A reporter attended AusCERT and then wrote a story about a privacy presentation based on a stunt. The details of the stunt are not very interesting. In brief, photos set to private on Facebook were found exposed on publicly accessible systems, which is like saying cheese was made from milk today. What is actually interesting is that the reporter who wrote the report was then arrested by authorities.
I can’t help but wonder what made the police so interested in this case. The journalist was said to have received a copy of the presentation materials.
…arrested by Queensland Police yesterday and threatened with charges relating to the receipt of “tainted material”.
Tainted material? That piqued my curiosity.
A little digging around uncovered a 2002 reference called “Protection of privacy under the general law following ABC v Lenah Game Meats Pty Ltd” at the Australasian Legal Information Institute.
The facts in Lenah raised a novel issue under Australian law: namely, the extent to which a media organisation can be restrained from publishing material obtained as a result of a trespass, in circumstances in which the organisation is not itself implicated in the trespass.
Yes, indeed, a novel idea ten years ago. So what’s the answer?
Lenah argued in the case that reporters who receive information, which had been removed by a 3rd party without authorisation, should have to treat it as confidential.
…upon analogy with the action for breach of confidence, it was claimed that information obtained as a result of a trespass should be treated as equivalent to confidential information, meaning that it is possible to restrain disclosure by a third party that knows the information has been acquired unlawfully
That seems basically the same as the reported situation at AusCERT and apparently in 2002 the court did not agree with Lenah’s argument:
…the equitable doctrine of ‘unconscionability’ was not an independent equitable basis for awarding an injunction
I’m not a lawyer but I’m pretty sure that says there has to be another trigger mechanism to compell police to jump into action and prevent the disclosure of information. This sentence makes it more clear:
Drawing on the US tort of unreasonable intrusion into seclusion, Gleeson CJ proposed that information or conduct should be regarded as private if disclosure ‘would be highly offensive to a reasonable person of ordinary sensibilities’
Australian common law thus seems to only protect privacy as incidental to other protection from defamation and other recognised forms of harm.
The journalist at AusCERT would not be compelled to treat the information as confidential even if he knew that it had been obtained without authorisation. He would be at risk of violating privacy only if disclosure of the information could cause harm. So was that the assumption of the police? Was that a tip they received — there was taint?
Unfortunately, no, according to a statement they made later. Their rationale was far less eloquent or compelling and perhaps not even in accord with the law:
Receiving a photograph obtained from a Facebook account without the user’s permission is the same as receiving a stolen TV, Queensland Police have said after the arrest of a Fairfax journalist.
The head of the Queensland police fraud squad, Brian Hay, admitted this morning that police were “still cutting our teeth” in the rapidly evolving online environment and named cyber crime as the biggest law-enforcement challenge.
If they are going to arrest everyone that has photographs taken from Facebook without user permission, and treat them as stolen goods…well, I can see how they might find cyber crime challenging if that’s their position.
Good luck to them on investigating all those “stolen TVs” on the Australian Brocial Network. That must be taking a lot of their time lately, I mean arresting all the Bros.