Privacy Act 1988

Annual report highlights ’s work to uphold privacy and information access rights

Retrieved on: 
Sunday, October 29, 2023
Government, FOI, Foundation, Office of the Australian Information Commissioner, Australian Competition & Consumer Commission, Budget, Legislation, Bunnings Warehouse, Privacy Commissioner, Medibank, Leadership, Australian Government Information Management Office, Kmart, IC, Risk, Annual report, Information commissioner, Review, Privacy, Confidentiality, Consumer Data Right, Culture, Community, CDR, OAIC, Australian Competition and Consumer Commission v Baxter Healthcare Pty Ltd, NDB, Department, Competition, Privacy Act 1988, Whaling, Birth control, Cryptocurrency, Customer service, Optus

Releasing the OAIC’s annual report for 2022–23, Australian Information Commissioner and Privacy Commissioner Angelene Falk said the volatile events of the financial year had underscored the need for the regulator to have the right foundations in place to promote and protect information access and privacy rights.

Key Points: 
  • Releasing the OAIC’s annual report for 2022–23, Australian Information Commissioner and Privacy Commissioner Angelene Falk said the volatile events of the financial year had underscored the need for the regulator to have the right foundations in place to promote and protect information access and privacy rights.
  • “Throughout the year, the OAIC has continued to develop and advocate for these foundations to support a proportionate and proactive approach to regulation.
  • This includes appropriate laws, resources, capability – the right people with the right tools – effective engagement with risk, appropriate governance and, importantly, collaboration,” Commissioner Falk said.
  • Investigations were also opened into the personal information handling practices of retailers Bunnings and Kmart, focusing on the companies’ use of facial recognition technology.
  • “The OAIC has a strong foundation on which to build, and it will move from strength to strength with the leadership of 3 expert commissioners.”
    Read the
    OAIC Annual report 2022–23.

Key 2022–23 statistics

Footnotes


[1] During 2022-23, the OAIC ceased classifying certain communications about FOI as ‘enquiries’ where these are more complex, or require a specific response, and are therefore dealt with by the FOI Branch instead of the OAIC’s enquiries team. This has reduced the numbers of FOI enquiries reported this financial year.

welcomes reforms critical to Australia’s privacy future

Retrieved on: 
Friday, September 29, 2023
Exercise, Review, Small business, Office of the Australian Information Commissioner, Australian Government, AGD, Privacy Act, Privacy, Record, Privacy Act 1988, Government, Parliament, OAIC, Compliance, Digital, Enforcement, Legislation, Online shopping

“This is a vital set of proposals that will deliver significant gains for the Australian community,” Australian Information Commissioner and Privacy Commissioner Angelene Falk said.

Key Points: 
  • “This is a vital set of proposals that will deliver significant gains for the Australian community,” Australian Information Commissioner and Privacy Commissioner Angelene Falk said.
  • “As the privacy regulator, it is pleasing to see support for the positive obligation that personal information handling is fair and reasonable, as a new keystone of the Australian privacy framework,” Commissioner Falk said.
  • “Key developments include enabling individuals to exercise new privacy rights and take direct action in the courts if their privacy is breached.
  • The proposed privacy reforms follow the passing in November 2022 of the Privacy Legislation Amendment (Enforcement and Other Measures) Bill 2022, which introduced significantly increased penalties for serious and repeated privacy breaches and greater powers for the OAIC to resolve breaches.

Ongoing vigilance in data protection measures essential

Retrieved on: 
Wednesday, September 6, 2023
Office of the Australian Information Commissioner, Privacy Act, Notifiable disease, Privacy, Privacy Act 1988, Government, Community, OAIC, Risk, Legislation, Risk management, Medical device, Cryptocurrency, Online shopping

5 September 2023

Key Points: 
  • 5 September 2023
    The need for organisations to strengthen data security and promptly respond to suspected breaches is highlighted in the latest Notifiable data breaches report, released today.
  • “As the guardians of Australians’ personal information, organisations must have the security measures required to minimise the risk of a data breach,” Commissioner Falk said.
  • “The longer organisations delay notification, the more the chance of harm increases.”
    The January to June 2023 period saw 409 data breaches reported to the OAIC.
  • - The OAIC has published guidance on securing personal information and data breach preparation and response, as well as advice for individuals on responding to a data breach notification.

Data breaches seen as number one privacy concern, survey shows

Retrieved on: 
Wednesday, August 9, 2023
Review, YouTube, Awareness, Life, Distrust, ACAPS, Education, Friends, Internet, Parent, Privacy Act, Privacy, Intelligence, Research, Privacy Act 1988, Office of the Australian Information Commissioner, Trust, OAIC, Collection, Risk, Reading, Artificial intelligence, Government, Federation, Ageing, Health, Family, News, Social media, Legislation, Online shopping, Customer service, Whaling, Satellite navigation device, Tutoring, Facebook
Key Points: 

Senate estimates opening statement May 2023

Retrieved on: 
Saturday, May 27, 2023
Optus, Freedom, Jurisprudence, Clinical Laboratory Improvement Amendments, Judgement of the German Federal Court of Justice on Google's autocomplete function, Australian Freedom of Information Commissioner, Senate, Clearview, Professional, Privacy Act, Full court, Federal court, Privacy, Meta Platforms, High court, Administrative Appeals Tribunal, Information management, Privacy Act 1988, Government, Medibank, Information, Assistant commissioner of police, Digital identity, Civil service commission, OAIC, Consumer Data Right, Latitude, Australian Financial Security Authority, AAT, APP, Commonwealth, FOI, Privacy Commissioner, Information commissioner, General manager, News, Freedom of Information Act 1982, Whaling, Public utility, Property management
Key Points: 

