Skip navigation

OPINION: Why our private & personal data needs legislative protection

February 25, 2022

A big challenge facing Australians today is the intersection of ‘big data’ and ‘big tech’, where much of your personal information is held and traded by private companies like a commodity.

Why am I, Wilson Tucker, the so-called 'Mr Daylight Saving', talking about issues of data privacy and security?

The answer is simple. Before I was 'Mr Daylight Saving', I was 'Mr Tech'.

For four years, I worked for tech giants in the Silicon Valley of the US Pacific Northwest. And before that, for local industry here in Perth.

I saw things that both impressed me in their ability to connect people and transform lives, but also scared me in their ability to jeopardise your personal information.

A good and recent example of the latter is the ServiceWA app.

The Government has billed ServiceWA as a one-stop-shop to check-in with venues, show proof of vaccination and access G2G passes for interstate travel. However, the app has two key problems:

First, the app is clunky as Hell. It requires you to navigate between three different apps and services – MyGov, MyGovID and Medicare – just to create an account.

And even once you’ve done that, you can’t import your proof of vaccination certificate – arguably the main feature of the app – using an older iPhone or some web browsers.

Second and even more concerning, the terms and conditions of the app are very ambiguous as to how your personal information will be used and by whom.

The terms state, “your information is made available to the WA Government… and the WA Government can use it for COVID-19… and limited other purposes.”

This begs the question: what does the Government mean by, “limited other purposes”? And what can that potentially include?

Don’t get me wrong, I’m all for ‘e-government’ and the digitalisation of services. But if that’s the Government’s goal, we should have a discussion about how much of our data we are willing to share and with which agencies.

Many of my former colleagues in the tech industry are promoting ‘Web 3.0’ as a solution to issues of data privacy and security: where your data is held on decentralised servers using blockchain technology.

However, Web 3.0 is still many years away from full application, and even then, it won't stop companies from figuring out new ways to obtain and use your data.

That is why the most appropriate response to issues of data privacy and security is an institutional response. i.e., one where the Parliament lays down the law.

Enter GDPR laws.

The European Union hit the nail on the head when in 2016 they introduced the General Data Protection Regulation (“GDPR”).

Under the GDPR, you have a right to request a copy of your personal data, ask for rectification if it’s inaccurate, and to ask that it be deleted.

The legislation completely flips the script from corporations being able to do what they want with your data, to you being the owner and custodian of said data.

While some people may say that if you have nothing to hide, you have nothing to fear, in the 21st century, your data acts as a form of digital currency, and you should decide if it’s traded and at what price.

Tech can be a powerful force for good in humanity, but only if we mould it to suit our interests, and not those of corporations and state actors.

This task may be too late for my generation, but it doesn't have to be for the next one. The key is enacting good legislation and preventing harm before it’s too late.

Wilson Tucker MLC is the Leader of Daylight Saving WA and the Member for Mining and Pastoral Region in the Parliament of Western Australia.