There is an old story, back from the days of fax
machines, that someone wanted to send a letter securely by fax, so they put the letter in an envelope, and put the envelope through the fax machine.
Ok, the story probably isn’t true. But is has so many lessons for us. Firstly, that the basic tenets of privacy and security were the same for parchments a thousand years ago, for letters, for faxes in the 1980s, for emails, and for whatever is coming next.
A millennium ago, messages were sent on rolls of
parchment with wax seals – and the messengers
were selected for their talent of being illiterate.
Today we store information and send messages in
ways that we hope will tell us if anyone has seen the
message, and we hope they are conveyed by
systems that people cannot determine what is in the message.
Nearly every business or organisation in Australia is
likely to have information regarding customers,
research participants, students – or even staff. That
information must be handled in a way that is
compliant with a suite of privacy laws and principles
and kept secure. Mess that up, and the proprietor
or management can be in serious trouble. The
challenge is that privacy and information security
rules are embedded in several different legal acts
and there can be regulations in other countries that
affect your business or organisation in unexpected
ways.