Misunderstanding or Misdirection?: Whistleblower Protection in Queensland

In his report into corruption in Queensland, Fitzgerald listed whistleblower protection as a necessary part of a strong governance regime. "What is required is an accessible, independent body to which disclosures can be made, confidentially (at least in the first instance) and in any event free from fear of reprisals." It was one of the reforms studied by the Electoral and Administrative Review Committee, the report of which resulted in the Whistleblowers Protection Act 1994 (WPA). The need for whistleblower protection was supported by all sides of Parliament. The Premier, Wayne Goss, in his Second Reading Speech on the Public Sector Ethics Bill , said that that Act and the WPA would form a package with the former outlining required behaviour and the WPA encouraging staff to report wrongdoing. The WPA was subsequently passed and has remained virtually unamended for over a decade. Such consistency is either an indication of skilled drafting and effectiveness or the fact that the Act has been neglected. It is the hypothesis of this paper that the latter is the case. This hypothesis will be tested by examining the sincerity and diligence with which the Act has been treated during, and following, its passage.

Privacy invasive geo-mashups : privacy 2.0 and the limits of first generation information privacy laws

Online technological advances are pioneering the wider distribution of geospatial information for general mapping purposes. The use of popular web-based applications, such as Google Maps, is ensuring that mapping based applications are becoming commonplace amongst Internet users which has facilitated the rapid growth of geo-mashups. These user generated creations enable Internet users to aggregate and publish information over specific geographical points. This article identifies privacy invasive geo-mashups that involve the unauthorized use of personal information, the inadvertent disclosure of personal information and invasion of privacy issues. Building on Zittrain’s Privacy 2.0, the author contends that first generation information privacy laws, founded on the notions of fair information practices or information privacy principles, may have a limited impact regarding the resolution of privacy problems arising from privacy invasive geo-mashups. Principally because geo-mashups have different patterns of personal information provision, collection, storage and use that reflect fundamental changes in the Web 2.0 environment. The author concludes by recommending embedded technical and social solutions to minimize the risks arising from privacy invasive geo-mashups that could lead to the establishment of guidelines for the general protection of privacy in geo-mashups.

Protocol engineering for protection against denial-of-service attacks

Denial-of-service attacks (DoS) and distributed denial-of-service attacks (DDoS) attempt to temporarily disrupt users or computer resources to cause service un- availability to legitimate users in the internetworking system. The most common type of DoS attack occurs when adversaries °ood a large amount of bogus data to interfere or disrupt the service on the server. The attack can be either a single-source attack, which originates at only one host, or a multi-source attack, in which multiple hosts coordinate to °ood a large number of packets to the server. Cryptographic mechanisms in authentication schemes are an example ap- proach to help the server to validate malicious tra±c. Since authentication in key establishment protocols requires the veri¯er to spend some resources before successfully detecting the bogus messages, adversaries might be able to exploit this °aw to mount an attack to overwhelm the server resources. The attacker is able to perform this kind of attack because many key establishment protocols incorporate strong authentication at the beginning phase before they can iden- tify the attacks. This is an example of DoS threats in most key establishment protocols because they have been implemented to support con¯dentiality and data integrity, but do not carefully consider other security objectives, such as availability. The main objective of this research is to design denial-of-service resistant mechanisms in key establishment protocols. In particular, we focus on the design of cryptographic protocols related to key establishment protocols that implement client puzzles to protect the server against resource exhaustion attacks. Another objective is to extend formal analysis techniques to include DoS- resistance. Basically, the formal analysis approach is used not only to analyse and verify the security of a cryptographic scheme carefully but also to help in the design stage of new protocols with a high level of security guarantee. In this research, we focus on an analysis technique of Meadows' cost-based framework, and we implement DoS-resistant model using Coloured Petri Nets. Meadows' cost-based framework is directly proposed to assess denial-of-service vulnerabil- ities in the cryptographic protocols using mathematical proof, while Coloured Petri Nets is used to model and verify the communication protocols using inter- active simulations. In addition, Coloured Petri Nets are able to help the protocol designer to clarify and reduce some inconsistency of the protocol speci¯cation. Therefore, the second objective of this research is to explore vulnerabilities in existing DoS-resistant protocols, as well as extend a formal analysis approach to our new framework for improving DoS-resistance and evaluating the performance of the new proposed mechanism. In summary, the speci¯c outcomes of this research include following results; 1. A taxonomy of denial-of-service resistant strategies and techniques used in key establishment protocols; 2. A critical analysis of existing DoS-resistant key exchange and key estab- lishment protocols; 3. An implementation of Meadows's cost-based framework using Coloured Petri Nets for modelling and evaluating DoS-resistant protocols; and 4. A development of new e±cient and practical DoS-resistant mechanisms to improve the resistance to denial-of-service attacks in key establishment protocols.

