A Charles Sturt University (CSU) lecturer says the recent hacking of the Sony Play Station Network should serve as a warning to all online service providers to do more to protect consumer privacy.

 

In a major privacy breach, hackers accessed personal information of more than 75 million users of the online game and movie network.

 

Senior lecturer in computing with the CSU School of Computing and Mathematics in Wagga Wagga, Dr Tanveer Zia, said the incident has shaken the confidence of many people who use online services.

 

“Every day there are million of users making online transactions, using internet banking and supplying their personal information to dozens of vendors,” he said, “ If a service provider such as Sony, which defines itself as cutting-edge technology provider, has been exposed to such a mass online security breach, how about the rest of the vendors?”

 

Dr Zia said to re-build consumer confidence the online service providers should consider offering insurance to users to protect them from any financial consequences. 

 

“Insurance will help people understand that online systems are not 100 per cent secure and there is a risk of breach,” he said. “It will also make sure the providers use data responsibly on their online systems and are prepared to compensate consumers for any financial loss.”

 

Sony has announced increased security measures but the company has been widely criticised for taking nearly a week to notify consumers their personal information may have been compromised.

 

Dr Zia said the Privacy Act in Australia protects consumers’ information by regulating how personal information is collected, used and disclosed.

 

“Sony claims it has no evidence personal financial information was compromised and therefore it didn’t violate any laws by not notifying users sooner,” he said. “This is arguable and the legal consequences should be assessed.”

 

Significant reforms to the Privacy Act are currently being considered by the federal government including increased powers for the Privacy Commissioner to impose penalties.

 

The Australian Law Reform Commission has also recommended that organisations should be required to notify individuals where there’s a risk of serious harm occurring as a result of a data breach. 

 

Dr Zia said there are measures people can take to protect themselves while using online services.

 

“Ideally you should avoid supplying credit card details to any online business which stores this sensitive information, even in an encrypted form on their server,” he said.

 

Dr Zia said pre-paid cards are a good option but if you have to provide financial details, use only one credit card with low limit and monitor the statement closely.