Galexia
             home
       about us
        services
        projects
       research
          contact
» home » about » news  

Access client and partner extranets (you will need to supply your login id and password)

[Extranet]

Subscribe to Galexia news and announcements.
More information »

[Your Email]

Research and publications: Galexia publishes detailed private and public research on privacy, authentication and electronic commerce issues. We place a premium on current research and analysis as part of our general operations. Find out more »

  About Us - Galexia News

 

Galexia prepares submission on consumer fairness tests for ACCAN - 5 March 2010

Related Galexia services and solutions

On behalf of ACCAN, Galexia prepared a submission to the Expert Panel On Franchising And Unconscionable Conduct, established by the Government following a parliamentary inquiry into provisions of the Trade Practices Act 1974 that prohibit unconscionable conduct.

The submission proposes to reform Australia’s consumer laws by inserting a new fairness test into Section 52 of the Trade Practices Act (and all legislation that mirrors that test). This would result in Section 52 prohibiting ‘conduct that is unfair or misleading, or conduct that is likely to mislead or be unfair’.

Related links:

External links:

Galexia director Chris Connolly speaking at Asia-Pacific privacy seminar - 2 March 2010

Related Galexia services and solutions

Chris Connolly spoke at Privacy in the Asia-Pacific: 2010 Update A comprehensive survey of privacy and data protection in the region on 2 March 2010. The seminar was part of the Continuing Legal Education seminar series run by the Faculty of Law at the University of New South Wales.

Chris discussed the overlap between regional privacy developments and global privacy standards.

Related links:

External links:

Asia-Pacific privacy advocates and academics: Professor Lee Bygrave, Professor Paul Roth, Dr Sinta Dewi Rosadi, Associate Professor Fumio Shimpo, Professor Whon-il Park, Professor Dennis T.C. Tang, Professor Colin Bennett, Professor Abu Bakar Munir, Ms Katrine Evans, Mr Iwan Setiawan, Mr Nigel Waters, Assistant Professor Pirongrong Ramasoota, Mr Chris Connolly, Mr Claro Parlade, Mr Edward Santow, Professor Roger Clarke, Mr David Vaile, Ms Robin Bayley, Professor Graham Greenleaf.


Galexia prepares draft interoperability principles for ACCAN - 2 March 2010

Related Galexia services and solutions

Galexia is preparing a report on interoperability for the Australian Communications Consumer Action Network (ACCAN), including a set of draft interoperability principles. Interoperability, in many systems, can provide a number of benefits for consumers, including reduced cost, increased functionality, and increased competition.

ACCAN will present the report to COPOLCO, the Consumer Policy Committee of the International Standards Organisation (ISO).

Related links:

External links:

Galexia director Chris Connolly on the US Safe Harbor - 26 February 2010

Related Galexia services and solutions

Chris Connolly has been interviewed for the Privacy Laws and Business International newsletter, discussing the recent action taken by the US Federal Trade Commission against six organisations who falsely claimed membership of the US Safe Harbor.

Prior to the FTC action, Galexia published a report highlighting the problem of false membership claims and data accuracy of the Safe Harbor list. The report was published in Privacy Laws and Business International, and is available from Galexia’s website.

Related links:

External links:


Galexia report on public information on credit reporting - 16 February 2010

Related Galexia services and solutions

Galexia has prepared a report for Veda Advantage on consumer information about credit reporting. The report recommends key consumer education requirements in the lead-up to the reform of Australia’s credit reporting and privacy laws (expected in 2011).

Related links:

External links:


Galexia and Qubit Consulting conduct IDM upgrade for the University of Western Sydney - 25 January 2010

Related Galexia services and solutions

  • Identity Management and Authentication - Strategic Consulting. Read more »
  • Identity Management and Authentication - Technical Consulting. Read more »

Galexia and Qubit Consulting have implemented a major new identity management solution for the University of Western Sydney. Galexia assisted with the design, development and implementation of automated provisioning, password synchronisation and data cleansing for University staff and students.

Related links:


Galexia and CHOICE prepare submission to superannuation review - 18 December 2009

Related Galexia services and solutions

On behalf of CHOICE, Galexia prepared a submission to Phase 2 of the Super System Review (the Cooper Review). Phase 2 of the review deals with the operation and efficiency of Australia’s superannuation system.

The submission focuses on a small number of key areas where reform is most needed:

  • Increasing the amount and quality of comparative data available to consumers;
  • Removing the bias that results from sales commissions to advisers when recommending a superannuation fund to consumers;
  • Introducing measures to decrease excessive fees and charges, including a new ‘fee target’ of 1%; and
  • Introducing measures to reduce the number and impact of inactive and lost accounts.

Related links:

External links:


Galexia contributes to the Oxford Australian Law Dictionary - 17 December 2009

Related Galexia services and solutions

Galexia has contributed to the Australian Law Dictionary 2010, published by the Oxford University Press. The Australian Law Dictionary is a current and conceptually new dictionary of Australian legal terms designed as a practical and helpful resource for law students and practitioners. Galexia provided the definition of ‘privacy’ along with several related terms.

External links:


Legal Information Access Centre publishes Galexia’s Hot Topic on Cyberlaws - 1 December 2009

Related Galexia services and solutions

Galexia has prepared a ‘Hot Topic’ for the Legal Information Access Centre (LIAC). The Hot Topic is concerned with cyberlaws, covering key Australian and international laws, conventions, and guidelines as well as emerging trends and recent developments on:

  • Accessibility;
  • Domain Names;
  • Copyright;
  • Contracts;
  • Defamation;
  • Content Regulation;
  • Privacy and Spam;
  • Social Network Sites;
  • Consumer Protection; and
  • Cybercrime.

LIAC’s Hot Topics is a series of plain-language publications about key areas of law. Four issues are published each year, and are available by subscription or through public libraries in New South Wales. Older issues are available directly from the LIAC website.

External links:


Galexia prepares privacy analysis of Salesforce CRM - 17 November 2009

Related Galexia services and solutions

Galexia has prepared a Privacy Impact Assessment (PIA) of Salesforce Customer Relationship Management system (CRM). Salesforce CRM offers to simplify interactions between companies and their clients through its ´cloud services’, but such a system inevitably raises privacy concerns as client data is controlled by a third party.


Galexia and Qubit Consulting conduct IDM upgrade for the University of Sydney - 5 November 2009

Related Galexia services and solutions

  • Identity Management and Authentication - Strategic Consulting. Read more »
  • Identity Management and Authentication - Technical Consulting. Read more »

Galexia and Qubit Consulting have conducted a major upgrade of identity systems for the University of Sydney. Galexia assisted with the development and implementation of a security and provisioning solution for University staff and students.

Related links:


Galexia prepares working draft of Benchmarks for Global Privacy Standards - 3 November 2009

Related Galexia services and solutions

Galexia has prepared a working draft of proposed benchmarks for Global Privacy Standards. The proposed benchmarks are designed to provide a basis for assessing the numerous proposed global privacy standards which have recently emerged.

The release of the working draft comes as Civil Society representatives meet at The Public Voice: Global Privacy Standards for a Global World in Madrid to discuss international privacy developments, including global privacy standards, and the release of the Civil Society declaration Global Privacy Standards for a Global World.

Comments on the working draft are welcome, and can be sent to consult@galexia.com.

Related links:

External links:


Galexia publishes submission to the DBCDE Do Not Call Register Statutory Review - 20 October 2009

Related Galexia services and solutions

Related Galexia news

Galexia has published its submission to the Department of Broadband, Communications and the Digital Economy (DBCDE) review of the Do Not Call register and its associated legislation, the Do Not Call Register Act 2006 (Cth).

The submission raises particular concerns about the ways in which consumers might be taken to have expressed their consent to receive marketing calls, the current three-year registration period, the scope of exemptions in the Act, compliance, and the possibility of industry codes focusing on low-priority issues at the expense of the simplicity and effectiveness of the Register.

Galexia has previously conducted an analysis of the Australian Do Not Call Register and similar international systems, highlighting emerging best practices and the issues affecting the operation of these systems.

Related links:

External links:


Galexia completes PIA for Victorian Department of Innovation, Industry and Regional Development - 1 October 2009

Related Galexia services and solutions

Galexia recently completed a Privacy Impact Assessment (PIA) for the Victorian Department of Innovation, Industry and Regional Development concerning a proposed client data management system. The PIA raised issues of data security and transborder data flows, public perceptions and governance.

The project made use of Galexia’s Victorian PIA template, tailored to Victoria’s privacy law and the Privacy Impact Assessment Guidelines of the Victorian Privacy Commissioner.

Related links:


Galexia develops Victorian Privacy Impact Assessment template - 21 September 2009

Related Galexia services and solutions

Galexia has developed a Privacy Impact Assessment (PIA) template tailored to the privacy requirements under Victoria’s Information Privacy Act 2000 and the Victorian Privacy Commissioner’s Privacy Impact Assessment Guidelines. Our Victorian PIA template complements our Commonwealth and New South Wales PIA templates.

Galexia’s PIA templates are the result of our extensive experience in delivering PIAs and have been used in some of the largest and most complex PIAs in Australia. They ensure that our clients receive a PIA based on a well-tested and well-regarded methodology.

First US Prosecution for false web claim of Safe Harbor status - 11 September 2009

Related Galexia services and solutions

Related Galexia news

The California-based company Balls of Kryptonite has become the subject of the first complaint against a company for falsely claiming membership of the US Safe Harbor Principles.

The Safe Harbor Privacy Principles were developed to allow the export of personal information from the EU to the US, in the absence of any US laws meeting the EU ‘adequacy’ requirement of the EU Data Protection Directive 95/46/EC. The Safe Harbor is a voluntary arrangement; organisations wishing to receive personal information from the EU must self-certify to the Department of Commerce that they comply with the Principles. At present, no law expressly prohibits falsely claiming membership of the Safe Harbor; any prosecution must rely on more general prohibitions against, for instance, deceptive or misleading conduct.

A 2008 study by Galexia found over 200 organisations which claimed to have self-certified were in fact not members of the Safe Harbor.

Related links:

Related links:


Galexia publishes international analysis of Do Not Call Registers - 8 September 2009

Related Galexia services and solutions

Related Galexia news

Downloads

Do Not Call Registers have grown in popularity and are starting to deliver real privacy benefits for consumers. After some initial teething problems, they appear to be working well, with large numbers of registered consumers and numerous examples of enforcement action.

Chris Connolly and Amy Vierboom have published a comparison of the Do Not Call Registers of Australia, Canada, India, Spain, the United Kingdom and the United States. The article compares the functions and sizes of these Registers, and highlights emerging best practices and issues affecting their operation.

Browse online


ACCAN releases Galexia research on Customer Service Charters in the Australian Telecommunications Sector - 25 August 2009

Related Galexia services and solutions

The Australian Communications Consumer Action Network (ACCAN) has released the final report for a research project, conducted by Galexia, on Customer Service Charters in the Australian Telecommunications Sector.

Galexia prepared an analysis of customer service charters in the telecommunications industry, compared with consumer codes. The analysis covered best practice consumer protection in Australia and internationally.

A key finding from the ACCAN Customer Service Research Report is that consumer charters are not effective and the industry proposals used to solve their problems through customer charter is a dead-end.

Related links:

External links:


ACCAN releases Galexia research on Informed Consent in the Australian Telecommunications Sector - 21 August 2009

Related Galexia services and solutions

The Australian Communications Consumer Action Network (ACCAN) has released the final report for a research project, conducted by Galexia, on informed consent in the Australian telecommunications sector.

Laws and codes of conduct set out only limited and inconsistent requirements to obtain informed consent, and industry practice varies greatly in the amount of information provided to consumers about telecommunications products.

The report also finds that industry practice often fails to address the additional complexities in obtaining informed consent from specific consumer categories, including people with disabilities, indigenous consumers, young people, and culturally and linguistically diverse consumers.

Related links:

External links:


eCrime symposium - 4 August 2009

Related Galexia services and solutions

Galexia Director Chris Connolly took part in a panel discussion at the 2009 eCrime Symposium. Chris discussing the legal roles and ethical boundaries for organisations in combating electronic crime, and in particular the EU Cybercrime Convention.

External links:

Galexia complete facial recognition PIA for NSW Roads and Traffic Authority - 1 August 2009

Related Galexia services and solutions

Galexia has completed a privacy impact assessment for the proposed NSW Roads and Traffic Authority (RTA) facial recognition system.

Related links:

External links:

CHOICE submission on consumer code development processes - 2 June 2009

Related Galexia services and solutions

CHOICE has published its submission to the Australian Government’s review of the consumer-related industry codes development process. The submission calls for

  • An articulation of high-level code content principles in legislation;
  • Power for regulators to be able to initiate code development (rather than only the industry);
  • Requirements for the constitution of code development bodies (including a requirement for consumer representatives, and a mechanism for breaking deadlocks);
  • Code monitoring and enforcement requirements;
  • Code review requirements; and
  • External dispute resolution requirements.

In preparation for the submission, Galexia provided CHOICE with a survey of key consumer code approval processes in use in Australia - those of the Australian Competition and Consumer Commission (ACCC), the Australian Securities and Investments Commission (ASIC), the Office of the Privacy Commissioner, and the Australian Communications and Media Authority (ACMA).

Related links:

External links:

Galexia has published an article on Privacy White Lists - 2 June 2009

Related Galexia services and solutions

Published

  • Privacy Laws and Business International, issue 98, 2009, pages 9-12

Downloads

Privacy white lists are published by trustmark schemes to help identify which organisations have been certified as compliant members of their scheme. If an organisation is on the list a consumer may have an increased level of confidence that they will be covered by the rules of the trustmark scheme, including privacy protection and dispute resolution. Consumers can also use the white lists to check that the use of the trustmark is valid, as a significant proportion of trustmarks that appear on websites are often fake or expired.

There is a trend towards the global expansion of white-lists and there is a proposal to develop an APEC white-list of organisations that comply with the APEC Privacy Framework Cross Border Privacy Rules.

This article summarises a Galexia study of white lists published by trustmark schemes. (Surprisingly, not all trustmark schemes publish white lists). The study only examined white lists where the trustmark operators claim that organisations on the lists have passed strict verification of privacy protection standards. Also, the study only examined white lists that have some form of Government backing, oversight or approval. Only six white lists are published that meet all of these criteria, and the Galexia study excluded one white list (ESRB) because it was limited to one very specific type of product (computer games).

The study found that privacy white lists contained an alarming proportion of inaccurate and out of date information. Depending on the trustmark scheme administering the white-list, between 22% and 73% of information is inaccurate or out of date.

This article was published in Privacy Laws and Business International, issue 98, April 2009.

Browse online:


Government to expand the Do Not Call Register - 29 May 2009

Related Galexia services and solutions

In its 2009-2010 budget, the Federal Government allocated AU$4.7 million over four years to the expansion of the Do Not Call Register. The expansion will allow small businesses and emergency services to register, thus prohibiting telemarketing and fax marketing companies form contacting them.

The Department of Broadband, Communications and the Digital Economy (DBCDE) released a discussion paper and called for submissions on the possible expansion in 2008. Galexia’s submission is available via the link below.

Related links:

External links:

ACCAN and customer service charters in the telecommunications sector - 27 May 2009

Related Galexia services and solutions

Galexia is preparing a report on Customer Service Charters and Consumer Codes in the Telecommunications Sector for the Australian Communications Consumer Action Network (ACCAN), a government-sponsored peak consumer representative organisation.

The report has been completed and will be launched by the Minister for Broadband, Communications and the Digital Economy in the near future.

Related links:

ACCAN and informed consent in the telecommunications sector - 26 May 2009

Related Galexia services and solutions

Galexia is preparing a report on Informed Consent in the Telecommunications Sector for the Australian Communications Consumer Action Network (ACCAN), a government-sponsored peak consumer representative organisation.

The report examines ‘informed consent’ in Australian law, particular measures used to inform consumers, and special issues of informed consent for consumers from culturally and linguistically diverse groups.

The report has been completed and will be launched by the Minister for Broadband, Communications and the Digital Economy in the near future.

Related links:

Galexia has relocated on Jones Bay Wharf - 25 May 2009

Galexia’s main office has relocated - we are still at Jones Bay Wharf in Pyrmont, Sydney, but have moved from the eastern to the western side of the wharf. Our new contact details are:

Suite 98, Jones Bay Wharf,
26-32 Pirrama Road,
Pyrmont (Sydney) NSW 2009,
Australia

Telephone: +61 (02) 9660 1111
Facsimile: +61 (02) 9660 7611
Email: consult@galexia.com

Information on coming to our office is available at http://www.galexia.com/public/contact/.

Government releases draft National Consumer Credit Reform Package - 28 April 2009

Related Galexia services and solutions

The Australian Commonwealth government has released a package of draft legislation for National Consumer Credit Reform, aimed at strengthening and consolidating Australia’s consumer credit laws.

Specific reforms include:

  • Registration and licensing of credit organisations (including the introduction of an Australian Credit License);
  • Responsible lending practices;
  • Sanctions and remedies (to be administered by the Australian Securities and Investments Commission); and
  • Reforms of dispute resolution and court mechanisms.

Galexia has worked closely with both industry and consumer groups on credit and consumer issues:

External links:

Galexia news available via RSS - 24 April 2009

Galexia news is now available as an RSS feed. To subscribe, click on the RSS logo subscribe to news feed or copy the address http://www.galexia.com/public/news.xml into your RSS reader.

Galexia news covers key developments in privacy, electronic commerce, and identity and authentication management in Australia and the Asia-Pacific region, along with news about Galexia’s work.

