Data, privacy and security

How organisations generate commercial and social value from data collection is shifting and legal frameworks need to constantly respond to the changing strategies. Privacy and cyber-security are recurrent legal concerns. 

A core policy tension is emerging: data collecting organisations have less control over collected data in structures of shared aggregation and new legal proposals attempt to give individuals greater levels of control over their data. 

Our research impacts

Here at QUT Law, we are exploring the way new forms of data collection, storage and analysis fuel novel types of data exchange partnerships between established commercial entities and start-ups, and between government agencies. Our key outputs in this space have been: 

  • Making recommendations for reform based on case studies in Australia, the EU, the US and New Zealand, enabling media policy makers to more effectively regulate digital media platforms to better align with contemporary public interest rationales. 
  • Creating new knowledge about how intermediaries can be influenced to regulate internet content, and how due process and freedom of speech can be protected. 
  • Developing a consumer-focused website that visualises and explains the data on content availability, helping Australian consumers to make informed choices among the existing options and to better understand the differences in access compared to other jurisdictions. 

Information privacy or data protection laws provide individuals with a range of control-based rights and place obligations on organisations regarding the collection, storage and disclosure or use of personal information. However, compliance is now more complex in this rapidly changing data landscape.

Information security protections are harder to implement as data structures increasingly move from secure organisational perimeters to platform-based services featuring sensorized data exchanges from a number of different points. 

Theme leader


  • Associate Professor Mark Burdon

    My primary research interests are privacy, information privacy law and the regulation of information security. I focus on the complex privacy issues that arise from the sensorisation of everyday devices and infrastructures. These issues are explored significantly in my book, Digital Data Collection and Information Privacy Law, published by Cambridge...

Funded projects