Mobile: +61 (0) 414 488 851
Email: swilson@lockstep.com.au


The interplay between IT, security and privacy is complex and non-obvious to policy generalists and technology specialists. Legislation and policy tells us WHAT needs to be done to meet privacy obligations, but Lockstep's research helps show HOW to make privacy happen.

Stephen also blogs regularly on privacy; search his posts at http://lockstep.com.au/blog/privacy.

Correspondence in Nature magazine

I had a letter to the editor published in "Nature" on big data and privacy.

Rationing Identity on the Internet of Things

I made this presentation to the 2015 Cloud Identity Summit, on the risks to privacy of 'over identifying' the data that increasingly gushes from all our smart devices.

Privacy Master Class at AusCERT 2015

An all day privacy tutorial for infosec professionals presented at AusCERT 2015.

"The collision between Big Data and privacy law"

A peer reviewed paper for the Australian Journal of Telecommunications and the Digital Economy, 2014.

"Seeing privacy through the engineer’s eyes"

An invited paper submitted to Privacy Policy Reporter, 2015 (in press).

"Technology myths shattered: Privacy in the digital age"

An invited presentation to a Pacific meeting of the Global Privacy Enforcement Network (GPEN) 7 May 2014.

Big Data? Big Privacy!

A speech to open Privacy Awareness Week Australia 2013.

A novel application of PKI smartcards to anonymise Health Identifiers

A paper presented to the academic stream of the AusCERT 2005 conference about using anonymous digital certificates to securely convey health identifiers.

AusCERT 2013: Designing Privacy by Design

I presented my latest privacy engineering tools to the AusCERT 2013 information security conference. Here's the abstract and conference handouts.

How can technologists relate to privacy?

I gave a speech in 2013 at Swinburne University, as part of a panel "Privacy Tradeoffs in the Information Age".

"Designing Privacy By Design"

A recent column written for the International Association of Privacy Professionals (IAPP) on how to make Privacy by Design real.

Letter to Science: Re-identification of DNA may need ethics approval

A letter to the editor of Science magazine, responding to a report that bioinformaticians have combined public genealogy data with confidential donated genomic data to re-identify donors.

Facebook privacy paper printed in IEEE Technology & Society

Stephen's analysis of Facebook's privacy compliance problems -- jointly developed with Salinger's Anna Johnston -- has been published in the IEEE "Technology and Society" magazine. Pre-print copy attached.

Smart Meters Privacy Impact Assessment

Lockstep performed a major Privacy Impact Assessment (PIA) on smart electricity metering for the Victorian Department of Primary Industries. We believe this is one of the few smart meter PIAs that have been published to date.

Letter to the Editor: Social media exploitation is gravest risk

Stephen had a long letter to the editor published in the Sydney Morning Herald, on the grave privacy risks posed by social media.

Trouble ahead when doctors use Facebook

A letter to the editor of the Journal of Medical Ethics, highlighting how medicos' use of social media -- cloud mail and OSN -- can intersect with patients' relationships with their doctors being revealed.

Privacy op-ed in Sydney Morning Herald

Stephen had an opinion piece published by the broadsheet Sydney Morning Herald on 17 Feb 2010.

"More trouble with Facebook"

An article written with Salinger Privacy's Anna Johnston for the Privacy Law Bulletin.

Public yet still "private"

A column for Online Banking Review that dispels the myth that information in the public domain is not subject to the Privacy Act. That is, there's a paradox: information can be public and yet private at the same time.

Google's wifi misadventure, and the gulf between IT and Privacy

An article for the iappANZ, examining what Google's carelessness with data collection tells us about technologists' appreciation of privacy.

Health Identifiers and Patient Privacy

An article for the iappANZ, exposing the "grim myth" that clinical efficacy and privacy are at odds.

Anonymity & Pseudonymity in eResearch

A peer reviewed poster paper presented at a major annual e-research conference in 2009.

"Privacy Engineering"

We coined the term "privacy engineering" in order to raise consciousness that more can be done to design privacy in at every point in the development lifecycle.

Inaugural iappANZ Privacy Conference

Stephen spoke on the Technologists Panel at the first conference of the International Association of Privacy Professionals, A-NZ Chapter, in Sydney, 27 August 2008.

Privacy & Security presentation - ID Summit 2008

Stephen's closing address at the ID Summit, 12 March 2008 in Sydney, discussed the wrong headed tension between security & privacy, and illustrated how we can (indeed, must) protect both at the same time, using techniques such as Lockstep Technologies' "Stepwise".

Lockstep transaction de-identification

Lockstep Technologies R&D has led to a unique de-identification solution, which could decentralise personal identifiers, and quarantine the information flowing to government agencies, banks, healthcare providers and so on.

Privacy Engineering Guidelines Presentation

A presentation to the Australian Information Security Association annual seminar day 2007.

Patient Privacy and Security , Not a zero sum game!

An invited paper in a special edition of "Australasian Epidemiologist" on ethics and privacy.

Submission to the 2005 Senate inquiry

Lockstep made a detailed submission to the 2005 Senate inquiry into the Privacy Act, focussing on smartcards and biometrics.

Submission to Dept of Health & Ageing on the National Health Privacy Code

Stephen Wilson wrote a detailed submission on the Department of Health and Ageing's draft privacy code in 2003.

Mapping Privacy requirements onto the IT function

A detailed examination of the relationship between privacy and the enterprise IT function.

Don't let privacy take IT by surprise

Technologists and e-security specialists can misjudge privacy as 'merely a business issue' and so underestimate how the IT function can impact privacy compliance.

Submission to the Spyware Inquiry

Lockstep made a written submission to the recent public inquiry into spyware by the Department of IT, Communications and the Arts