RSS feeds allow you to track news and updates on websites without having to visit the website in your browser. There are several ways to follow RSS feeds:

  • Web browsers: current browsers like Internet Explorer (7+), Firefox (2+), Opera (9+) and Safari (2+) include built-in feed readers. Follow the link to the feed to view the news stories or subscribe.
  • Websites: there are online tools for aggregating feeds into a single page, useful if you use multiple computers. Popular sites include Bloglines, NewsGator, Google Reader, Netvibes and MyYahoo.
  • Feed reader software: You can install stand-alone programs to run from your desktop to read feeds. A typical Windows program is Feed Demon. There are many others listed at Wikipedia's RSS Reader entry.
  • Email software: Email clients like Microsoft Outlook 2007 and Mozilla Thunderbird include feed reader features.

Look for the subscribe to news feed RSS feed logo.

Australia to adopt the UN Convention on the use of Electronic Communications in International Contracts - 23 April 2009

Related Galexia services and solutions

Ministers at the Standing Committee of Attorneys-General meeting in April 2009 have agreed that the electronic commerce laws of Australia’s states and territories should be amended to allow Australia to adopt the United Nations Convention on the use of Electronic Communications in International Contracts.

The Convention sets out principles for the legal recognition of electronic communications, the nature of offer and acceptance in electronic contracts, the time and place of dispatch and receipt of electronic communications, the use of automated systems in contract formation, and errors in electronic communications.

As at April 2009, 18 countries have signed the Convention.

Galexia has written and worked extensively on electronic contracting issues in Australia and internationally, most notably assisting the ASEAN Member Countries in harmonising their electronic commerce laws and preparing an analysis of regional harmonisation of electronic commerce laws for the UN Conference on Trade and Development (UNCTAD).

Related links - Galexia’s publications on the Conventions and Australia’s electronic contracting laws:

Related links - Galexia’s work on electronic contracting and e-commerce:

External links:

Department of Broadband, Communications and the Digital Economy (DBCDE) releases issues paper on consumer codes in telecommunications - 31 March 2009

Related Galexia services and solutions

The Department of Broadband, Communications and the Digital Economy (DBCDE) has released an issues paper on the processes involved in developing self-regulatory consumer codes in the telecommunications sector. The issues paper makes a number of references to Galexia and CHOICE’s joint paper Consumer Protection in the Communications Industry: Moving to best practice.

The release follows a number of government initiatives aimed at reforming the industry:

On 31 March 2009, Senator Stephen Conroy, Minister for Broadband, Communications and the Digital Economy, announced that the Australian Government would undertake a review of the processes associated with developing consumer-related industry codes, as specified under Part 6 of the Telecommunications Act 1997.

DBCDE has invited the public to make submissions on the issues paper by 15 May 2009.

Related links:

External links:

Australasian Retail Credit Association Credit Reporting Code - March 2009

Related Galexia services and solutions

Galexia has been commissioned by the Australasian Retail Credit Association to conduct a review of the Credit Reporting Code of Conduct. Galexia’s role is to develop aspects of the code and advise on important issues that the code creates in the field of credit reporting.

The Australasian Retail Credit Association brings together many senior credit executives from different credit agencies, to explore relevant issues and bring reform to the existing complex credit reporting laws in Australia.

Related links:

External links:

ASEAN, Australia, New Zealand sign free trade agreement - February 2009

Related Galexia services and solutions

On 27 February 2009 the Association of Southeast Asian Nations, Australia, and New Zealand signed the Agreement Establishing the Association of Southeast Asian Nations (ASEAN)-Australia-New Zealand Free Trade Area (AANZFTA).

Chapter 10 of the AANZFTA is designed to promote electronic commerce activities between the parties to the Agreement, and includes provisions calling for the enablement of electronic authentication and digital signatures, online consumer protection, online data protection, and paperless trade, as well as increased cooperation on e-commerce research and training between the parties.

Galexia has previously assisted the ASEAN Member Countries in harmonising their e-commerce legislation. At the completion of the Harmonisation of E-Commerce Legal Infrastructure in ASEAN Project, eight of the ten ASEAN Member Countries had enacted e-commerce legislation, while draft laws had been introduced in the remaining two.

Related links:

External links:

First Technical Assistance Seminar on the Implementation of the APEC Data Privacy Pathfinder - February 2009

Related Galexia services and solutions

Galexia Director Chris Connolly was invited to speak at the First Technical Assistance Seminar on the Implementation of the APEC Data Privacy Pathfinder, held in Singapore on the 22nd and 23rd of February 2009. The meeting brought together a host of international delegates to further develop an understanding of how to effectively implement the APEC Data Privacy Pathfinder.

The seminar, entitled ‘Making it work - cross-border privacy in practice’ looked at a range of issues surrounding the Cross-Border Privacy Rules System. The different sessions focused on the EU’s perspective of Cross-Border Privacy, the ability of trustmarks to offer consumer protection, governance issues and practical questions of implementing cross-border privacy.

Chris presented a paper on trustmarks, and participated in a panel addressing matters that relate to trustmarks.

Survey on consumer protection laws in Asia-Pacific - February 2009

Related Galexia services and solutions

Galexia has partnered with a project steering committee of consumer organisation representatives from around the Asia-Pacific region to undertake a survey of consumer protection and competition laws. The survey will provide consumer organisations with a basic understanding of existing laws in the region and enable them to promote better outcomes for consumers.

The countries surveyed are Australia, Fiji, India, Korea, the Philippines, Thailand and Vietnam. Consumers International, the body overseeing the project, will complete a report based on Galexia's analysis of the surveys and make this available to the participating countries.

Related links:

External links:

AUSTROADS privacy review - February 2009

Related Galexia services and solutions

Galexia has been commissioned by AUSTROADS (Australian and New Zealand road and Transport Authorities) to assist with a full strategic review of the National Exchange of Vehicle and Driver Information System (NEVDIS). Galexia will be responsible for identifying key privacy issues relating to the NEVDIS database. Galexia is providing privacy expertise, offering effective advice on managing evident risks and presenting strategic solutions to the apparent challenges.

The project is an extension of previous work Galexia has undertaken for AUSTROADS, and will be conducted in partnership with Doll Martin Associates.

Related links:

External links:

Privacy in interstate student transfers - January 2009

Related Galexia services and solutions

  • Strategic Privacy Consulting. Read more »
  • Privacy Management Lifecycle: Our Privacy Products and Services. Read more »
  • Identity Management and Authentication - Strategic Consulting. Read more »

Galexia has completed a report, identifying privacy issues arising as part of the Learning Identity Management Framework (LIMF) Project. The research analyses the current landscape of Student Data transfers and makes recommendations on converting the current manual system of transferring data (when a student changes schools, intra or inter jurisdiction) to an electronic one.

Galexia worked in partnership with Link Affiliates to complete the research, identifying key risks in establishing the Framework as well as effective strategies to manage these. The report was completed in January 2009 for The University of Southern Queensland on behalf of the Department of Education, Employment and Workplace Relations.

External links:

Privacy code for access to Queensland property data - January 2009

Related Galexia services and solutions

In late 2008 Galexia developed a Code of Conduct for bulk data access to identified information in the Queensland Valuation and Sales System (QVAS) database - the short title is the QVAS Code of Conduct.

The Code covers privacy protections and complaints mechanisms for access to information about real property transactions in Queensland. The Code was submitted to the QLD Cabinet in late 2008 and is the subject of public consultations in 2009.

Galexia assisted the Queensland Department of Natural Resources and Water and a working group of information broker industry representatives to develop this Code from scratch. The project included research on privacy issues, stakeholder workshops and the development of an explanatory memorandum.

The Code adopts best practice approaches to privacy protection and governance issues.

Related links:

2008 review of the EFT Code of Conduct - January 2009

Related Galexia services and solutions

Galexia has assisted CHOICE, the Consumers’ Federation of Australia, and the Consumer Action Law Centre in preparing a joint consumer response to the Australian Securities and Investments Commission’s proposals for changes to the Electronic Funds Transfer (EFT) Code of Conduct. Key issues addressed in the response include liability of consumers and small businesses, and monitoring Code compliance.

Related links:

External links:


  

National e-Authentication Framework Website Authentication Guidelines - January 2009

Related Galexia services and solutions

  • Identity Management and Authentication - Technical Consulting. Read more »
  • Identity Management and Authentication - Strategic Consulting. Read more »

In December 2008 the Australian Government Information Management Office (AGIMO) within the Department of Finance and Deregulation released a set of documents outlining the National eAuthentication Framework (NeAF).

The NeAF sets out a whole-of-government approach to managing identity-related risks in online transactions between individuals and government, and between businesses and government. It combines the earlier Australian Government e-Authentication Framework for Business and Australian Government e-Authentication Framework for Individuals into a single framework.

NeAF Best Practice Guideline 2 sets out methods for authenticating government websites - an essential part of developing trust in online transactions. BPG2 includes three technical appendices prepared by Galexia:

  • Website authentication mechanisms;
  • Website authentication - technology assessment schedule; and
  • Current Attacks on Websites.

Related links:

External links:


New Galexia Study: The US Safe Harbor - Fact or Fiction? - December 2008

Related Galexia services and solutions

Published

  • Privacy Laws and Business International, issue 96, 2008, pages 1, 3, 26-27

Downloads

The US Safe Harbor is an agreement between the European Commission and the United States Department of Commerce that enables organisations to join a Safe Harbor List to demonstrate their compliance with the European Union Data Protection Directive, allowing the transfer of personal data to the US in circumstances where the transfer would otherwise not meet the European adequacy test for privacy protection.

First released in November 1998, and officially accepted by the EU in 2000, the Safe Harbor is best described as an uneasy compromise between the comprehensive legislative approach adopted by European nations and the self-regulatory approach preferred by the US. The Safe Harbor Framework has been the subject of ongoing criticism, including two previous reviews (2002 and 2004). Those reviews expressed serious concerns about the effectiveness of the Safe Harbor as a privacy protection mechanism.

After ten years of public debate it is time to examine the Safe Harbor again. Chris Connolly’s article The US Safe Harbor - Fact or Fiction? summarises the findings of a Galexia study regarding the current status of the Safe Harbor Framework. The Galexia study assessed each of the organisations listed on the Safe Harbor List (1,597 entries) against a small subset of key criteria contained in the Safe Harbor Framework Principles.

This article was published in Privacy Laws and Business International, issue 96, December 2008.

Browse online:


Privacy in consumer credit reporting - November 2008

Related Galexia services and solutions

Downloads

Chris Connolly presented a discussion, entitled Who’s to blame for credit stress, and how can we help consumers?, at the National Access to Justice and Pro Bono Conference, held by the Law Council of Australia and the National Pro Bono Resource Centre in Sydney from 14-15 November 2008.

Chris’s presentation examined potential reform of both consumer credit law and privacy law in Australia following the Australian Law Reform Commission’s privacy report For Your Information: Australian Privacy Law and Practice (Report 108). Galexia has previously prepared a submission to the ALRC’s inquiry, discussing options for stronger, more effective and more efficient consumer protection in credit reporting in Australia.

Related links:

External links


The ALRC recommendations for Cross Border Transfers - November 2008

Related Galexia services and solutions

The Australian Law Reform Commission’s Report 108: For Your Information: Australian Privacy Law and Practice sets out proposed ‘Unified Privacy Principles’ for reforming Australia’s privacy law.

Unified Privacy Principle 11 (UPP 11) attempts to combine the ‘accountability’ approach to cross-border privacy protection (similar in part to the approach taken in Japan, New Zealand and Canada) with elements of the existing, more traditional ‘adequacy’ approach (similar in part to the approach taken in the EU).

In Weak protection for offshore data - the ALRC recommendations for Cross Border Transfers, Chris Connolly examines the ALRC proposal in detail, and raises significant concerns about both the drafting and the likely impact of the proposal. There are fears that UPP 11 is so weak that all of the privacy protections contained in the other ten UPPs will be thrown away the minute data moves offshore. The proposed UPP 11 requires significant re-drafting so that the accountability principle is properly implemented, and steps must be taken to limit the broad exemptions contained in the proposal.

Related links:

External links:


CHOICE publishes Galexia report on consumer protection in the telecommunications industry - October 2008

Related Galexia services and solutions

Related news

  • Department of Broadband, Communications and the Digital Economy (DBCDE) releases an Issues Paper consumer codes in telecommunications - 31 March 2009. Read more »

CHOICE has released the report Consumer Protection in the Communications Industry: Moving to best practice, based on an issues paper prepared by Galexia. The report provides an overview of consumer concerns with the current co-regulatory consumer protection framework in the telecommunications sector in Australia.

Related links:

External links:


Trustmark Schemes Struggle to Protect Privacy - September 2008

Related Galexia services and solutions

Downloads

Galexia has published an article examining the effectiveness of privacy trustmarks in protecting consumers’ rights.

July 2008 was a landmark month in the history of privacy trustmarks - the seals that appear on some websites to provide a level of assurance about privacy protection. The largest and most successful trustmark - TRUSTe with over 2000 members - changed its status from ‘non-profit’ to ‘for profit’. And the second largest trustmark - BBB Online Privacy with over 700 members - closed its doors for good, abandoning a scheme that it had run for over eight years.

The basic premise of privacy trustmarks is that end users are supposed to have confidence in web sites displaying the trustmark seal, as it presumably indicates that the site adheres to good privacy standards. In practice, although trustmark seals all appear similar, the level of privacy protection varies a great deal. Some seals are backed by detailed standards and independent audits. Other seals are provided with no requirements or checks (other than payment). Some seals include a free dispute resolution service for complaints, other seals have no complaints mechanism or charge consumers for lodging complaints.

This article examines both legitimate and non-legitimate privacy trustmarks, and finds that there are serious consumer issues for both categories. Trustmarks have struggled to provide even basic privacy protection to date, and with the demise of BBB Online Privacy and the change in status of TRUSTe, it is difficult to be optimistic about the future.

Browse online:


Galexia advises on Identity and Access Management strategy in the financial sector - 15 October 2008

Related Galexia services and solutions

  • Identity Management and Authentication - Strategic Consulting. Read more »
  • Identity Management and Authentication - Technical Consulting. Read more »

Galexia was approached by a large financial institution to advise on the development of an identity management strategy, and provide assistance in evaluating available solutions.

The project involved a detailed analysis of business drivers including an assessment of governance, risk, and compliance issues (GRC). Business requirements were established through extensive stakeholder interviews, and these were elaborated into a comprehensive set of functional and non-functional identity and access management requirements.

Galexia also conducted a rigorous technology evaluation, identifying relevant products and inviting a shortlist of vendors to present their solutions. This was used to create a detailed product assessment based on the client’s specific needs, examining the candidate products across over 80 custom metric points.

Galexia provided the client with a governance structure, a path forward towards implementation, and independent assessment of market features and trends. Galexia’s analysis enabled the project to proceed with confidence, understanding and ownership in their identity management solution.

Galexia has specialised in the architecture of distributed identity solutions, including authentication, authorisation, accounting, auditing, single sign-on, federation, provisioning, synchronisation, public key infrastructure and emerging user-centric (Identity 2.0) approaches. The combined user population of the identity management systems Galexia has designed is in the tens of millions.

Related links:


Privacy issues in e-commerce - October 2008

Related Galexia services and solutions

Downloads

Chris Connolly presented a paper on e-commerce privacy issues and the Australian Law Reform Commission’s privacy report For Your Information: Australian Privacy Law and Practice (Report 108) at a symposium on 2 October 2008. The symposium, entitled Meeting privacy challenges - the ALRC & NSWLRC Privacy Reviews, was held by the Cyberspace Law & Policy Centre at the Faculty of Law, University of New South Wales, as part of the Centre’s ‘Interpreting Privacy Principles’ ARC Discovery project and will address:

  • Providing a set of Privacy Principles that set a new global standard;
  • Building consumer trust in electronic commerce;
  • Achieving effective enforcement of privacy rules and remedies for breaches;
  • Limiting the growth of a surveillance society; and
  • Meeting international standards to facilitate appropriate cross border data transfers.

Chris was also a commentator for the session on cross border data transfers.

Related links

External links:


Asia-Pacific regional privacy options - August 2008

Related Galexia services and solutions

Published

  • World Data Protection Report, volume 8, number 9, 2008, pages 8-16
  • Privacy Law Bulletin, volume 5, numbers 1 and 2, 2008, pages 26-38

Downloads

The Asia-Pacific region has reached a significant crossroads regarding the protection of privacy.

The region could choose to follow a path that is based on the traditional approach to privacy found in the EU Data Protection Directive of 1995 and the domestic laws of many countries, with strong comprehensive privacy legislation establishing independent regulators and imposing conditions on the transfer of personal information to parties in third countries.

The alternative path is to follow a new model of privacy protection that involves greater reliance on self-regulation, self-certification, trust-marks and the registration of corporate rules. This approach is strongly advocated by US businesses and some features of this approach appear (in a limited way) in the APEC Privacy Framework of 2005 and related APEC Privacy Pathfinder Projects.

In Asia-Pacific Region at the Privacy Crossroads Galexia Director Chris Connolly examines current privacy developments in the Asia-Pacific region and analyses the benefits and risks of pursuing either the EU or the APEC approach to privacy regulation.

This article includes up to date information on privacy developments in the following Asia-Pacific jurisdictions:

  • Australia
  • Brunei
  • Cambodia
  • China
  • Hong Kong
  • Indonesia
  • Japan
  • Korea
  • Laos
  • Macau
  • Malaysia
  • Myanmar
  • New Zealand
  • Pacific Islands
  • Philippines
  • Singapore
  • Taiwan
  • Thailand
  • Vietnam

Browse online:


Australian Law Reform Commission releases final report on Australian privacy laws - August 2008

Related Galexia services and solutions

The Australian Law Reform Commission released its final report for its inquiry into Australia’s privacy laws on 11 August 2008. The report, For Your Information: Australian Privacy Law and Practice (Report 108) is around 2700 pages long, and contains 295 recommendations for improving Australia’s federal data protection laws.

