a right at any time to all the information a business has on you. These have all been breached. Potentially other principals.
Crazy how when a huge company breaks a law and wrongs thousands of people, the “punishment” is being asked not to do it again. Can I get that punishment next time I commit a crime? Rob a bank and…oh well, just don’t do it a second time buddy!
Now wait. Let me really be fair here. There is an actual difference. Robbing a bank is known to be illegal, whereas the way in which Kmart broke the law was arguably not known to be illegal. I’m not being facetious here, this is an actual important difference.
But…let’s say then that I did something like that. I break some law unknowingly, or by mistake. Will I then merely be asked not to do it again? I doubt it…and so the point stands.
I spent a few years as a trainer and one of the induction training sessions I took every new starter through was the Australian Privacy Principals. Every single new starter regardless of their role in the business went through these.
I struggle to believe that anyone a management level in any medium-to-large organisation dealing with customers is not fully aware of these principals.
The data collected about you needs to be necessary for the business to provide services to you. You have the right to not provide any information if it isn’t required to provide their primary service. You have a right at any time to all the information a business has on you. These have all been breached. Potentially other principals.
The double standard with the whole “it’s just business” shit is so appalling