Joint Australia–New Zealand investigation into Latitude group

Retrieved on: 
Thursday, May 11, 2023
Commissioner, OPC, Office of the Australian Information Commissioner, Office of the Privacy Commissioner for Personal Data, Privacy Act, Disclosure, Federal court, Privacy, Privacy Act 1988, OAIC, International Safe Harbor Privacy Principles, Compliance, Privacy Commissioner (New Zealand), Privacy Commissioner, Medical device, Tea, Environmental remediation, Communications satellite, Palladium, Latitude

10 May 2023

Key Points: 
  • 10 May 2023
    The Office of the Australian Information Commissioner (OAIC) and the New Zealand Office of the Privacy Commissioner (OPC) today commenced a joint investigation into the personal information handling practices of the Latitude group of companies (Latitude[1]).
  • This is the first joint privacy investigation by Australia and New Zealand and reflects the impact of the data breach on individuals in both countries.
  • The investigation will allow the efficient use of both agencies’ resources and reduce the regulatory impact on Latitude.
  • The investigation will also consider whether Latitude took reasonable steps to destroy or de-identify personal information that was no longer required.

Law Council privacy law and practice seminar

Retrieved on: 
Thursday, April 20, 2023
Law Council of Wales, Privacy, Privacy Act 1988, Enforcement

20 April 2023

Key Points: 
  • 20 April 2023
    Australian Information Commissioner and Privacy Commissioner Angelene Falk joined the Law Council of Australia’s Business Law Section on 5 April 2023 for a seminar on key privacy developments.
  • The seminar covered:
    - lessons from recent high-profile data breaches
    - privacy law reform, including the Privacy Act review report and Privacy Legislation Amendment (Enforcement and Other Measures) Act 2022
    - the OAIC’s privacy regulatory priorities.

data breach report shows key privacy risks

Retrieved on: 
Thursday, March 30, 2023
Commissioner, Review, Office of the Australian Information Commissioner, Notifiable disease, Privacy, Statistics, Attention, Parliament, OAIC, Time, Risk, Privacy Act 1988, Environment, Enforcement, Cryptocurrency, Property management, Medical device

Australian Information Commissioner and Privacy Commissioner Angelene Falk said the widespread attention on data breaches and statistics for January to June 2022 show areas that require organisations’ immediate action.

Key Points: 
  • Australian Information Commissioner and Privacy Commissioner Angelene Falk said the widespread attention on data breaches and statistics for January to June 2022 show areas that require organisations’ immediate action.
  • “I urge all organisations to review their personal information handling practices and areas of ongoing risk identified in our report.
  • “Organisations should also ensure they have a robust data breach response plan, so in the event of a data breach, they can rapidly notify affected individuals to minimise the risk of harm,” she said.
  • The report also draws attention to an increase in larger scale breaches and breaches affecting multiple entities in the reporting period.
  • The Privacy Act 1988 requires entities to take reasonable steps to conduct a data breach assessment within 30 days of becoming aware that there are grounds to suspect they may have experienced an eligible data breach.
  • Read the Notifiable data breaches report January to June 2022.

welcomes passing of Privacy Bill

Retrieved on: 
Thursday, March 30, 2023
Review, Compliance, Bill, Privacy, Privacy Act 1988, OAIC, Enforcement, Office of the Australian Information Commissioner, Audit

29 November 2022

Key Points: 
  • 29 November 2022
    The Office of the Australian Information Commissioner (OAIC) welcomes the passing of the Privacy Legislation Amendment (Enforcement and Other Measures) Bill 2022, which enhances the OAIC’s ability to regulate in line with community expectations and protect Australians’ privacy in the digital environment.
  • The Bill introduces significantly increased penalties for serious and or repeated privacy breaches and greater powers for the OAIC to resolve breaches.
  • “The updated penalties will bring Australian privacy law into closer alignment with competition and consumer remedies and international penalties under Europe’s General Data Protection Regulation,” Australian Information Commissioner and Privacy Commissioner Angelene Falk said.
  • “The review presents an important opportunity to ensure that Australia’s Privacy Act empowers individuals, protects their data and best serves the Australian economy,” she said.

completes COVIDSafe oversight

Retrieved on: 
Thursday, March 30, 2023
Exercise, Commissioner, Department, National, Office of the Australian Information Commissioner, Privacy Act, COVID-19, Privacy, Department of Health and Aged Care, COVID, Privacy Act 1988, COVIDSafe, OAIC, Risk, Compliance, Commonwealth, Legislation, Medical device, Health

30 November 2022

Key Points: 
  • 30 November 2022
    The Office of the Australian Information Commissioner (OAIC) has published its final six‑monthly COVIDSafe privacy report and completed its COVIDSafe assessment program, which examined compliance and risk throughout the ‘information lifecycle’ of COVID app data.
  • The regular reports showed the OAIC did not receive any complaints or data breach notifications with regard to the COVIDSafe system.
  • It enhanced the Commissioner’s role in dealing with eligible data breaches and conducting assessments and investigations in relation to COVIDSafe and COVID app data.
  • It also applied the Privacy Act’s rules and privacy protections and Commonwealth oversight to state and territory health authorities in relation to COVID app data.