The internet

Australians most vulnerable to virtual stalkers

Australians are among the world's heaviest internet users but also the most exposed to being tracked online by companies after personal information, a report warns.

The Age,

22 January, 2013

The report by the Centre For Internet Safety, associated with the University of Canberra, calls for greater privacy protection for Australians through laws to give them a choice in what personal data is collected online and what it can be used for.

Internet companies such as Facebook, Apple and Google provide free services but make billions of dollars each year by selling users' information to other companies, including custom advertisers.

Centre director Alastair MacGibbon, a former cybercrime expert with the Australian Federal Police and eBay, said everybody who used the internet was being tracked by a vast number of companies, unless they went out of their way to avoid it.

Mr MacGibbon said that anything we typed into the internet was collected, indexed and collated without our knowledge, and then stored forever on servers overseas.

Simply deleting an online account like Facebook does not mean that the information is removed.

The trend means that a company like Google can predict flu outbreaks faster than hospitals because of people in a particular area searching symptoms online, he said.

''Government's would kill for the type of data that Google, Apple and Facebook have on us, but those sort of companies are unregulated. In fact, they are worse than that: they are offshore and usually thumb their nose at authorities,'' Mr MacGibbon said.

''If the average consumer knew how much of that information was stolen on a daily basis from companies and governments they'd probably be more reticent to give it away for free.''

In Europe, new laws mean that European websites must ask before they store information about people and also explain how the data will be used.

Mr MacGibbon said laws in other countries also required companies to tell people when information about them was lost, but not here.

''A big Australian firm doesn't have to tell me as a customer when it loses my data to a hacker, or a rogue employee or someone who leaves a laptop on a train with information on it.''

The report, Taming the Cookie Monster, How Companies Track us Online, calls for greater powers for the Office of the Information Commissioner to seize digital evidence, self-start investigations and penalise companies for privacy breaches.

It says Australians should be able to ask for a copy of data recorded about them that is being used for personalised advertising.

In October, federal Attorney-General Nicola Roxon released a discussion paper on the possibility of a mandatory notification scheme for unauthorised disclosure or breach of personal information.

The paper seeks comment on whether organisations should be required to report breaches, what kind of breaches should have to be reported, who should be notified, and what penalties should apply for failure to comply.

Ms Roxon is also considering a controversial plan to require all Australian telcos and internet service providers to retain information about Australians for up to two years, the most significant expansion of national security powers since the Howard-era reforms of the early 2000s.

Time magazine said recently that ''technology is replacing banking and finance as the industry most likely to worry government and the public''.