Career development and personal functioning differences between work-bound and non-work bound students

We surveyed 506 Australian high school students on career development (exploration, planning, job-knowledge, decision-making, indecision), personal functioning (well-being, self-esteem, life satisfaction, school satisfaction) and control variables (parents’ education, school achievement), and tested differences among work-bound, college-bound and university-bound students. The work-bound students had the poorest career development and personal functioning, the university-bound students the highest, with the college-bound students falling in-between the other two groups. Work-bound students did poorest, even after controlling for parental education and school achievement. The results suggest a relationship between career development and personal functioning in high school students.

Consumer protection in the banking sector : reviewing the Code of Banking Practice

This article explains the relevance of the Code and its place in the regulatory framework, discusses some of the key issues arising in the recent review (as identified by consumer advocates1), and explains the relationship between the Code and the Financial Ombudsman Service.

Electronic workplace surveillance and employee privacy : a comparative analysis of privacy protection in Australia and the United States

More than a century ago in their definitive work “The Right to Privacy” Samuel D. Warren and Louis D. Brandeis highlighted the challenges posed to individual privacy by advancing technology. Today’s workplace is characterised by its reliance on computer technology, particularly the use of email and the Internet to perform critical business functions. Increasingly these and other workplace activities are the focus of monitoring by employers. There is little formal regulation of electronic monitoring in Australian or United States workplaces. Without reasonable limits or controls, this has the potential to adversely affect employees’ privacy rights. Australia has a history of legislating to protect privacy rights, whereas the United States has relied on a combination of constitutional guarantees, federal and state statutes, and the common law. This thesis examines a number of existing and proposed statutory and other workplace privacy laws in Australia and the United States. The analysis demonstrates that existing measures fail to adequately regulate monitoring or provide employees with suitable remedies where unjustifiable intrusions occur. The thesis ultimately supports the view that enacting uniform legislation at the national level provides a more effective and comprehensive solution for both employers and employees. Chapter One provides a general introduction and briefly discusses issues relevant to electronic monitoring in the workplace. Chapter Two contains an overview of privacy law as it relates to electronic monitoring in Australian and United States workplaces. In Chapter Three there is an examination of the complaint process and remedies available to a hypothetical employee (Mary) who is concerned about protecting her privacy rights at work. Chapter Four provides an analysis of the major themes emerging from the research, and also discusses the draft national uniform legislation. Chapter Five details the proposed legislation in the form of the Workplace Surveillance and Monitoring Act, and Chapter Six contains the conclusion.

Examination of the influence of personal attributes on consumer use on m-services

The rapid uptake of mobile devices has created the capacity to provide services to consumers while they are on the move, and new mobile services (m-services) are constantly emerging. In past research, personal attributes have been found to be import ant in the adoption and use of information and communication technology. However, little research has been conducted in the area of m-services. To explore factors influencing the use of these services, this paper examines personal attributes in terms of motivational, attitudinal and demographic characteristics. Specifically, it investigates the influence of innovativeness, self- efficacy, involvement and impulsiveness, as well as age and gender on m-services use . Data were collected from a convenience sample of 250 respondents using an online survey and a modified snowball procedure. Age and gender were quite well balanced in the sample. The multiple regression model was significant and the hypotheses relating to the positive relationship between impulsiveness, involvement and gender and m-services were supported. Findings are discussed, further implications for managers are suggested and directions for future research are proposed.

The Financial Benefit For Insurers : Mediate in Personal Injuries Disputes

Resolving insurance disputes can focus only on quantum. Where insurers adopt integrative solutions they can enjoy cost savings and higher customer satisfaction. An integratively managed process can expand the negotiation options. The potential inherent in plaintiff’s emotions to resolve matters on an emotional basis, rather than an economic one, is explored. Using research, the author demonstrates how mediations are more likely to obtain integrative outcomes than unmediated conferences. Using a combination of governmental reports, published studies and academic publications, the paper demonstrates how mediation is more likely to foster an environment where the parties communicate and cooperate. Research is employed to demonstrate where mediators can reduce hostilities, in circumstances where negotiating parties alone would likely fail. Generally the paper constructs an argument to support the proposition that mediation can offer insurers an effective mechanism to reduce costs and increase customer satisfaction. INTRODUCTION Mediation can offer insurers an effective mechanism to reduce costs and increase customer satisfaction. This paper will first demonstrate the differences between distributive and integrative outcomes. It is argued insurer’s interest can be far better served through obtaining an integrative solution. The paper explains how the mediator can assist both parties to obtain an integrative outcome. Simultaneously the paper explores the extreme difficulties conference participants face in obtaining an integrative outcome without a mediator in an adversarial climate. The mediator’s ability to assist in the facilitation of integrative information exchange, defuse hostilities and reality check expectations is discussed. The mediator’s ability to facilitate in this area is compared to the inability of conference participants to achieve similar results. This paper concludes, the potential financial benefit offered by integrative solutions, combined with the ability of mediation to deliver such outcomes where unmediated conferences cannot deliver, leads to the recommendation that insurers opt for a mediation to best serve their commercial interests.

Contemporary consumer law : the role and effectiveness of regulation in consumer protection

This issue of the Griffith Law Review focuses on consumer law, and the pervasive nature of this area of law. We are all consumers, but do not necessarily identify as such, nor are we a homogeneous group. The boundaries of