Galexia was commissioned by Veda Advantage to prepare an independent submission to the inquiry discussing the privacy issues surrounding credit reporting, in response to the ALRC’s Discussion Paper 72.

The Australian Government has proposed a phased response to the ALRC recommendations. The first phase will address the proposed Unified Privacy Principles, health privacy, credit privacy, and privacy education. The second phase will address the recommendations on removal of exemptions, data breach notifications and the tort of privacy.

Related links:

External links:


Galexia conducts Pacific spam enforcement workshop - July 2008

Related Galexia services and solutions

Galexia conducted a workshop on anti-spam law enforcement in the Pacific in Brisbane on 14 July 2008.

The workshop’s key objectives included:

  • identifying appropriate mechanisms and procedures to enforce anti-spam legislation
  • developing materials and activities for public awareness and education
  • facilitating the development of domestic, regional and international cooperative arrangements.

The workshop was part of the Strengthening Spam Legislation, Enforcement and Cooperation Regimes in the Pacific project, conducted by Galexia with the support of AusAID and the Australian Department of Broadband, Communications and the Digital Economy (DBCDE). The project has assisted the Pacific nations Niue, Samoa and Vanuatu in strenghtening their anti-spam legislation and enforcement systems.

Related links:


Galexia publishes case study on Harmonisation of E-Commerce Legal Infrastructure in ASEAN project - May 2008

Related Galexia services and solutions

Galexia has completed a case study of the Harmonisation of E-Commerce Legal Infrastructure in ASEAN project. The case study illustrates the progress made during the four years of the program (2004-2008), with eight of the ten ASEAN Member Countries having enacted e-commerce laws, and the remaining two having draft laws.

Related links:


Galexia assists CHOICE with submission on consumer protection in telecommunications - May 2008

Related Galexia services and solutions

Download

Related news

  • Department of Broadband, Communications and the Digital Economy (DBCDE) releases an Issues Paper consumer codes in telecommunications - 31 March 2009. Read more »

Galexia was commissioned by CHOICE to prepare a submission to the 2008 Telecommunications Consumer Representation Stakeholder Forum, held in late April 2008. The paper, entitled Consumer Protection in the Communications Industry: Moving to best practice, provides an overview of consumer concerns with the current co-regulatory consumer protection framework in the telecommunications sector in Australia.

Browse online:

Related links:

External links:


Recruitment - Legal/IT Research Consultant - April 2008

We are looking for an enthusiastic and dynamic person to join us as a junior Legal/IT Research Consultant on a casual basis. The role requires a background in both law and technology - we are particularly interested in hearing from university students in combined IT/Law or similar degrees.

The successful applicant’s core duties will include legal and technical research (with a strong international focus) in our areas of specialisation - e-commerce, identification, identity management, authentication, security and privacy - and assisting with system administration - maintaining our internal systems as well as our client extranets and public website.

Related links:


Automated business in life insurance and electronic commerce - April 2008

Related Galexia services and solutions

Chris Connolly will sit on a panel of experts at a seminar discussing the benefits, challenges and implications of automated business in life insurance and electronic commerce. The key issues to be addressed include:

  • What are the benefits of automated underwriting?
  • Do we need signatures?
  • How much do advisers have to change the way they work?
  • How far can the system go?
  • How should we deal with cases that do not go straight through the automated system?
  • What are the implications for underwriter training?
  • Privacy issues
  • Electronic record keeping issues

The discussion is being hosted by the Investment and Financial Services Association Limited.

External links:


Tenth ASEAN E-Commerce workshop held in Jakarta, Indonesia - March 2008

Related Galexia services and solutions

The tenth ASEAN E-Commerce workshop was held in Jakarta, Indonesia in April 2008. The workshop focused on regional and international e-commerce issues, and the Indonesian Law on Information and Electronic Transactions.

Related links:




Chris Connolly (Galexia), Iwan Gunawan (Program Coordinator, AADCP Program Stream) and Roger Vitasa (ASEAN)

Workshop Participants

  • Muhammad Yasin Kara (Faction Secretary PAN, Parliament of Republic of Indonesia),
  • Teddy Sukardi (Chairman, Indonesian Information Technology Federation (IITF),
  • Dr Giri Suseno (National ICT Council),
  • Eka Ginting (CEO, Indo.com),
  • Edmon Makarim S Kom (Legal Advisor to Ministry of Communication and Information Technology), and
  • Chris Connolly (Galexia)
  • Dr Giri Suseno (National ICT Council),
  • Eka Ginting (CEO, Indo.com),
  • Edmon Makarim S Kom (Legal Advisor to Ministry of Communication and Information Technology), and
  • Chris Connolly (Galexia)


Presentation: International and ASEAN Best Practice in E-Commerce Legislation; Chris Connolly (Galexia)
  • Eka Ginting (CEO, Indo.com),
  • Chris Connolly (Galexia),
  • Muhammad Yasin Kara (Faction Secretary PAN, Parliament of Republic of Indonesia),
  • Edmon Makarim S Kom (Legal Advisor to Ministry of Communication and Information Technology),
  • Teddy Sukardi (Chairman, Indonesian Information Technology Federation (IITF),
  • Djoko Harijade (Director fo E-Government and Acting Director of E-Business, Indonesian Ministry of Communication and Information Technology) and
  • Dr Giri Suseno (National ICT Council)

Indonesian Parliament passes e-commerce law - March 2008

Related Galexia services and solutions

On 25 March the Indonesian House of Representatives passed the Law on Information and Electronic Transactions. This omnibus law includes provisions for enabling e-commerce transactions and digital signatures, privacy, domain name registration and dispute resolution, digital copyright, content regulation and cybercrimes. The Law is an important step in meeting Indonesia’s e-commerce targets under the Roadmap for Integration of e-ASEAN Sector.

Galexia is assisting Indonesia by providing an analysis of the Law and a high-level awareness-raising workshop (the tenth ASEAN E-Commerce workshop) to facilitate the promotion of the Law. The workshop will be held on 8 April in Jakarta, Indonesia.

Related links:

External links:

Consumer protection in electronic contracts - March 2008

Related Galexia services and solutions

CHOICE and the Cyberspace Law and Policy Centre at the University of New South Wales hosted a roundtable discussion on consumer rights in the information age in early March. Galexia Director Chris Connolly addressed participants on Australian and regional regulatory responses to the key challenges of consumer protection in electronic contracts.

The roundtable discussion was preceded by a public lecture by Professor Jane Winn of the University of Washington.

Related links:

Galexia completes study of cyberlaw harmonization for UNCTAD Information Economy Report - February 2008

Related Galexia services and solutions

Galexia was commissioned to prepare a case study on harmonisation of cyberlaws for the United Nations Conference on Trade and Development’s (UNCTAD’s) Information Economy Report 2007-2008. The case study analysed the development of consistent e-commerce laws across the ASEAN Member Countries, based on Galexia’s work in the region. The ASEAN Member Countries stand out as being the first regional group to adopt harmonised e-commerce laws.

Related links:

External links:


Galexia assists Eric Bana in a domain name dispute - February 2008

Related Galexia services and solutions

Galexia assisted actor Eric Bana in a domain name dispute against a cybersquatter before a panel of the World Intellectual Property Organisation (WIPO) in late 2007. Under the Uniform Domain Name Dispute Resolution Policy (UDRP - the dispute resolution policy for top-level domain names), the panel ordered that the domain name be transferred to Eric Bana.

Related links:

Galexia hosts Japanese privacy delegation - February 2008

Related Galexia services and solutions

Galexia recently hosted a delegation of Japanese privacy experts, including academics and professionals from the legal and technology fields. The delegation met with Australian privacy experts from within government, industry and academia, discussing a broad range of privacy issues, with a particular focus on privacy impact assessments (PIAs) and biometrics. The meetings were conducted in Sydney and Canberra.

Galexia has provided privacy compliance advice to a number of international companies with operations in Japan following the introduction of the Japanese Act on the Protection of Personal Information 2003.

 

The privacy implications of China's outsourcing industry - January 2008

Related Galexia services and solutions

Data protection law in China is currently going through a significant reform. There is potential for China’s existing patchwork of data protection requirements to be transformed into a strong, comprehensive data protection regime. This paper canvases the recent developments, particularly from the perspective of offshore outsourcing - a growing industry sector in China.

The article was published in Volume 10, No 9 of the Internet Law Bulletin (January 2008).

Related links:

Developments in digital rights management - January 2008

Related Galexia services and solutions

Digital rights management (DRM) restricts usage and copying of digital copyright materials (such as music) using technical access control measures. Online music retailers, such as the Apple iTunes store, have typically been forced to use these protected formats by the recording industry, in an attempt to combat online piracy.

Recently, key record labels have moved away from the use of DRM, allowing the online retailer Amazon to sell unprotected versions of their music. This byte discusses some of these developments, and related developments on the legal front.

The byte was published in Volume 10, No 9 of the Internet Law Bulletin (January 2008).

Related links:

Galexia provides technical assistance for Indonesian cyberlaw bill - January 2008

Related Galexia services and solutions

Galexia has been assisting ASEAN meet targets set in the Roadmap for Integration of e-ASEAN Sector (the e-ASEAN Roadmap). Measures contained in the e-ASEAN Roadmap for e-commerce include:

  • Measure 78: Enact domestic legislation to provide legal recognition of electronic transactions (i.e., cyber-laws) based on common reference frameworks. (Deadline: 31 December 2008)

Galexia’s project on e-commerce legal infrastructure for ASEAN has been expanded to include special assistance for Indonesia. This phase will run from January to April 2008.

Indonesia has developed draft legislation to meet this target - the Electronic Information and Transaction Bill. It is an ambitious piece of legislation covering e-government, electronic contracting, privacy, cyber-crime, spam, digital copyright and other cyberlaw issues in a single omnibus Bill.

This new project will assist Indonesia through:

  • The research, preparation and distribution of materials on the benefits, issues and challenges of developing e-commerce legislation in Indonesia; and
  • A high-level awareness raising and technical assistance workshop to facilitate the promotion of the Indonesian Electronic Information and Transaction Bill.

The Harmonisation of E-Commerce Legal Infrastructure in ASEAN Project is funded by the ASEAN Australia Development Cooperation Program (AADCP). AADCP is funded by the Australian Government through AusAID, implemented in close collaboration with the ASEAN Secretariat, and managed by Cardno Acil.

Related links:

Developments in Asia-Pacific privacy laws in 2007 - January 2008

Related Galexia services and solutions

This article provides a summary of the key privacy law developments in the Asia-Pacific region in 2007. As sharing of personal details online becomes more frequent, and the accessibility of such information is enhanced by rapidly improving technologies, the privacy risks that threaten a world citizen are greater than ever before. In the Asia-Pacific region there has been significant growth in Business Process Outsourcing (BPO), which demands countries develop coherent information protection laws. A number of countries in the region are making progress towards new privacy legislation. At the same time other countries in the region with existing privacy laws are looking to amend and reform laws so that they align with current technologies, community views and international standards. One new issue that is emerging is the consideration of data breach notification rules by Asia-Pacific countries - and this is likely to be a major talking point in the region over the next few years.

The article was published in Volume 4, Nos 6 and 7 of the Privacy Law Bulletin (December 2007).

Related links:

Credit reporting submission to the Australian Law Reform Commission's Privacy Review - December 2007

Related Galexia services and solutions

Galexia was recently commissioned by Veda Advantage to independently research and develop options for a framework for stronger, more effective and more efficient consumer protection in credit reporting in Australia. This task was been initiated in response to the Australian Law Reform Commission (ALRC) review of privacy legislation.

Consumer protection in the regulation of credit reporting is a very complex territory and Veda Advantage wanted to assist the ALRC and stakeholders with a cogent expert’s report to guide understanding of the major issues.

Related links:

External links:

Galexia Associate Claro Parlade wins Endeavour Fellowship to study privacy law - November 2007

Related Galexia services and solutions

Claro Parlade, Galexia’s associate from the Philippines, has won an Endeavour Fellowship and will be funded to visit Australia in 2008 for 3 months to study privacy law.

Claro is currently the Executive Director of the Cyberspace Policy Centre for Asia-Pacific (CPCAP), a leading source of expertise on electronic commerce, privacy and online dispute resolution issues in the Asian region.

Galexia and the Office of the Privacy Commissioner (OPC) are Claro’s joint sponsors for the programme, and Galexia will be co-hosting Claro along with the OPC. He will also spend time travelling around the country interviewing key business, government and consumer stakeholders about privacy issues.

Claro has considerable experience in policy work in the Philippines, having been Chairman of the Legal and Regulatory Committee of the IT and E-Commerce Council (‘ITECC’) of the Philippines from 2000 to 2004. He has been involved in the drafting of the Philippines E-Commerce law, and has worked on numerous draft bills and regulations on matters such as the creation of a department of ICT, telecommunications reform, cybercrime and Internet governance.

The Endeavour Programme brings leading researchers, executives and students to Australia to undertake short or long term study, research and professional development in a broad range of disciplines and enables Australians to do the same abroad.

External links:


Claro Parlade

Jurisdictional and enforcement issues of internet gambling - October 2007

Related Galexia services and solutions

The online gambling market is facing the same challenges of jurisdiction and law enforcement as internet activities in general. In this article, Christina Fränngård discusses recent issues in these areas, and examines the situation in three jurisdictions in detail - the US, the EU and Australia.

The article was published in Volume 10, No 7 of the Internet Law Bulletin (October 2007).

Related links:

Galexia assists the NSW RTA with their Document Verification System - October 2007

Related Galexia services and solutions

Galexia has been selected to conduct a Privacy Impact Assessment (PIA) for the NSW Roads and Traffic Authority (RTA). The PIA will cover the RTA’s potential participation in the national Document Verification Service (DVS).

The DVS has been developed as part of the National Identity Security Strategy. The DVS will be a secure, electronic, on-line system accessible by certain Australian Government, state and territory agencies to check the validity of an identity document. The verification of driver licences will be completed via the National Exchange of Vehicle and Driver Information System (NEVDIS) database, operated by AUSTROADS.

Galexia to help develop spam laws in the Pacific - October 2007

Related Galexia services and solutions

After a competitive tender process, Galexia has been chosen to assist the Department of Communications, Information Technology and the Arts (DCITA) in the development of a harmonised spam legislation, enforcement and co-operation regime for three Pacific nations.

This project, funded in part by AusAID's Pacific Governance Support Program (PGSP), will be applied across the island states of Niue, Samoa and Vanuatu.

As part of the project, Galexia will have a central role in developing a package of anti-spam policy and legislation, specifically tailored for these Pacific nations, which will be modelled on Australia's Spam Act of 2003.

DCITA's role will continue through to developing a local enforcement capability, as well as assisting the Pacific nations participate in an international network of enforcement agencies.

Related links:

Five new signatories to the UN Convention on the Use of Electronic Communications in International Contracts - October 2007

Related Galexia services and solutions

The treaty event, entitled "Focus 2007: Towards Universal Participation and Implementation - A Comprehensive Legal Framework for Peace, Development and Human Rights" was held at United Nations Headquarters in New York, on the 25-27 of September and the 1-2 of October 2007. During the event, the United Nations Convention on the Use of Electronic Communications in International Contracts received five new signatories:

  • The nations of Panama and the Philippines;
  • The Islamic Republic of Iran; and
  • The nations of Colombia and Montenegro.

The Convention was adopted by the UN General Assembly in November 2005 and has since received 15 signatories. The Convention aims to improve the legal certainty and commercial predictability of electronic contracts. Other signatories to the Convention are the Central African Republic, China, Lebanon, Madagascar, Paraguay, Senegal, Sierra Leone, Singapore, Sri Lanka and The Russian Federation.

Related links - Galexia’s publications on the Convention:

Consumer Action Law Centre publish Galexia's Trade Practices Act Public Benefit Report - September 2007

Related Galexia services and solutions

The Consumer Action Law Centre (CALC) has now published the Galexia-written report focussing on defining the ‘public benefit’ in Part VII of the Trade Practices Act 1974 (Cth). It was completed as part of a project to identify weaknesses in the way in which the public benefit test is currently applied under the Act and to propose solutions that will ensure that consumers receive the protections they require when reductions in competition through mergers, acquisitions and collusions are considered. The report has a particular focus on the potential inclusion of social and environmental considerations in the public benefit test.

Part VII of the Trade Practices Act 1974 acknowledges that there are circumstances in which anti-competitive conduct will be permissible - where the detriment caused by the conduct is outweighed by other benefits to the public. The report examines the application of the public benefit test in both theory and practice, and makes recommendations aimed at improving consideration of the public benefit in authorisations.

Related links:

Galexia meets with Secretary of State to the Ministry of Commerce in Cambodia - September 2007

Related Galexia services and solutions

Galexia was asked to advise Cambodia on their draft E-Commerce Law during their visit to the country for Workshop W9. This was at the invitation of HE Pan Sorasak - Secretary of State to the Ministry of Commerce. The Secretary was an attendee at AADCP E-Commerce Project workshops (W3 and W5) in his former capacity as an Under-Secretary in the Cambodian Ministry of Posts and Telecommunications.

On Thursday 23 August 2007 Galexia travelled to Phnom Penh to meet with the Secretary and the team working on drafting Cambodia’s e-commerce legislation. Galexia held an initial meeting with the Secretary to discuss aid and development in Cambodia and the region more broadly - gaining insights into other work in the region being carried out by the International Telecommunications Union (ITU) and UN Conference on Trade and Development (UNCTAD).

Galexia briefed the E-Commerce law meeting on the overall AADCP E-Commerce Legal Infrastructure Harmonisation Project and on the workshop (W9) outcomes in Siem Reap. Galexia also provided specific feedback and advice on the draft Cambodian E-Commerce Law.

Cambodia Ministry of Commerce - August 23 From left to right: Sven Callebaut (UNCTAD), Yin Yanno, Tous Sapha, Kang Koy (Ministry of Commerce), Ban Lim (Nat. Bank of Cambodia), Chris Connolly (Galexia), H. E. Sorasak Pan (Ministry of Commerce), Srey Siyout (Nat. Bank of Cambodia), H. E. Mao Thora (Ministry of Commerce), Francis Vierboom (Galexia), Peter van Dijk (Galexia)
Cambodia Ministry of Commerce - August 23 From left to right: Kang Koy (Ministry of Commerce), Srey Siyout (Nat. Bank of Cambodia), H. E. Mao Thora (Ministry of Commerce), H. E. Sorasak Pan (Ministry of Commerce), Chris Connolly (Galexia), Peter van Dijk (Galexia), Sven Callebaut (UNCTAD), Tous Sapha (Ministry of Commerce)

Related links:

Galexia's commentary on the UN Convention on Electronic Contracting documents - September 2007

Related Galexia services and solutions

From the 29th to the 31st of August, an international conference on the United Nations Convention on the Use of Electronic Communications in International Contracts (UNECIC) was held in Hanover, Germany.

The UNECIC conference was aimed at analysing and interpreting the text of the new UN ECIC-Convention and promoting its application.

Chris Connolly addressed the conference on two broad issues:

1) The Scope and Exclusions of the Convention (Articles 2, 3, 19 and 20) as they stand; and

2) Using the Convention to Harmonise the domestic regulation of Electronic Contracting (including a practical case study on the Association of South East Asian Nations (ASEAN) E-Commerce Project).

A paper is now available, which outlines the scope and exlcusions of the convention. This is an early working draft of the final conference paper, intended for future revision and publication in a book on the Convention (Kluwer, mid 2008). Commentary on the document is welcome, and can be emailed to consult@galexia.com.

Related links:

External links:

Data retention by search engines and Australian privacy law - August 2007

Related Galexia services and solutions

Galexia Consultant, Sarah Andrews has recently written an article looking at the data retention regimes of search engines, and their effects under Australian privacy law.

Recent months have seen Google, the world’s most popular search engine, at the centre of controversy concerning the length of time it retains records of its users’ search queries. This is not the first time the practices of search engines have hit the headlines or attracted privacy watchdogs’ attention. Nor is Google alone among search engines in retaining users’ search queries for extended periods. The Google case does, however, provide a very useful illustration of the significance of data protection concerns raised by the retention of data on past searches and the importance for search engines of implementing robust privacy policies and practices.

The article, published in Volume 4 of the Privacy Law Bulletin, examines these issues from the perspective of Australian privacy law and suggests steps that search engines can take to ensure compliance with the law and promote trust among users.

Related links:

Land rights in virtual worlds - August 2007

Related Galexia services and solutions

In August 2007, the State of Play V: Building the Global Metaverse conference was held in Singapore. Jointly organized by Harvard Law School, Yale Law School, New York Law School, Trinity University, and Nanyang Technological University in Singapore, this global conference on ‘virtual worlds’ invited experts across disciplines to discuss the future of cyberspace and the impact of these new immersive, social online environments on education, law, politics and society. The hallmark of the conference was its multi-disciplinary perspective.

Professor Yee Fen Lim spoke at the State of Play V conference on the topic of Space, Place and Culture focusing on the concept of land in Second Life, a highly topical issue due to the Bragg v Linden litigation currently on foot in the US.

Yee Fen also ran a Workshop on Law and Regulation at the State of Play V conference with colleagues from CAPTEL, Nanyang Business School.

Both Yee Fen’s paper and Workshop were reported in the press.

External links:

UN Electronic Communications in International Contracts Convention in Hanover, Germany - August 2007

Related Galexia services and solutions

From the 29th to the 31st of August, an international conference on the United Nations Convention on the Use of Electronic Communications in International Contracts (UNECIC) was held in Hanover, Germany.

The UNECIC conference was aimed at analysing and interpreting the text of the new UN ECIC-Convention and promoting its application.

Chris addressed the conference on two broad issues:

1) The Scope and Exclusions of the Convention (Articles 2, 3, 19 and 20) as they stand; and

2) Using the Convention to Harmonise the domestic regulation of Electronic Contracting (including a practical case study on the Association of South East Asian Nations (ASEAN) E-Commerce Project).

Related links:

External links:

Ninth ASEAN E-Commerce workshop held in Siem Reap, Cambodia - August 2007

Related Galexia services and solutions

On the 20th of August 2007, the ninth ASEAN Workshop on E-Commerce was held in Siem Reap, Cambodia.

This Workshop (W9) had a focus on Phase 3 of the Project, Mutual Recognition of Digital Signatures, and on building an ASEAN Digital Signature Strategy. The Workshop discussed strategy and implementation issues.

The development of an ASEAN Digital Signature Strategy will assist ASEAN countries in addressing the legal, policy, technical and infrastructure issues needed to develop common methods for mutual recognition of digital signatures. It will assist those countries with legal infrastructures to make necessary adjustments and provide direction for those countries yet to implement an infrastructure.

The Workshop was also run in parallel to of the 8th ASEAN Telecommunications and IT Senior Officials Meeting (8th TELSOM) and the 7th ASEAN Telecommunications and IT Ministers Meeting (7th TELMIN).

Cambodia Strategy Meeting (W9) - August 20 Back Row: Peter van Dijk (Galexia), Amir Suhaimi Hassan (Malaysia), Harme Mohamed (Malaysia), Riki Arif Gunawan (Indonesia), Than Htun Aung (Myanmar), Chris Connolly (Galexia), Vu Chi Kien (Vietnam), Lee Hooi Teck (Malaysia), Troeng Douma (Cambodia) Front Row: Dr Ajin Jirachiefpattana (Thailand), Maw Maw Aye (Myanmar), Lin Ah Tin (Malaysia), Patricia M. Abejo (Philippines), (Vietnam), Bui Thi Ngoc Khanh (Vietnam), Somlouay Kittignavong (Laos)
Cambodia Strategy Meeting (W9) From left to right: Than Htun Aung (Myanmar), Patricia M. Abejo (Philippines), Amir Suhaimi Hassan (Malaysia), Peter van Dijk (Galexia), Bui Thi Ngoc Khanh (Vietnam), Vu Chi Kien (Vietnam), Mima Sefrina (ASEC), Riki Arif Gunawan (Indonesia), Somlouay Kittignavong (Laos), Harme Mohamed (Malaysia)
Cambodia Strategy Meeting (W9) - August 20 The workshop lunch: Mima Sefrina (ASEC), Maw Maw Aye (Myanmar), Patricia M. Abejo (Philippines)
Cambodia Ministry of Commerce - August 23 From left to right: Sven Callebaut (UNCTAD), Yin Yanno, Tous Sapha, Kang Koy (Min. Comm), Ban Lim (Nat. Bank of Cambodia), Chris Connolly (Galexia), H. E. Sorasak Pan (Min. Comm), Srey Siyout (Nat. Bank of Cambodia), H. E. Mao Thora (Min. Comm), Francis Vierboom (Galexia), Peter van Dijk (Galexia)

Related links:

Internet and E-commerce Law - August 2007

Internet and E-commerce Law: Technology, Law and Policy: Contents

1. Internet Law & Cyberspace Regulation
2. Jurisdiction
3. Content Regulation
4. Copyright
5. Patents
6. Domain Names
7. E-Contracts
8. Authentication - Authored by Yee Fen Lim
9. E-Taxation
10. Privacy - Co-authored by Yee Fen Lim
11. Cyber crime - Authored by Yee Fen Lim
12. Intermediary Liability
13. Digital Rights, Digital Surveillance, E-Security & E-Government
14. Future Directions

Professor Yee Fen Lim, a senior consultant at Galexia, is the co-author of Internet and E-commerce Law: Technology, Law and Policy published in August 2007.

The focus of the book is the regulatory framework of the Internet and e-commerce. Yee Fen’s contributions offer a detailed analysis of authentication, privacy and cyber-crime that are extensive, and up to the minute.

External links:

OECD issues new Recommendation on Consumer Dispute Resolution and Redress - August 2007

Related Galexia services and solutions

The Organisation for Economic Cooperation and Development (OECD) has issued a new Recommendation on Consumer Dispute Resolution and Redress. Adopted by the OECD Council on 12 July 2007, the Recommendation aims to ensure that consumers have access to swift and effective mechanisms to resolve complaints and obtain compensation when transactions with businesses go wrong.

Although the Recommendation applies to all forms of commerce, a major impetus behind its development was to address consumer complaints arising from e-commerce. OECD governments recognised that if they are to take full advantage of the global digital marketplace, consumers need to be confident that they will be able to resolve complaints with businesses online and in other countries.

The Recommendation calls on member countries to update their dispute resolution and redress systems so that they better respond to the varying nature of consumer complaints. Specifically, it identifies three different categories of mechanisms to be included in domestic frameworks - mechanisms for consumers to act individually; mechanisms for consumers to act collectively; and mechanisms for the government to obtain redress for consumers. It then sets out goals to ensure that these mechanisms are more accessible and effective in cross-border cases. The Recommendation also includes provisions on complementary measures that can be taken by the private sector to help consumers resolve disputes efficiently and at the earliest possible stages.

In Australia, the adequacy of existing dispute resolution mechanisms and redress provisions will be reviewed by the Productivity Commission as part of its inquiry into the national consumer policy framework. The final results of the inquiry are due to be released in December 2007.

External links:

Galexia presents final digital signature strategy to Law Society of NSW - July 2007

Related Galexia services and solutions

  • Identity Management and Authentication - Strategic Consulting. Read more »
  • Identity Management and Authentication - Technical Consulting. Read more »
  • Specialised Legal and Regulatory Consulting. Read more »
  • Issues Management: Public and Stakeholder Consultations. Read more »

Galexia has presented a digital signature strategy to the Law Society of NSW’s Legal Technology Committee.

The project was an extension of work completed by Galexia in 2005, and involves the development of a strategy of the Law Society’s potential use of digital credentials. Galexia’s role is to ensure that policies are compatible with current best practices in PKI and the recent Gatekeeper reforms.

Related links:


Galexia writes chapter in Information Economy Report 2007 for UNCTAD - July 2007

Related Galexia services and solutions

Galexia has been commissioned by the United Nations Conference on Trade and Development (UNCTAD) to write a chapter in the Information Economy Report 2007. Galexia’s chapter presents a case study on the ASEAN E-Commerce Project - a major 4-year project to assist the ten Member Countries of the Association of South East Asian Nations develop and implement a harmonised e-commerce legal infrastructure. The E-Commerce Project is funded by the ASEAN Australia Development Cooperation Program (AADCP).

The experience of the ASEAN Member Countries in the E-Commerce Project may be helpful for developing countries formulating their own e-commerce legislation and beyond this, developing a comprehensive legal infrastructure, including regulations, standards, training and education.

The Information Economy Report is to be published in October 2007.

Related links:


Galexia completes initial PIA for the Department of Defence - June 2007

Related Galexia services and solutions

  • Specialised Legal and Regulatory Consulting. Read more »
  • Privacy Management Lifecycle: Our Privacy Products and Services. Read more »

Galexia has completed an initial Privacy Impact Assessment (PIA) for the Australian Department of Defence. This PIA - on the JP2099 Program - is in accordance with the Privacy Impact Assessment Guide issued by the Office of the Privacy Commissioner.

The broad purpose of this PIA was to provide a description and assessment of the personal information flows that are expected to occur for the JP2099 Identity Management Capability, assess the potential privacy legal issues and privacy perception issues that arise from the identified flows, and the Capability as a whole, and assess the impact these issues may have on the privacy of individual’s personal information. This is an initial PIA based on an assessment of an initial set of business processes that have been developed to support the proposed Capability.

External links:


OECD issues Recommendation and Guidance on Electronic Authentication - June 2007

Related Galexia services and solutions

  • Identity Management and Authentication - Strategic Consulting. Read more »
  • Identity Management and Authentication - Technical Consulting. Read more »
  • Specialised Legal and Regulatory Consulting. Read more »

On the 12th of June 2007, the OECD Council adopted a new Recommendation on Electronic Authentication. The Recommendation recognises the role that electronic authentication can play in developing trust in online transactions by providing certainty and strengthening protection of information security and individuals’ personal data. It calls on member countries to: work towards “technology-neutral” approaches for authentication in both domestic and cross-border contexts; foster the development, deployment and use of sound electronic authentication mechanisms that meet privacy and security needs; encourage compatibility and interoperability of authentication schemes as a means to facilitate cross-sectoral and cross-jurisdictional use; and raise awareness, including among non-members, of the benefits of the use of electronic authentication. The Recommendation is specifically aimed at “electronic authentication of persons and entities” as opposed to authentication of the validity of documents or electronic signatures.

The Recommendation is accompanied by a Guidance document, defining a set of ‘Foundation’ and ‘Operational’ Principles for the use and implementation of authentication mechanisms. The Foundation Principles identify security, privacy, and risk management goals and establish that the roles and responsibilities of different participants in the authentication process should be proportionate to their degree of knowledge and control. The Operational Principles address issues of usability, fitness for purpose, education, disclosure, complaints handling, audits and assessments, cross-jurisdictional recognition and interoperability, and standards.

External links:


Galexia attends the second APEC Privacy Seminar in Cairns - June 2007

Related Galexia services and solutions

In June 2007, Sarah Andrews, Chris Connolly and Peter van Dijk attended the 2nd APEC Privacy Seminar in Cairns. The APEC Data Privacy Seminar brought together governments, regulators, supervisory authorities, business and consumers of APEC economies to explore the practical mechanisms to facilitate the responsible and accountable transfer of personal information across international borders.

Following on from the first seminar in Canberra in January 2007, the seminar looked at:

  • Cross-border privacy rules in protecting cross-border transfers of personal information
  • The development of cross-border cooperative arrangements between stakeholders to facilitate the implementation of cross-border privacy rules, and
  • The role of privacy regulators, trustmarks and Pathfinder projects in implementing a cross-border rules privacy system.

Related links:

Review of the EU Directive on Electronic Commerce - June 2007

Related Galexia services and solutions

The E-Commerce Directive was intended to provide a general framework for electronic commerce laws, and thereby to increase confidence in e-commerce. It imposed mandatory requirements on member states, and led to greater harmonisation of relevant laws. This byte discusses several of the perspectives on the Directive as its next mandatory review approaches.

The byte was published in Volume 10, No 3 of the Internet Law Bulletin (June 2007).

Related links:


Sarah Andrews joins Galexia - June 2007

Galexia would like to welcome Sarah as a Senior Consultant.

Previously, she worked at the Organisation for Economic Co-operation and Development (OECD) in Paris, where she co-ordinated the work of the Committee on Consumer Policy. A primary focus of her work was on promoting consumer trust in the global marketplace through better access to dispute resolution and redress mechanisms and increased enforcement co-operation against cross-border fraud.

Sarah also spent 3 years as Research Director for the Electronic Privacy Information Center (EPIC) in Washington, DC where she specialised in international developments in privacy law and policy.

Sarah holds a Bachelor of Laws degree (Hons) from University College Cork, Ireland and a Masters of Laws in International Legal Studies (Distinction) from Georgetown University Law Center, Washington DC, US. She is licensed to practice law in New York State, US.


Galexia publishes article on recent developments in internet jurisdiction - May 2007

Prashanti Ravindra has recently published an article detailing recent developments in the realm of Internet jurisdiction.

Traditionally, questions of jurisdiction are answered based on the territoriality, but this approach has proved problematic in online contexts, where transactions occur freely across national boundaries.

This article examines three recent cases in which courts have considered the problems of Internet jurisdiction: the order of the French Tribunal de Grande Instance de Paris against Yahoo! Inc for its online auctioning of Nazi artifacts and memorabilia in Association Union des Etudiants Juifs de France v Yahoo! and the ensuing chain of actions in the US over whether US courts could exercise jurisdiction over the French parties; an order by a US district court against a UK anti-spam organisation in e360 Insight v The Spamhaus Project; and the assertion of jurisdiction of a Michigan court over a New York defendant who contracted with a Michigan resident.

The article was published in Volume 10, No 1 of the Internet Law Bulletin (May 2007).

Related links:


The Telecommunications (Interception) Amendment Act 2006 - May 2007

Related Galexia services and solutions

Galexia Consultant Saira Ahmed has published an article detailing the recent amendments to the Telecommunications Act 1979 (Cth).

The amendments insert a warrant regime for access to stored communications held by a telecommunications carrier and enable interception of telecommunications of an innocent person known to communicate with a person of interest - known as ‘B-Party’ intercepts. This article discusses the main provisions of the Telecommunications (Interception) Amendment Act 2006 (Cth) and the controversy surrounding these amendments.

Implications of the amendments enable the Australian Security Intelligence Organisation (ASIO) and other law enforcement agencies to intercept telecommunications of third parties including emails, SMS and voicemail messages. These provisions are naturally significant for lawyers advising clients on cooperation with law enforcement authorities in relation to telecommunications, including emails.

The article was published in Volume 10, No 1 of the Internet Law Bulletin (May 2007).

Related links:


Galexia assists CHOICE with a joint submission to the 2007 Review of the Electronic Funds Transfer (EFT) Code of Conduct to ASIC - May 2007

Related Galexia services and solutions

Galexia assisted CHOICE with its submission regarding the 2007 review of the Electronic Funds Transfer (EFT) Code of Conduct, as conducted by the Australian Securities and Investment Commission (ASIC).

Among the major issues considered by Galexia were the liability of parties in electronic funds transactions, particularly with regard to Internet banking. The project involved detailed technical advice on authentication techniques for electronic transactions.

The Submission was prepared by Galexia. Guidance, input and comments were received from a small reference group consisting of representatives of CHOICE, the Consumer Action Law Centre, the Centre for Credit and Consumer Law, the Australian Privacy Foundation, the Consumer Credit Legal Centre (NSW), Care Inc. Financial Counseling Service and Consumer Law Centre of the ACT. Funding assistance was received from the Australian Securities and Investments Commission Consumer Advisory Panel (ASIC CAP).

Related links:


Galexia joins AGIMO Identity Management and Authentication Consultancy Services Panel - May 2007

Related Galexia services and solutions

The Australian Government Information Management Office (AGIMO) Identity Management and Authentication Consultancy Services Panel was formed in 2007 obtain specialist consultancy services relating to identity management and authentication. Galexia has been accepted onto the panel in four key areas of expertise.

AGIMO is a part of the Department of Finance and Administration, and works across government to maintain Australia’s position as a leader in the productive application of information and communications technologies (ICT) to government administration, information and services. AGIMO fosters the efficient and effective use of ICT by Australian Government departments and agencies.

The Identity Management and Authentication Consultancy Services Panel will be used by AGIMO to obtain:

  • advice and support in the development and refinement of whole of government, and cross government, ICT frameworks, policies and for guidance on identity management and authentication matters;
  • assistance with the provision of support to agencies and other jurisdictions that are pursuing individual projects pertaining to identity management and authentication; and
  • in the event that the Department of Finance pursues ICT projects that encompass identity management and authentication matters, consultancy advice on any such projects.

Galexia’s services categories on this panel include:

  • Identity and access management, including
    • technical solutions, incorporating architectural analysis, business analysis, testing and systems design across both physical and logical environments;
    • policy and governance advice across a range of government environments;
    • advice in regard to business process analysis and re-engineering, quality assurance and accreditation;
    • Australian and International standards;
    • developments, both in industry and in foreign government jurisdictions;
    • emerging technologies; and
    • other identity and access management related advice.
  • Authentication, including
    • technical solutions, incorporating architectural analysis, business analysis, testing and systems design;
    • policy and governance advice across a range of government environments;
    • advice in regard to business process analysis and re-engineering, quality assurance and accreditation;
    • Australian and International standards;
    • developments, both in industry and in foreign government jurisdictions;
    • emerging technologies; and
    • other authentication related advice.
  • Public key infrastructure (PKI) , including
    • contextual analysis of the Government’s Gatekeeper PKI Framework in a changing and developing PKI and wider encryption solutions market;
    • interoperability;
    • Australian and International standards;
    • National and international developments, both in industry and government jurisdictions;
    • emerging technologies, in PKI specifically and encryption generally; and
    • other PKI related advice.
  • Privacy, including
    • the specific development of identity management and authentication frameworks and in the delivery of identity management and authentication solutions and services.

Related links:

External links:

Eighth ASEAN E-Commerce workshop held in Vientiane, Laos - March 2007

Related Galexia services and solutions

On the 28 February - 2 March 2007, the eighth ASEAN Workshop on E-Commerce was held in Vientiane, Laos. This Workshop (W8) was a gathering of around 45 delegates and technical experts, including more than 40 from ASEAN member countries.

This Workshop (W8) had a training and capacity building focus. The Workshop discussed the project Implementation Guide and provide information and resources on implementation issues.

The objective of this Workshop was to facilitate implementation of a harmonised legal infrastructure for e-commerce, including Online Contract Formation, Jurisdiction and Online Dispute Resolution, through the provision of training and guidance on the use of the Implementation Guide developed during the project, and the exchange of information between member country participants.

Workshop content included the following presentations and materials:

— Review and discussion of developmnts in member countries and international initiatives in electronic contracting,

— Training materials and worksheets.

Related links:


Galexia undertakes third extension to ASEAN E-Commerce Harmonisation work - April 2007

One of the key steps to be fulfilled in the e-ASEAN Framework Agreement[1] is that Member Countries will need to allow the mutual recognition of digital signatures across borders in ASEAN.

The new ASEAN E-Commerce Project (Phase 3) on the Mutual Recognition of Digital Signatures is designed to help ASEAN Member Countries develop a common strategy to meet this objective.

The development of an ASEAN Digital Signature Strategy will assist ASEAN countries in addressing the legal, policy, technical and infrastructure issues needed to develop common methods for mutual recognition of digital signatures. It will assist those countries with legal infrastructures to make necessary adjustments and provide direction for those countries yet to implement an infrastructure.

Five steps have been identified as necessary in the establishment of a harmonised legal framework covering mutual recognition of digital signatures in ASEAN:

  • Step 1: Develop recognition clauses for foreign digital signatures;
  • Step 2: Develop recognition criteria for foreign digital signatures;
  • Step 3: Identify interoperability model (amongst six available models worldwide);
  • Step 4: Establish governance structure or arrangement for accreditation of foreign digital signatures; and
  • Step 5: Establish a technical committee/body to monitor the implementation of mutual recognition of digital signatures.

This phase runs from April through to December 2007.

Related links:

Galexia at the Canberra APEC Data Privacy Seminar - January 2007

Related Galexia services and solutions

Downloads

On the 22-23rd January 2007, the First Technical Assistance Seminar on the APEC Privacy Framework was held at the National Convention Centre in Canberra. The meeting was a gathering of delegates from around the world to discuss the international implementation of the Framework, with a core focus on making compliance possible and enforcement credible when personal information moves between economies.

The Seminar allowed participants to discuss issues raised by the transfer of personal information in the APEC region. Cross-Border Privacy Rules were discussed as a potential mechanisms for business and APEC economies to put into place the privacy principles contained in the APEC Privacy Framework. A seminal point raised by the delegates on the use of Cross-Border Privacy Rules by business, was how they might provide certainty to their customers on how their personal information will be protected.

Galexia Director Chris Connolly spoke at the meeting, discussing the practical issues of achieving global compliance, particularly from a business perspective. Chris outlined and explored mechanisms that enable industry to meet business and consumer needs through accountable transfers of personal information across economies, whilst remaining consistent with the APEC Privacy Framework.

External links:

Second edition of 'Cyberspace Law: Commentaries and Materials' - January 2007

Cyberspace Law: Commentaries and Materials: Contents

1. Introduction

2. Jurisdiction

3. Electronic Contracting

4. Privacy and the Internet

5. Encryption

6. Electronic Signatures

7. Internet Crime

8. Internet Content Regulation

9. Copyright on the Internet

10. Trade Mark Law and the Internet

11. Patents

12. Massively Multiplayer Online Role-Playing Games

13. Uninvited Material

14. Internet Taxation

15. The Way Ahead

Yee Fen Lim, senior consultant at Galexia, has published a comprehensive revision of her Oxford University Press book, Cyberspace Law: Commentaries and Materials.

Cyberspace Law brings the complex legal issues of the Internet to both law students and practitioners. With a foreword by the Honourable Justice Gummow AC QC of the High Court of Australia, the book reflects recent changes in legislation, providing a detailed study of this fast moving field of law. It covers new technological developments as well as recent changes in legislation.

Cyberspace Law has been adopted by numerous universities around the world as the definitive textbook on cyberspace laws, providing expert commentary on cases and legislation in all areas of e-commerce, internet and technology law.

External links:

Gatekeeper reforms published - October 2006

In late September 2006, the Australian Government Information Management Office (AGIMO) released amended documentation for the Gatekeeper PKI Framework. This documentation was developed in conjunction with Galexia in order to govern the use of PKI in government for the authentication of external clients. The strategy provides a whole-of-government framework that delivers integrity, interoperability, authenticity and trust for agencies and their clients. The strategy is underpinned by a standards-based, technology neutral accreditation program for issuers of digital certificates.

This project included a mixture of strategic, technical, security and legal advice. Gatekeeper is considered to have provided only limited success in Australia, and the reform of Gatekeeper is designed to enable the production of new, flexible digital certificate categories and the removal of compliance burden and paperwork for PKI service providers. Legal and privacy issues were also reviewed to ensure greater certainty and simplicity.

External links:

Galexia hosts 7th ASEAN Workshop on E-Commerce in Brunei - September 2006

On the 9-11th of September 2006, the seventh ASEAN Workshop on E-Commerce was held in Brunei. The Brunei Workshop (W7) was a gathering of around 30 delegates and technical experts, including more than 20 from ASEAN member countries. Galexia hosted the workshop and provided expert presentations and materials.

Workshop content included the following presentations and materials:

— Report on proceedings at the Working Group meeting in Manila on 29 May 2006;

— Review and discussion of developments in member countries and international initiatives in electronic contracting, jurisdiction and online dispute resolution legal infrastructure;

— The contents of the Draft Framework Document (FD). The FD will contain options for a common framework for harmonised legal infrastructure for electronic contracting, jurisdiction and online dispute resolution; and

— Discussion and confirmation of steps required to achieve consensus on a preferred Option for harmonisation in ASEAN.

The objective of this Workshop (W7) was to help ASEAN and the Galexia E-Commerce Project team to finalise the content of the Framework Document (FD) and develop a recommendation to the ASEAN Working Group on E-Commerce and ICT Trade Facilitation.

Related links:

Online Dispute Resolution - August 2006

Related Galexia services and solutions

Galexia has recently published an article as part of the ASEAN E-Commerce Project. The article canvasses the various legal issues in the field of Online Dispute Resolution (ODR). ODR involves using online technologies to facilitate the resolution of various types of disputes that arise from electronic transactions - in much the same way that generic dispute resolution does in the offline realm. The article explores different ODR methodologies currently used in cyberspace. It also highlights the importance of ODR as a means of engendering consumer confidence in the online medium, thereby facilitating a growth in the number of people that engage in e-commerce.

Related links:

Galexia to help develop the Singapore National Authentication Framework - August 2006

Related Galexia services and solutions

  • Identity Management and Authentication - Technical Consulting. Read more »
  • Identity Management and Authentication - Strategic Consulting. Read more »
  • Issues Management: Public and Stakeholder Consultations. Read more »

The Infocomm Development Authority of Singapore (iDA) is spearheading a National Authentication Framework (NAF) programme under their 10 year Intelligent Nation Masterplan. NAF aims to implement a nationwide infrastructure for strong authentication through the development of appropriate business, technical and operational frameworks. A NAF steering committee and four NAF sub-committees (Finance, Telecommunications, Government and Technical) comprising of industry captains and government agencies will provide sponsorship and inputs to the developmental works under NAF.

Galexia has been chosen as a member of a consortium (also including KPMG, Baker & McKenzie, Wong & Leow and Biometix) to drive and guide the establishment of the NAF. As such Galexia’s work entails the proposal of a model to deploy the NAF, and to develop 4 supporting components that are needed to realise the deployments:

  • Governance Framework and Regulatory Requirements;
  • Accreditation Audit Criteria for Authentication Operators ("AOs");
  • Reference Business Agreement; and
  • Reference Technical Standards and Protocols.

Related links:

Galexia provides privacy compliance advice to Fidelity International - August 2006

Related Galexia services and solutions

Galexia has been providing privacy compliance advice to the Risk, Security and Business Continuity division of Fidelity International, including advice to their Hong Kong, Japan, Korea, Singapore, Sydney and Taiwan offices. This project will assist Fidelity manage their domestic and international privacy compliance requirements.

Related links:

Galexia examines best practice privacy management for public registers in Australia - July 2006

Related Galexia services and solutions

Galexia has recently been commissioned by RP Data to complete a report to examine the best practice privacy management for public registers in Australia.

Specifically, the paper includes the following:

  • A detailed description of how privacy is managed in Australian jurisdiction for public register information (land registry data, electoral roll data, etc.);
  • A detailed description of best practice approaches to managing privacy in public registers (codes of conduct, published papers etc.);
  • Analysis of legislative approaches to managing privacy in public registers (Commonwealth and State legislation); and
  • Insight into trends in privacy regulation of privacy in public registers (Australian Law Reform Commission review etc.).

Related links:

Galexia reviews identity management paper for South Australian Chief Information Officer - July 2006

Related Galexia services and solutions

  • Identity Management and Authentication - Strategic Consulting. Read more »
  • Issues Management: Public and Stakeholder Consultations. Read more »

Galexia has won a successful bid to review a position paper developed by the South Australian Office of the Chief Information Officer. The paper, on Identity and Access Management (IAM) for the South Australian Government, is a pre-cursor for the planned development of an IAM Framework for all of South Australia.

Related links:

Galexia to conduct analysis of e-commerce legal infrastructure in Malaysia - July 2006

Related Galexia services and solutions

  • Issues Management: Public and Stakeholder Consultations. Read more »
  • Privacy Management Lifecycle: Our Privacy Products and Services. Read more »

Galexia is assisting the Commonwealth Department of Communications, Information Technology and the Arts (DCITA) in preparing a Malaysia - Australia E-Commerce Legal Infrastructure Analysis. The report will be of assistance in the development of the relationship between Malaysia and Australia in a number of areas - at a time when Malaysia and Australia are negotiating a Free Trade Agreement (FTA) that contains a chapter on E-Commerce. Malaysia and Australia also have an ongoing interest in the harmonisation of electronic commerce legal infrastructure. Specifically, the document is a coverage analysis of selected areas of E-Commerce Legal Infrastructure in Australia and Malaysia.

Related links:

UN Convention on the Use of Electronic Communications in International Contracts comes into force - July 2006

Related Galexia services and solutions

Related Galexia news articles

  • Galexia’s article about the UN Convention on Electronic Contracting published in the Computer Law & Security Report Read more »

Galexia has written an article outlining how and when the United Nations Convention on the Use of Electronic Communications in International Contracts 2005 (the UN Convention on Electronic Contracting) will come into force. The Convention aims to improve the legal certainty and commercial predictability of electronic contracts. This is achieved through a number of provisions in the Convention, including those which establish the functional equivalence of electronic communications and signatures with their paper-based counterparts and those which set rules to assist in determining when and where an electronic communication has been sent and received.

The Convention was adopted by the UN General Assembly in November 2005 and has since received six signatories. A number of important economies have been quick to sign and endorse the Electronic Contracting Convention and it appears that it will play a significant role in shaping global e-contracting law.

Related links:

Sixth ASEAN E-Commerce workshop in Manila - May 2006

Related Galexia services and solutions

The sixth ASEAN Workshop on E-Commerce was held in Manila from 27-28th May 2006. It was a gathering of around 32 delegates (including more than 27 from ASEAN, 3 from ASEC, 1 from AADCP and 1 expert speaker) and technical experts to discuss many important aspects of the ASEAN E-Commerce Project. Most prominently discussed were the topics of:

  • The results from Survey (S4) of existing approaches to Online Contract Formation and Online Dispute Resolution in ASEAN countries;
  • The practical application of Online Dispute Resolution through examination of an Online Dispute Resolution facility (Philippines) to examine dispute resolution issues in greater detail;
  • Existing approaches and activities in ASEAN member countries for Online Contract Formation and Online Dispute Resolution covered in Discussion Paper (DP3); and
  • Existing approaches and activities for Online Contract Formation and Online Dispute Resolution in other countries/regions and international organisations covered in Discussion Paper (DP4).

The objective of this Workshop was to introduce project participants to the objectives and activities of the one-year project extension to consider Online Contract Formation and Online Dispute Resolution. The Workshop confirmed the scope of the project extension and facilitated liaison between the project and the ASEAN Working Group on E-commerce and ICT Trade Facilitation (Working Group). The Working Group also met in Manila on Monday 29 May 2006 at the same venue.

Workshop content included:

  • The presentation of material and updates on national, regional and international initiatives in Online Contract Formation and Online Dispute Resolution;
  • Preliminary discussion of options for harmonisation for ASEAN; and
  • A virtual site visit to an Online Dispute Resolution facility in the Philippines.

The Workshop was facilitated by the Manila based Cyberspace Policy Centre for Asia-Pacific (CPCAP) and Galexia. The Executive Director of CPCAP, Claro V Parlade arranged for the workshop to be opened by Mr Angelo Timoteo M. Diaz de Rivera (Commissioner of e-Government Development).


W6 - Day 1: Iwan Gunawan (ACIL), Claro Parlade (Philippines), Timoteo Diaz de Rivera (Philippines), Chris Connolly (Galexia), Peter van Dijk (Galexia) and Honorio R. Vitasa (ASEC) EC-ITF Working Group Meeting: Peter van Dijk (Galexia), Ambalagan K (Chairman), Chris Connolly (Galexia) and Honorio R. Vitasa (ASEC)
W6 - Day 2: Honorio R. Vitasa (ASEC), Chris Connolly (Galexia), Ky Anh Nguyen (ASEC) and Mega Irena (ASEC) W6 - Day 2: Mega Irena (ASEC), Claro Parlade (Philippines), Maw Maw Aye (Myanmar), Khin Htwe Myint (Myanmar), Chris Connolly (Galexia) and Do Xuan Minh (Vietnam)

Related links:

Galexia to help develop the Australian Government e-Authentication Framework for Individuals (AGAFI) - April 2006

Related Galexia services and solutions

Galexia has recently won a competitive tender to work with the Department of Finance and Administration to conduct consultancy services for the Australian Government e-Authentication Framework for Individuals (AGAFI). The project will involve the provision of strategic advice, and the provision of a Privacy Impact Assessment (PIA) and Privacy Management Strategy (PMS) documentation for publication.

Galexia will also undertake investigation and report on technical approaches to protecting privacy in online transactions, known as Privacy Enhancing Technologies (PETs). This will incorporate assessments of the potential for PETs to enhance the uptake of online services, including their effectiveness, their maturity as protocols, implementation issues such as barriers to implementation, interoperability between these protocols and usability.

The documents will also look to investigate and report on the legal liability implications of government agencies relying on the evidence of identity and other identity management processes of other agencies and non-government organisations such as banks and financial institutions. Galexia’s work will incorporate the examination of best practice governance arrangements for the framework including an examination of current implementations in other national and international jurisdictions.

This project is an extension of previous Galexia work for AGIMO, and is a joint undertaking with Doll Martin Associates.

Galexia to help complete the Gatekeeper Public Key Infrastructure Framework for AGIMO - April 2006

Related Galexia services and solutions

Following a competitive tender, the Department of Finance and Administration has selected Galexia to undertake consultancy services relating to the Gatekeeper PKI Framework.

The Gatekeeper Strategy governs the use of PKI in government for the authentication of external clients. The strategy provides a whole-of-government framework that delivers integrity, interoperability, authenticity and trust for agencies and their clients. The strategy is underpinned by a standards-based, technology-neutral accreditation program for issuers of digital certificates.

The Framework is aimed at making the application of PKI less complex and more affordable for businesses and government agencies. It better aligns the Gatekeeper Strategy with the way governments and businesses conduct their day-to-day activities. The Framework introduces new categories of digital certificates for Organisations and Individuals.

More information about the Gatekeeper PKI Framework can be found at http://www.agimo.gov.au/infrastructure/gatekeeper.

Galexia will be working with the Australian Government Information Management Office (AGIMO), who works across government to maintain Australia's position as a leader in the productive application of information and communications technologies (ICT) to government administration, information and services.

Galexia will also work with both the Department of Finance and members of other specific working groups established by the Gatekeeper Policy Committee to deliver an operational Gatekeeper PKI Framework by 30 June 2006.

External links:

The UN Convention on Electronic Contracting - March 2006

Related Galexia services and solutions

Related Galexia news articles

  • UN Convention on the Use of Electronic Communications in International Contracts to come into force Read more »

Published

  • Computer Law & Security Report, volume 22, issue 1, 2006, pages 31-38

Read the full text of the article from the Galexia website »

An update on the UN Convention on Electronic Contracting is available from the Galexia website:

  • UN Convention on the Use of Electronic Communications in International Contracts to come into force - July 2006 Read more »

Galexia’s article on the UN Convention on electronic contracting by Chris Connolly and Prashanti Ravindra has now been published in the Computer Law and Security Report. The Computer Law and Security Report is a journal dedicated to covering key developments in IT law and security.

The UN Convention seeks to enhance the legal certainty and commercial predictability of international electronic transactions by setting out a number of interpretive rules for the use of electronic communications in negotiating and forming contracts. The paper discusses the main provisions of the Convention and the impact of the Convention on the legal rules surrounding electronic contracting.

The final draft of the UN Convention is available as an annex to the UNCITRAL Report of its 38th Session at: <http://www.uncitral.org/uncitral/en/commission/sessions/38th.html>.

This article was first published in Computer Law & Security Report, 22 (2006) 31-38 <http://www.sciencedirect.com/science/journal/02673649>.

Related links:

Galexia conducting Preliminary Privacy Impact Assessments (PIAs) on Healthcare Provider Identifier (HPI) and Individual Healthcare Identifier (IHI) for National E-Health Transition Authority (NEHTA) - February 2006

Related Galexia services and solutions

Following a competitive tender, the National E-Health Transition Authority (NEHTA) has asked Galexia to contribute the development of a secure, interoperable e-health environment in Australia. The project involves the development of two different types of healthcare identifiers. As such, Galexia’s primary role is the development of two preliminary Privacy Impact Assessments (PIAs) to examine and document potential privacy concerns.

  • The first, the Healthcare Provider Identifier (HPI), is required so that individual providers can communicate with their colleagues, and jurisdictions can improve connectivity between their clinical systems within and across borders. Nationally, unique provider identification is recognised as a foundation for the broader e-health agenda and the implementation of Shared Electronic Health Records (Shared EHRs).
  • The second, the Individual Healthcare Identifier (IHI), is required to ensure the correct identification of an individual and to make sure that the right information is attached to the right person.

External links:

Galexia to assist in further harmonisation of ASEAN electronic commerce - February 2006

Related Galexia services and solutions

Galexia has won a competitive tender for a groundbreaking one-year project that will further streamline electronic commerce in South East Asian nations.

The project is an extension of a previous Galexia project to develop and implement a harmonised legal infrastructure for electronic commerce in ASEAN (Association of South East Asian Nations: Brunei Darussalam, Cambodia, Indonesia, Laos, Malaysia, Myanmar, Philippines, Singapore, Thailand and Vietnam). This project extension will focus on harmonising electronic contracting and Online Dispute Resolution legal infrastructures in the region.

The goal of the project is to assist ASEAN to integrate into one market for goods, services and investment by the establishment of a harmonised legal, regulatory and institutional environment for electronic contracting and dispute resolution. The development and implementation of harmonised legal infrastructures for electronic contracting and dispute resolution will facilitate the development of e-commerce by providing users with common methods for completing electronic contracting steps, and a common framework for resolving electronic commerce disputes.

The project will produce the following outputs:

  • A compilation of discussion papers focussing on ASEAN and international developments in electronic contracting, Online Dispute Resolution and jurisdiction of legal frameworks;
  • Conducting surveys on the electronic contracting and Online Dispute Resolution legal landscapes in ASEAN member countries;
  • The development of a proposed framework for harmonised legal infrastructure for electronic contracting and dispute resolution; and
  • The compilation of implementation guides to support the proposed framework.

This project is funded by the ASEAN Australia Development Cooperation Program (AADCP) - Program Stream. AADCP is funded by the Australian Government, through AusAID and implemented in close collaboration with the ASEAN Secretariat and is managed by Cardno Acil Pty Ltd.

Related links:

Galexia publishes case note on WL v La Trobe University case - February 2006

Related Galexia services and solutions

Galexia has written a case note on the recently decided Victorian Civil and Administrative Tribunal decision, WL v La Trobe University.[2] The case examines what personal information can be collected and stored in order to come within the definition of personal information under the Information Privacy Act 2000 (Vic). The case note examines the facts and the decision of the case, as well as the implications for information handling after the decision.

This is a key decision as it is the most detailed consideration of the definition of ‘personal information’ in Australian privacy laws to date. For more information on the impact of this decision on your organisation, contact Galexia.

In completing this case note, Galexia has used the opportunity to examine various areas of privacy law, including freedom of information, the de-identification of personal data and the specific area of personal health information.

Related links:

Galexia publishes plain language guide to cyberlaws - January 2006

Related Galexia services and solutions

As part of an analysis of cyberlaws coverage in ASEAN (the Association of South East Asian Nations), Galexia has written a paper which looks closely at the following aspects of online-laws:

  • Consumer Protection;
  • Privacy and Data Protection;
  • Cyber-crime;
  • Spam;
  • Online Content Regulation;
  • Digital Copyright;
  • Domain Name Regulation;
  • Electronic Contracting; and
  • Online Dispute Resolution.

Related links:

Galexia expands work with Law Society of NSW and Commonwealth Department of Industy, Tourism and Resources (DITR) - January 2006

Related Galexia services and solutions

  • Specialised Legal and Regulatory Consulting. Read more »
  • Identity Management and Authentication - Technical Consulting. Read more »
  • Identity Management and Authentication - Strategic Consulting. Read more »

As part of work completed in 2005; and continuing in 2006, Galexia is working closely with the Law Society of NSW and the Commonwealth Department of Industy, Tourism and Resources (DITR) to develop policies, procedures and documents for a pilot of the Law Society’s digital credentials. Galexia’s role in the project is to ensure that policies are compatible with current best practices in public key infrastructure (PKI) and proposed Gatekeeper reforms.

The project is a timely consideration of digital identity for lawyers and considers:

  • Digital signature certificates and Electronic Signatures
  • Public Key Infrastucture (PKI)
  • Smart Cards
  • Impact of GateKeeper reforms
  • Electronic conveyancing
  • Electronic Court Lodgement

Related links:

Galexia to develop Privacy Impact Assessment (PIA) for Government employees in Australia - January 2006

Related Galexia services and solutions

Galexia has won a competitive tender to work with AGIMO, the Australian Government Information Management Office to conduct a Privacy Impact Assessment (PIA) on their Identity Management for Government Employees (IMAGE) Framework. AGIMO, the governmental arm that deals with the delivery of public services by utilising ICT, aims to provide infrastructure, protocols, policy and work practices that will allow government agencies to efficiently manage the identities of their employees and contractors.

As well as a PIA, Galexia will be working closely with AGIMO to develop a Privacy Management Strategy (PMS) for IMAGE to provide a consistent, transparent identity management system across the Australian Government public services sector.

The goal of this project and resulting framework is to build trust across agencies and facilitate confidence in the associated identification credentials.

Related links:

AUSTROADS engages Galexia for a risk management framework on national vehicle database - January 2006

Related Galexia services and solutions

Galexia has been commissioned to assist the association of Australian and New Zealand road and transport authorities (AUSTROADS), with a proposed expansion of third-party access to information held in the National Exchange Of Vehicle And Driver Information System (NEVDIS) database. Galexia’s role is to provide strategic privacy advice and a risk management framework. This project is an extension of previous Galexia work for AUSTROADS, and is a joint undertaking with Doll Martin Associates.

Related links:

Galexia complete Cyberlaws Survey in ASEAN - January 2006

Related Galexia services and solutions

Galexia has completed a review of cyberlaws in ASEAN which presented data and examined the coverage of cyberlaws in ASEAN. The Cyberlaws Analysis supports material published as part of the ASEAN E-Commerce Project and provides information on existing and planned cyberlaw developments in ASEAN member countries. This paper has been created to assist ASEAN understand how e-commerce law ‘fits in’ to the broader context of cyberspace laws.

This analysis is also designed to assist the ASEAN E-Commerce and ICT Trade Facilitation Working Group in its consideration of the cyberlaw needs of ASEAN. It examines cyberlaws that have been enacted in all ASEAN member countries, both from an ASEAN-wide perspective and on a county-by-country basis and contains a number of conclusions and findings on the status of cyberlaw regulation in ASEAN.

The analysis examines the following cyberlaws, in each of the ASEAN jurisdictions:

  • Consumer protection;
  • Privacy and data protection;
  • Cyber-crime;
  • Spam;
  • Online content regulation;
  • Digital copyright;
  • Domain name regulation;
  • Electronic contracting; and
  • Dispute resolution.

Related links:

Fifth ASEAN E-Commerce harmonisation workshop in Singapore - December 2005

Related Galexia services and solutions

Continuing Galexia’s series of international workshops on the ‘Harmonisation of Legal Infrastructure for E-Commerce in ASEAN’ project, Galexia co-ordinated a fifth workshop (W5) in Singapore in December 2005. The workshop brought together high-level representatives from ASEAN member countries to facilitate the practical implementation of a harmonised e-commerce legal infrastructure in the region.

The workshop was attended by over 35 delegates from member countries throughout ASEAN, and a number of high-profile guest speakers. In facilitating the practical implementation of the harmonised e-commerce legal infrastructure, training and capacity building sessions were conducted on:

  • Drafting and implementing e-commerce laws and regulations;
  • Managing e-commerce law and exemptions;
  • Making e-commerce laws accessible to business and the public;
  • Relevant international instruments (eg The UNCITRAL Convention on Electronic Contracting);
  • Recognition of digital signatures, including recognition of foreign digital signatures;
  • PKI regulation, licensing and accreditation; and
  • Business perspectives on e-commerce law.
The UNCITRAL Convention on Electronic Contracting

A keynote presentation was made at the workshop by Mr. Jeffrey Chan Wah Teck, Principal Senior State Counsel, Civil Division Attorney-General's Chambers (AGC) Singapore. Jeffrey Chan is the current Vice-Chair and former Chair of the UNCITRAL General Assembly. He also chaired the UNCITRAL Electronic Commerce Working Group during the development of the UNCITRAL Convention on Electronic Contracting.

The presentation emphasised the salient features of the Convention, how the Convention alters existing international law, and the likely impact of the Convention. Skills emphasising practical considerations involved with implementing the Convention into domestic law were also developed in an interactive break-out session.

Guest Presenters at the Singapore Workshop (W5)

Guest presenters, Mr Ken Chia and Mr Kenneth Lim, were organised by Galexia to provide participants with first-hand knowledge of recent developments in APEC and the ASIA PKI Forum.

Mr Chia presented on the regional context of e-commerce laws including the need to keep e-commerce laws up-to-date through regular reviews of electronic transactions legislation.

Mr Lim’s presentation focused on the commercial deployment of PKI, including using PKI as a tool for trade facilitation.

The workshop was a highly successful conclusion to the project and delegates were provided with material that provided on going assistance in their efforts to integrate into a single online market.

This workshop marks the conclusion of a two year project conducted by Galexia to to assist ASEAN to integrate into one market for goods, services and investment by the establishment of a harmonised legal, regulatory and institutional environment for e-commerce. It will be followed by a one-year project extension that will assist ASEAN develop and implement harmonised legal infrastructures for electronic contracting and online dispute resolution


Guest Presenters and Galexians
(left to right) Peter van Dijk (Galexia), Ken Chia (Baker & McKenzie, Wong & Leow Lawyers, Singapore), Chris Connolly (Galexia) and Jeffrey Chan (Attorney-General's Chambers, Singapore)		 Galexia presentation
Chris Connolly (Galexia) and Peter van Dijk (Galexia)
Galexia presents gift to guest presenter, Kenneth Lim
Chris Connolly (Galexia), Peter van Dijk (Galexia) and Kenneth Lim (CrimsonLogic, Singapore)		 Guest presentation by Ken Chia
Ken Chia (Baker & McKenzie, Wong & Leow Lawyers, Singapore)

Related links:

AGIMO develops out e-Authentication Framework to individuals - December 2005

Related Galexia services and solutions

On the 5th of December 2005, the Special Minister of State, Eric Abetz announced the proposed extension of the Australian Government e-Authentication Framework to individuals. The original Framework was used to facilitate and manage the risks involved with the electronic transactions between business and government via the use of electronic authentication. It constituted a whole-of-government approach to managing these risks, as first acknowledged by the Australian Government Information Management Office (AGIMO). By extending AGAF to individuals, (hence AGAF(I)), simple transactions such as change of address or name could be spread throughout all government organisations from a central point without having to individually notify them all. It is hoped that the use of electronic channels would provide greater convenience to individuals and value for money for the community. As noted by AGIMO, the convenience of replacing multiple transactions with different agencies with one transaction is appealing, as long as individuals’ privacy is protected.

Whilst in the past, the Framework was limited to bilateral transactions between business and government, the roll-out to individuals is seen as a far more important and arguably from a privacy point of view, problematic extension. Issues such as function creep, the access or modification of personal information in transit, or the solicitation of personal information constitute a far greater risk when dealing with individuals. The sheer number of possible transactions and the ability to gain access to higher levels of personal information once simple information is found, either by way of brute force, or social engineering attacks increases security risks. This is also compounded when one takes into account the fact that individuals might be less vigilant when choosing or withholding passwords than a business may be. To counter these problems, in the lead up to the discussion paper AGIMO convened a Privacy Impact Assessment Consultative Group (consisting of privacy and public policy advocates) to explore privacy issues around e-authentication.

AGIMO has released a discussion paper in order to outline the proposal generally, as well as to inform the public of the their ability to share their views on the appropriateness of the framework. Issues such as user control, risk apportionment, infrastructure and potential services are also discussed. The paper also offers an interesting analysis of other e-authentication frameworks throughout out the world and compares and contrasts the salient privacy features of each. Among these are the Canadian Authentication principles, the New Zealand Policy and Implementation Principles for online authentication and the Microsoft Laws of Identity.

Related links:

Galexia presents at CSIRO Science Policy Workshop - November 2005

Related Galexia services and solutions

Galexia directors Peter van Dijk and Chris Connolly presented at the CSIRO Science Policy Workshop in Canberra in late November 2005. The Workshop is an annual event discussing potential links between CSIRO scientific research and Australian Government policy initiatives.

Galexia presented on privacy and ethical issues in human data research, accompanied by presentations from Dr Richard Head from CSIRO and Professor Donald Chalmers, Dean of the Faculty of Law at the University of Tasmania. Galexia’s topic ‘Privacy and Research’ looked at the common public perceptions of privacy in Australia and the impact these community perceptions may have on health research in the future.

Related links:

Galexia publishes article on the Montreux Declaration - November 2005

Related Galexia services and solutions

Privacy commissioners around the world have called for the United Nations to prepare a convention on data protection. The proposed convention will recognise the universal nature of data protection and privacy rights and will seek to overcome the inconsistencies and barriers to cross-border information exchanges created by inconsistent data protection regimes.

The proposals for a universal privacy convention were made following the 27th International Conference of Data Protection and Privacy Commissioners (Montreux, Switzerland, 14-16 September 2005).

The Montreux Declaration recognises the increasing cross-border context surrounding data exchange; the disparity in national and regional data protection regimes; and the protection of privacy as a fundamental human right and recommended the creation of a convention to strengthen the universal character of data protection principles.

This article includes detailed information about the Declaration and the proposal for an international convention. This article also considers other international and regional efforts aimed at promoting harmonisation of privacy laws and the potential impact of a UN data protection privacy convention.

Related links:

Galexia to publish article on the UNCITRAL Convention on Electronic Contracting - November 2005

Related Galexia services and solutions

Related Galexia news articles

  • UN Convention on the Use of Electronic Communications in International Contracts to come into force - July 2006 Read more »
  • Galexia’s article about the UN Convention on Electronic Contracting published in the Computer Law & Security Report - March 2006 Read more »

An article on the UNCITRAL Convention on electronic contracting by Chris Connolly and Prashanti Ravindra will soon be published in the Computer Law and Security Report. The article is due to be published in late 2005 or early 2006.

Related links:

Recruitment: We are looking for an Office Manager to join our team - August 2005

We are looking for a trusted team member to help with the administration of our business.

Applications closed on 2 September 2005.





CSIRO P-Health Flagship engages Galexia in analysis of privacy and trust issues in the use of health data in research - August 2005

Related Galexia services and solutions

Following a competitive tender, CSIRO engaged Galexia to analyse privacy and trust issues in the use of health data in research and in applications in clinical settings.

This analysis considers new technology products in the identity management and authentication space, including strategic advice on the commercialisation of products developed by CSIRO -- for example, Privacy Preserving Analytics (PPA).

This work is being undertaken for the CSIRO Preventative Health National Research Flagship. This Flagship Programme has recognised that the appropriate collection, linking, interrogation and management of data will play a vital role in facilitating healthier, more productive lives for Australians. However, the analysis of linked population, clinical and genetic health databases raises privacy, confidentiality, and potentially ethical concerns.

Related links:

Galexia commissioned to conduct a survey of ASEAN Cyberlaws - August 2005

Related Galexia services and solutions

Galexia has been commissioned to conduct a Survey of Cyberlaws in ASEAN and to produce a “gap analysis” which would be published as a report for member countries.

Potential Cyberlaws to be discussed include:

  • Consumer protection;
  • Privacy and data protection;
  • Cyber-crime;
  • Spam;
  • Online content regulation;
  • Digital copyright;
  • Domain name regulation;
  • Electronic contracting; and
  • Dispute resolution.

This project is funded by the ASEAN Australia Development Cooperation Program (AADCP) - Program Stream. AADCP is funded by the Australian Government, through AusAID and implemented in close collaboration with the ASEAN Secretariat and is managed by ACIL Australia Pty Ltd.

Related links:

Malaysian Minister announce new E-Commerce Laws at Galexia Workshop - July 2005

Related Galexia services and solutions

Continuing Galexia’s series of international workshops on the ‘Harmonisation of Legal Infrastructure for E-Commerce in ASEAN’ project, Galexia co-ordinated a fourth workshop in Malaysia in July 2005. The workshop brought together high-level representatives from ASEAN member countries to discuss the implementation of e-commerce legal harmonisation for the region.

The Malaysian Ministry for Domestic Trade and Consumer Affairs were the hosts for the workshop. The Minister (Hon. Datuk Shafie Apdal) opened the workshop and announced the progress of e-commerce and e-government legal infrastructure in Malaysia.

This event was well attended by the press and television. Following the opening address the Minister conducted a press conference and subsequently there was coverage in the newspapers and on television news.

Related links:

Fourth ASEAN E-Commerce harmonisation workshop in Malaysia - July 2005

Related Galexia services and solutions

Continuing Galexia’s series of international workshops on the ‘Harmonisation of Legal Infrastructure for E-Commerce in ASEAN’ project, Galexia co-ordinated a fourth workshop in Malaysia in July 2005. The workshop brought together high-level representatives from ASEAN member countries to discuss the implementation of e-commerce legal harmonisation for the region.

This Workshop was a gathering of around 35 delegates (including more than 31 from ASEAN, 2 from ASEC and 1 expert speaker) and technical experts to discuss many important aspects of the Project:

  • Recent developments in member countries in improving e-commerce legal infrastructure;
  • The meeting of the ASEAN Working Group on E-Commerce and ICT Trade Facilitation (Myanmar, 5 July 2005);
  • A report from UNCITRAL on the final consideration of the Convention on Electronic Contracting (Vienna, 4-15 July 2005);
  • Reports from other international developments, including the recent meeting of the ASIA PKI Forum (Singapore, 6 July 2005);
  • Consideration of the draft content of the Generic Implementation Guide; and
  • Consideration of the template for the Country Implementation Guides.

The objective of this Workshop (W4) was to help ASEAN and the Galexia E-Commerce Project team to further develop the content of the Generic Implementation Guide (GG1) and seek member country input and advise on the content and structure of the Country Specific Implementation Guides (CG1-10).

Workshop content included the presentation of material and updates on national, regional and international initiatives including an extended presentation on the final text of the UNCITRAL draft convention, and a detailed examination of the Generic Implementation Guide (GG1) and the Survey on Implementation Issues and Constraints for a Harmonised E-Commerce Legal Infrastructure in ASEAN (S2) results.

Related links:

Digital credentials for the legal profession - July 2005

Related Galexia services and solutions

Galexia won a competitive tender to provide business analysis, research and advice in the development of digital credentials for the legal profession in NSW and Australia.

This has been commissioned by the Law Society of NSW and the Commonwealth Department of Industry, Tourism and Resources (DITR).

Related links:

Presentation at Asia PKI Forum in Singapore - July 2005

Galexia Director, Chris Connolly, made a presentation to the quarterly meeting of the ASIA PKI Forum in Singapore. The meeting was well attended and Chris discussed various e-commerce legal issues, PKI interoperability and the ASEAN E-Commerce Project.

Workshop on 'Privacy Management Strategies for Local Government' - July 2005

Related Galexia services and solutions

Galexia delivered a presentation at the advanced workshop 'Privacy Management Strategies for Local Government'.

The presentation Managing Privacy Responsibilities: Privacy Impact Assessments outlined a number of issues and challenges in handling new technology from a privacy management standpoint. The presentation also delved into the management of privacy by looking closely at Privacy Impact Assessments (PIAs) and Privacy Management Strategy (PMS).

Related links:

Galexia publishes article on the US Real ID Act - June 2005

Related Galexia services and solutions

Identity fraud and identity theft are major issues in Internet regulation. They have become the major focus of cyber crime initiatives and debate. Legislation has recently been passed in the US that critics say will create a de facto national ID card. Backed by the REAL ID Act of 2005, the US will soon bring into place massive reforms to standardise driver’s licenses and personal identification cards, effectively paving the way for a system of national identification.

This article describes the key aspects of the US REAL ID Act and some of the controversy that has surrounded this proposal. The article concludes with an examination of the potential impact of this development in Australia.

Related links:

Patient privacy and security - June 2005

Related Galexia services and solutions

Chris Connolly, Elizabeth Denny-Wilson and Stephen Wilson will have an article published in the Journal of the Australian Epidemiology Association on ‘Patient Privacy and Security - Not a zero sum game!’. The article is due to be published in June 2005.

Related links:


Galexia participates in 2005 Australian Mission to the Asian Development Bank - March 2005

Galexia attended 2005 Australian Trade Mission to the Asian Development Bank in Manilla, Philippines in March 2005.

Related links:


Biometrics and Privacy - March 2005

Related Galexia services and solutions

Galexia has provided strategic privacy advice to a major government agency on the design and implementation of biometric identity solutions.

Related links:


Remaining legal barriers to the use of digital signatures in Australia - March 2005

Related Galexia services and solutions

  • Identity Management and Authentication - Technical Consulting. Read more »

Chris Connolly, Director of Galexia, presented to the Gatekeeper Policy Advisory Committee (GPAC) on “Remaining legal barriers to the use of digital signatures in Australia”. GPAC is made up of government agency directors and industry association representatives and advises the Australian Government Information Management Office on PKI.

Related links:


Galexia publishes article on PKI Interoperability - February 2005

Related Galexia services and solutions

As a vital aspect of e-commerce regulation and security, PKI policy analysis and development is one of Galexia’s core skills. But rather than touting PKI as a panacea for electronic systems all over the globe, Galexia appreciates that at this early stage only very specific markets have the need and desire to implement a PKI.

This article considers how PKI systems can advance from that ‘localised’ stage to become interoperable - where necessary - and enable the wide authentication that has been promised for so long. It looks at both the theoretical and more practical models that have been suggested as approaches to the problem.

Related links:


Third ASEAN E-Commerce harmonisation workshop in Cambodia - February 2005

Following on from the success of the previous workshops for the ‘Harmonisation of Legal Infrastructure for E-Commerce in ASEAN’ project in 2004, Galexia hosted a third workshop in Siem Reap, Cambodia in February 2005. The workshop brought together high-level representatives from ASEAN member countries to discuss options for harmonisation and many other important aspects of the Project, including:

  • Developments since the E-Commerce Project Bangkok Workshop (W2). For example, reaffirmation at the Vientiane ASEAN Summit of e-ASEAN as a priority sector and developments with the UNCITRAL Draft Convention on Electronic Contracting;
  • Update on developments in ASEAN member countries since the Bangkok Workshop;
  • Consideration of options for a harmonised e-commerce legal infrastructure;
  • The technical recommendation of the E-Commerce Project Participants on a preferred option for harmonisation; and
  • Discussion and confirmation of steps required to achieve consensus on a preferred option in ASEAN.

In addition to the substantive content of the workshop a number of social activities were organised by Galexia. This included:

  • Welcome Dinner with Cultural Entertainment
    Delegates who attended the Project Workshop were invited to attend a Welcome Dinner with Cultural Entertainment hosted by Galexia. This dinner and cultural entertainment (Cambodian classical dancing) was held at a prominent Siem Reap hotel. The event was enjoyed by all and was a successful networking and team-bonding event.
  • Tour of Angkor Wat Temple Complex
    Delegates who attended the Project Workshop were also invited to attend a half-day tour of the Angkor Wat Temple complex. Delegates participated in guided tours of the Angkor Wat and Angkor Thom temples. The event provided more successful networking and team building opportunities.

Related links:


The UN Convention on Electronic Contracting - January 2005

Related Galexia services and solutions

Galexia conducts a wide range of strategic projects on e-commerce law in Australia and the region, and the new Convention on electronic contracting is of particular importance in this area.

The United Nations Commission on International Trade Law (UNCITRAL) Draft Convention on the use of electronic communications in international contracts is one of the most significant recent developments in international electronic commerce law. UNCITRAL has now finalised the text of the convention and expects to discuss approval of the Draft Convention at a full Commission meeting in mid 2005. The Draft Convention could then be presented to the UN General Assembly and may be open for ratification by the end of 2005 or early 2006.

Related links:


ASEAN Prioritises E-Commerce Integration - November 2004

29th November 2004 - At the 10th ASEAN Summit in Vientiane, Laos, the ASEAN leaders have agreed to accelerate the integration of 11 priority sectors, including the e-commerce 'e-ASEAN' initiative, reaffirming ASEAN’s commitment to fast track the integration towards the ASEAN Economic Community (AEC) that ASEAN Leaders agreed to establish by 2020. The AEC is envisaged as a single market and production base with free flow of goods, services, investment, skilled labour and freer flow of capital.

The 11 priority sectors accounted for more than 50% of intra-ASEAN trade in 2003. In value terms, the priority sectors contributed US$48.4 billion and US$43.4 billion of intra-ASEAN exports and imports, respectively, in 2003.

Attached to each protocol is a roadmap to serve as the basis for economic integration of each of the priority sectors. These roadmaps were prepared with active involvement of the private sector. The roadmap includes specific measures that are of direct relevance to each sector, as well as common measures that cut across all priority integration sectors to be implemented with timelines from now on to the year 2010. For example, relevant to e-ASEAN, product standards and technical regulations will be harmonised to reduce the transaction costs of doing business in ASEAN.

Galexia's work on e-commerce legal infrastructure harmonisation forms a vital part of this initiative. Read more about the ASEAN E-Commerce project »


Overview of E-Commerce Legal Infrastructure - October 2004

The development and implementation of a harmonised legal infrastructure for e-commerce can facilitate the development of e-commerce by providing parties with certainty that their transactions will be recognised in multiple jurisdictions. This paper provides an overview of the requirements for establishing a successful E-Commerce Legal Infrastructure.

Related links:


Second ASEAN E-Commerce harmonisation workshop in Bangkok - October 2004

Following on from the successful first workshop for the ‘Harmonisation of Legal Infrastructure for E-Commerce in ASEAN’ project in May 2004, Galexia hosted a second workshop in Bangkok, Thailand in October 2004. The workshop brought together high-level representatives from ASEAN member countries to discuss options for harmonisation.

Related links:


Galexia presented at APEC TEL 30 - September 2004

Galexia made a presentation to the 30th meeting of the Asia-Pacific Economic Co-operation Telecommunications & Information Working Group (APEC TEL WG), in Singapore in September 2004.

The presentation, for the e-Security Task Group of APEC TEL WG, was on the harmonisation of e-commerce laws in ASEAN.

Related links:

External links:


Exemptions in the Australian Electronic Transactions Act - September 2004

Related Galexia services and solutions

This article provides an overview of the Commonwealth Electronic Transactions Act (ETA) and the eight State and Territory ETAs in Australia. It focuses on the many exemptions and how to find them.

This is an important area of law for many new technology implementations involving electronic communication. If a particular transaction is exempt from the ETA in one or more jurisdictions, this can present a significant barrier to the use of electronic communication. For example, a wholly electronic process for selling consumer credit products is not viable in many Australian jurisdictions, because consumer credit laws requiring hard copy disclosure documents are exempted from the relevant ETAs.

Identifying and locating the relevant ETA exemption can be a difficult and time-consuming task. This article provides some guidance through the ETA maze, and includes an appendix listing common exemptions and their location.

Related links:


Galexia's Commonwealth Endorsed Supplier Arrangement extended to 2007 - August 2004

Galexia’s Endorsed Supplier Arrangement (ESA) with the Australian Government has been extended to September 2007.

Related links:


Galexia develops and hosts course materials for Electronic Commerce Law - August 2004

Related Galexia services and solutions

Galexia has developed materials for the University of NSW course on Electronic Commerce Law (2004). This is available as an updated extranet for course participants.

Galexia has also developed and hosts course materials on Cyberspace Law. Read more »


Galexia publishes article on Managing Consent in a Multidisciplinary Team Environment - June 2004

This article examines the issue of Managing Patient Consent to the use and disclosure of personal information in a Multidisciplinary Team Environment. It reviews the recent NSW Administrative Decisions Tribunal decision in KJ v Wentworth Area Health Service and considers the future of privacy law and practice in this field.

This paper is available in the following formats from <http://www.galexia.com/>:

Read more on Galexia’s published works »


Galexia at the inaugural Asian Law Institute (ASLI) conference - May 2004

The ASLI inaugural conference topic was ‘The Role of Law in a Developing Asia’ and was hosted by the Faculty of Law, National University of Singapore, on 27 and 28 May 2004. The conference covered a number of contemporary issues on Asian law, including, constitutional reform, the administration of justice, Asian legal traditions, international trade and investment, cross-border crime, the harmonisation of commercial law in Asia and intellectual property protection in Asia.

Galexia team members were involved in a number of presentations:

  • Chris Connolly from Galexia presented a paper Harmonisation of Electronic Commerce Legal Infrastructure in ASEAN countries.
  • Galexia project partner, Adrian Lawrence (Baker & McKenzie, Sydney) presented a joint paper on Legal Challenges in cross-border electronic transactions.
  • Galexia Associate, Yee Fen Lim, presented a paper on A Comparative Analysis of PKI Regimes in Asian Jurisdictions.

Related links:

External links:


Galexia presents on Legal and Privacy Issues in e-Government - May 2004

Galexia participated in The Business e-Volution of Government (Conference and e-Government Expo) on 26 and 27 May 2004, organised by the Australian Government Information Management Office (AGIMO) and Institute of Public Administration (IPAA) Act Division

Galexia presented a paper Managing privacy in identity management - the way forward. This paper examines the question: How can privacy risks be understood and managed within large-scale identity management systems? This paper is published in the IPAA/AGIMO e-Government Research Papers, which was launched at the conference.

Additionally, Galexia participated in the panel discussion on Legal and Privacy Issues in e-Government

Related links:

External links:


Galexia holds first workshop on ASEAN e-commerce harmonisation in Singapore - May 2004

As part of the ongoing Harmonisation of Legal Infrastructure for E-Commerce in ASEAN project, Galexia hosted the project’s first workshop in Singapore on May 26.

The meeting brought together high-level representatives from Brunei, Cambodia, Indonesia, Malaysia, the Philippines, Singapore, Thailand and Vietnam, as well as representatives of the ASEAN Secretariat and Galexia’s own team of experts, to discuss current frameworks for digital signatures and e-transactions, and consider the way forward for the project.

Related links:

Federal Court injunction obtained under Privacy Act - May 2004

In a highly significant legal development affecting many of Galexia’s clients, the Federal Court has granted a permanent injunction under section 98 of the Privacy Act 1988 (Cth).

In the case of Seven Network (Operations) Limited v Media Entertainment and Arts Alliance [2004] FCA 637 (21 May 2004), Seven Network was seeking to restrain the MEAA (a union that represented Seven employees) from using a company phone directory. The MEAA had already used the directory to conduct a phone poll of Seven employees regarding an enterprise agreement that Seven Network was offering directly to its workers. Negotiations over the agreement with the MEAA had previously broken down.

Justice Gyles rejected MEAA’s argument that only the Federal Privacy Commissioner, and not the Federal Court, could grant injunctions under the Privacy Act.

Related links:

External links:

Committee for Economic Development of Australia (CEDA) - E-Commerce - Pausing for Breath, Maximising Financial Returns & Managing Risks - April 2004

Seminar topic: ‘E-Commerce - Pausing for Breath, Maximising Financial Returns & Managing Risks’ for the Committee for Economic Development of Australia (CEDA). The speech will cover a variety of current issues in IT and business management

Date: 2 April 2004

Presenters:

  • Chris Connolly, Director, Galexia
  • Peter van Dijk, Director, Galexia
  • Matthew Hall, Partner, Phillips Fox.

Venue: CEDA Boardroom, Sydney. Level 9, 275 George St Sydney, NSW 1043

Audience: CEDA Member Company Representatives and Guests Only

About CEDA: The Committee for Economic Development of Australia (CEDA) is Australia’s leading business think tank. It regularly hosts presentations by the country’s economic and political leaders and its research has significant influence and media coverage.

Related links:

External links:

Galexia to assist ASEAN harmonise electronic commerce - March 2004

News and Downloads

Related Galexia services and solutions

Galexia has won a competitive tender for a groundbreaking two-year project that will streamline electronic commerce in South East Asian nations.

Galexia is partnering with global law firm Baker & McKenzie to develop and implement a harmonised legal infrastructure for electronic commerce in ASEAN (Association of South East Asian Nations: Brunei Darussalam, Cambodia, Indonesia, Laos, Malaysia, Myanmar, Philippines, Singapore, Thailand and Vietnam).

The goal of the project is to assist ASEAN to integrate into one market for goods, services and investment by the establishment of a harmonised legal, regulatory and institutional environment for e-commerce. Additionally, there is an opportunity for some of the developing nations within ASEAN to ‘leap-frog’ paper based commerce and develop more efficient electronic transactions for cross-border trade. The project is the first of its kind to be conducted in the Asia Pacific region, and is second only to the European Union in its approach to legislatively facilitate borderless electronic transactions across a group of nations.

This project is funded by the ASEAN Australia Development Cooperation Program (AADCP) - Program Stream. AADCP is funded by the Australian Government, through AusAID and implemented in close collaboration with the ASEAN Secretariat and is managed by ACIL Australia Pty Ltd.

e-ASEAN Framework

The e-ASEAN framework agreement states that members shall ‘adopt electronic commerce regulatory and legislative frameworks that create trust and confidence for consumers and facilitate the transformation of businesses towards the development of e-ASEAN’.

It is envisaged the legal infrastructure may take the form of a regionally agreed model for consistent national laws supported by an appropriate infrastructure that will legally recognise the effectiveness of online transactions and facilitate their enforceability.

A harmonised legal infrastructure presents a great opportunity for technological and commercial advancement. The agreed framework and resulting laws will underpin increasing confidence in and use of electronic commerce by businesses, governments and consumers, both within and beyond ASEAN. To be effective beyond ASEAN the framework will reflect the United Nations Commission on International Trade Law (UNCITRAL) Model Law on Electronic Commerce (1996) and the UNCITRAL Model Law on Electronic Signatures (2001).

Case study (2008)

Galexia has completed a case study of the Harmonisation of E-Commerce Legal Infrastructure in ASEAN project. The case study illustrates the progress made during the four years of the program (2004-2008), with eight of the ten ASEAN Member Countries having enacted e-commerce laws, and the remaining two having draft laws.

Project case study »

Project Extension (2006)

In January 2006, Galexia won the opportunity to work further in the ASEAN region by undertaking work to provide an extension to the ASEAN project. This project extension will focus on harmonising electronic contracting and Online Dispute Resolution legal infrastructures in the region.

The goal of the project is to assist ASEAN to integrate into one market for goods, services and investment by the establishment of a harmonised legal, regulatory and institutional environment for electronic contracting and dispute resolution. The development and implementation of harmonised legal infrastructures for electronic contracting and dispute resolution will facilitate the development of e-commerce by providing users with common methods for completing electronic contracting steps, and a common framework for resolving electronic commerce disputes.

The project will produce the following outputs:

  • A compilation of discussion papers focussing on ASEAN and international developments in electronic contracting, Online Dispute Resolution and jurisdiction of legal frameworks;
  • Conducting surveys on the electronic contracting and Online Dispute Resolution legal landscapes in ASEAN member countries;
  • The development of a proposed framework for harmonised legal infrastructure for electronic contracting and dispute resolution; and
  • The compilation of implementation guides to support the proposed framework.
UNCITRAL Convention of Electronic Contracting (2005)

The United Nations Commission on International Trade Law (UNCITRAL) has finalised its Convention on electronic contracting following over three years of deliberations. The Convention has been formally titled the Convention on the use of electronic communications in international contracts. It will be presented at the UN General Assembly meeting later this year, where if adopted it will become the first UN Convention addressing legal issues created by the digital environment.

The UNCITRAL Convention seeks to enhance the legal certainty and commercial predictability of international electronic transactions by setting out a number of interpretive rules for the use of electronic communications in negotiating and forming contracts.

The new Convention is likely to establish a default standard for electronic transactions. Even if a country does not ratify the Convention (once it is brought into force) it will still influence the terms of a transaction; particularly where the other contracting party is from a country that is a signatory to the Convention.

The Convention on electronic contracting also seeks to harmonise national law regarding how electronic contracts can be made. Harmonised domestic legislation will overcome the legal uncertainty in international business transactions where contracting parties are from different countries. A more certain legal environment will increase confidence in conducting electronic transactions, and in turn participation in e-commerce.

The Convention follows on from earlier work of the UNCITRAL Working Group on Electronic Commerce who released the Model Law on Electronic Commerce in 1996 and the Model Law on Electronic Signatures in 2001 (see below).

UNCITRAL Model Law on Electronic Signatures (2001)

It is intended that Model Law on Electronic Signatures (2001) will operate as a supplement, or an extension to the Model Law on Electronic Commerce (1996).

Despite the wider adoption of the Model Law on Electronic Commerce, within ASEAN the Model Law on Electronic Signatures has only been adopted by Thailand.

Thailand enacted dedicated electronic commerce legislation in 2001 at which point it was convenient to incorporate both the 2001 and 1996 Model Laws. By this time other nations had enacted electronic commerce legislation based on the 1996 UNCITRAL Model Law, and have generally not made any subsequent alterations to their domestic legislation. There are a few countries that have adopted the Electronic Commerce Model Law after 2001 without adopting the Model Law on Electronic Signatures.

In the interests of promoting party autonomy many provisions of UNCITRAL’s Model Law on Electronic Signatures (2001) can be contracted out of or varied by the mutual agreement of the parties. A flexible and expansive approach helps to facilitate the development of new techniques and technologies.

The Model Law on Electronic Signatures also promotes the same functional and media neutrality of its 1996 predecessor by providing that electronic signatures in any form should be treated equally provided they meet the minium functional specifications required to guarantee the signature’s integrity.

Generally, the Model Law on Electronic Signatures provides a broad legislative framework of sufficient detail to enable national governments to fill in the procedural ‘blanks’ needed to tailor the legislation to their national circumstances.

UNCITRAL Model Law on Electronic Commerce (1996)

The Model Law on Electronic Commerce is based on two principles:

1. Functional equivalence - paper documents and electronic transactions are treated equally by the law (Article 5); and
2. Media neutrality - the law does not discriminate between different forms of technology (Article 1 read with Article 2(a)).

These two principles are pivotal in ensuring that electronic transactions receive universal recognition. Transparency and predictability are the other desirable qualities in electronic commerce legislation - these will minimise legal uncertainty between contracting parties.

Existing laws in Singapore, the Philippines, Brunei and Thailand, are to a large extent based on the UNCITRAL Model Law on Electronic Commerce.

Website links

Australian Agency for International Development (AusAID)
http://www.ausaid.gov.au/

ASEAN Secretariat (Jakarta)
http://www.aseansec.org

ASEAN Australia Development Cooperation Program (AADCP)
http://www.aadcp.org
About Galexia

Galexia has expertise and experience in all aspects of electronic commerce law and provides expert analysis of PKI, authentication and digital signature regulatory issues to a range of local and international clients.

The Galexia team matches project management experience with legal expertise and technical understanding.

For more information


Galexia delivers specialist management consulting services to our clients. Galexia has expert consultants in privacy, authentication, electronic commerce and new technology. We leverage our legal, business and technical knowledge to deliver successful business strategies to a diverse range of clients.

Our focus is on research, strategy and advice on electronic commerce, digital signatures, identification, authentication, security and privacy in Australia and the Asia Pacific.


Cardno ACIL Australia is the ASEAN Australia Development Cooperation Program (AADCP) Program Stream manager

This project is funded by the ASEAN Australia Development Cooperation Program (AADCP) - Program Stream. AADCP is funded by the Australian Government, through AusAID and implemented in close collaboration with the ASEAN Secretariat and is managed by Cardno Acil Pty Ltd.

News and Downloads

Related Galexia services and solutions

  • Specialised Legal and Regulatory Consulting. Read more »
  • Identity Management and Authentication - Technical Consulting. Read more »
  • Identity Management and Authentication - Strategic Consulting. Read more »

Enhanced data security and customer understanding through identity and access management - March 2004

Related Galexia services and solutions

 

Galexia lead a workshop on Building privacy into identity management solutions.

This workshop covered how to ensure that privacy compliance and privacy expectations are managed within an identity management strategy, including an overview of Federated Identity solutions.

Part 1 - Recognising the importance of privacy issues within identity management strategies
  • Overview of the relevant legal requirements;
  • Current privacy expectations in the community;
  • Conducting Privacy Impact Assessments (PIA); and
  • Benefits of building privacy into the strategy from the outset.
Part 2 - Privacy design issues in identity management
  • Overview of the Privacy Management Lifecycle
  • Developing Privacy Management Strategies;
  • Exploring Federated Identity;
  • Adopting appropriate industry standards - Liberty Alliance / WS-Federation;
  • Technical Q & A on network identity; and
  • Considering alternative identity structures - e.g. brokered identity.
Case studies
The workshop included three detailed case studies:
  • Whole of sector electronic authentication strategy for the Australian Vocational Education and Training sector;
  • Liberty Alliance or WS-Federation - emerging standards for Federated Identity; and
  • Reach - Ireland’s brokered identity solution.

Galexia continues to conduct research on distributed identity systems. Read more »

Go to the IQPC identity management conference website »

Read more about the IQPC project »

Galexia completes a strategic consultancy on a national health identifier for the Commonwealth Department of Health and Ageing - February 2004

In 2004 Galexia completed a significant project on identity management in the health sector.

The Commonwealth Department of Health and the Ageing commissioned Galexia to produce a strategic issues paper on a "National Health Identifier".

The paper was completed in February 2004 and is the subject of consideration by the Australian Health Information Council and the National Health Information Group. The project involved national and international research, consultation with government and non-government stakeholders and the development of findings and recommendations.

Read more »

Galexia conference presentation on health identity management - March 2004

Galexia director Chris Connolly has presented a paper on identity management in the health sector to the International Quality and Productivity Centre (IQPC) conference on Identity and Access Management.

The paper considered the potential uses and benefits of broad schemes for health information, as well as looking at community attitudes to new systems. It also assessed current implementations both within Australia and overseas.

Go to the IQPC identity management conference website »

Read more »

Galexia's Representative Complaints paper to appear in Privacy Law & Policy Review - February 2004

The Privacy Law & Policy Reporter (PLPR), Australia’s leading legal journal on privacy law, will be publishing a version of Galexia’s article Representative complaints - a new approach to making privacy laws work for consumers in issue 10.9.

The article, written by director Chris Connolly and researcher Nawaz Isaji, looks at a number of legal approaches in different jurisdictions to handling privacy class actions and complaints made on behalf of individual privacy victims (who often wish to remain anonymous).

Read the article »

Baker and McKenzie Cyberspace Law and Policy Centre (CLE Series 2003) - Online contracts: Banking, finance and insurance - December 2003

Chris Connolly presented on ‘Best practice in the formation Online consumer finance and insurance contracts’.

The issues surrounding the online creation of insurance and finance contracts, including disclosure, non-repudiation, independent advice and the broad policy settings for consumer protection in electronic commerce will be examined.

Read more about Baker and McKenzie projects »

Baker and McKenzie Cyberspace Law and Policy Centre (CLE Series 2003) - Privacy Complaints: How to Get a Win for Your Client (Making Privacy Laws Work) - December 2003

Chris Connolly presented on ‘Representative privacy complaints and class actions’.

There is a growing trend to pursue privacy breaches through representative organisations, or as a part of a class of affected persons. This looks at the benefits of representative complaints, recent Australian and international case studies, tactics and procedural issues.

In September 2003 Galexia published a survey of Australian and international privacy laws that allow class actions and representative complaints to be made.

Read more »

Australian Telecommunications Industry Ombudsman (TIO) Conference - Convergence: Redrawing the Boundaries - December 2003

Chris Connolly presented on ‘Managing Convergence in Telecommunications and Financial Services’.

Go to the TIO conference website »

Galexia's Privacy Management Strategy (PMS) for New Queensland Smart Card Driver Licence released - September 2003


[ Galexia Dots ]

Related Galexia services and solutions

 

In March 2003 Galexia completed the Privacy Management Strategy (PMS) for Queensland Transport on the proposed Queensland Smart Card Driver Licence. In September 2003 this was released to the public as part of a formal consultation process.

This Privacy Management Strategy (PMS) covers a wide range of technical and legal issues and proposes short, medium and long-term measures for ensuring that privacy issues are managed in the proposed roll-out of the new licence.

Download the Privacy management Strategy from the New Queensland driver licence web site:


Read more about Queensland Transport projects »

Case studies on distributed identity - September 2003

Distributed identity is being considered as a privacy positive alternative to national identification schemes (such as the failed Australia Card). The paper argues that while distributed identity may be a reasonable alternative to national identification schemes, distributed identity is not necessarily a privacy positive initiative in its own right. The level of privacy intrusion depends on numerous technical factors and the effective management of privacy issues during design, implementation and the active life of distributed identity systems.

Galexia continues to conduct research on distributed identity systems. These case studies and the accompanying power point presentation provide a brief introduction to the field.

Read more »

Privacy class actions - Galexia has published a survey of Australian and international privacy laws that allow class actions and representative complaints to be made - September 2003

This paper surveys national and international privacy laws to assess the ability of courts and privacy regulators to consider “representative complaints”, and argues that privacy breaches are particularly suited to resolution through representative action. Several case studies of representative privacy complaints are included, as well as an overview of privacy class actions in the United States, Canada, Hong Kong, Australia and New Zealand.

This paper provides a useful insight into the growing trend for privacy class actions and concludes that the benefits of representative complaints are yet to be fully realised in the privacy field.

Read more »

Galexia presents paper at national Electronic Authentication Stakeholder workshop for the Vocational Education and Training sector - August 2003

Galexia conducted a National Authentication Workshop for ANTA in Melbourne in August 2003. The workshop considered strategic issues in the development of electronic authentication solutions in the Vocational Education and Training sector. The workshop brought together government and industry participants from all states to consider the potential business case for electronic authentication, plus a range of practical considerations and technical issues.

Read more »

Galexia delivers report on ABN-DSC interoperability - April 2003

Galexia provided a detailed report on issues which have arisen in the implementation of the Australian Business Number Digital Signature Certificate (ABN-DSC). The report was provided to NOIE following a three-month project involving consultations with numerous Government agencies and industry certificate providers. The final report is not a public document.

For more details on the ABN-DSC see NOIE’s authentication pages.

Read more about NOIE (now AGIMO) projects »

Ian Booth joins Galexia as an Associate - March 2003

Read more in Consultant Profiles »

Galexia completes research paper on Electronic Authentication for Flexible Learning for Australian National Training Authority - February 2003

Related Galexia services and solutions

  • Electronic Authentication - Advice, Analysis and Strategy. Read more »
  • Identity Management and Authentication - Strategic Consulting. Read more »
  • Specialised Legal and Regulatory Consulting. Read more »

Related Galexia research

  • Workshop - Electronic Authentication Stakeholder Workshop for the Vocational Education and Training (VET) sector (August 2003). Read more »

 

Galexia has completed the E-authentication research paper for ANTA, a Commonwealth statutory authority established in 1992 to provide a national focus for vocational education and training (VET).

The paper outlines the current legal and regulatory framework for electronic authentication in Australia. It also covers general and specific legal and regulatory issues relevant to education providers and outlines suggested models for electronic authentication in Vocational Education and Training (VET). The paper includes detailed strategic advice for the VET sector.

Download from the Australian National Training Authority (ANTA) Australian Flexible Learning Framework - http://flexiblelearning.net.au


Read more about ANTA projects »

Galexia updates Intelligence Report on privacy law in Asia - January 2003

The Asian privacy Intelligence Report provides an in-depth account on the latest in privacy law and regulation in many important Asian jurisdictions. The previous Intelligence Report covered the jurisdictions of Hong Kong, Japan, South Korea and Taiwan. The updated Intelligence Report adds Malaysia and Singapore to the list, outlining the laws of two of Australia’s closest and most important neighbours. The update also adds fresh information on developments in the existing jurisdictions.

Read more »

 

Privacy Regulation in Asia: Intelligence Report Contents

  • 1. Hong Kong
  • 2. Japan
  • 3. Malaysia
  • 4. Singapore
  • 5. South Korea
  • 6. Taiwan

Access Galexia Intelligence Reports from the client extranet » [client access only]

Contact Galexia for more information »

 

Galexia wins tender to deliver research paper on Electronic Authentication for Flexible Learning for Australian National Training Authority - September 2002

The report will contain a comprehensive analysis of current and proposed e-authentication law and regulation. The report will also contain recommended measures for addressing barriers to the development of flexible learning posed by e-authentication legal and regulatory issues.

For more information see the