Privacy Act 1988

Updated guidance on ‘personal information’

Retrieved on: 
Monday, October 31, 2022
Telstra, Privacy Commissioner, Privacy Act 1988, Federal court, Federal Court of Australia, Office of the Australian Information Commissioner, Privacy, Risk management, Medical device

Updated guidance on personal information

Key Points: 
  • Updated guidance on personal information
    On 19 January, the Federal Court of Australia published its decision in the matter of Privacy Commissioner v Telstra, providing important guidance as to what is personal information in terms of the Privacy Act 1988.
  • To assist businesses and agencies further, the Office of the Australian Information Commissioner has developed a more detailed resource on applying the definition of personal information, to complement our existing APP Guidelines.
  • While in many cases, whether or not information is personal information is a straightforward question, in some cases the answer will depend on context and circumstances at hand.
  • Our new What is personal information?

Commissioner calls for action as privacy concerns grow

Retrieved on: 
Monday, October 31, 2022
Online, OAIC, ID, Privacy Commissioner, Social media, Office of the Australian Information Commissioner, ENDS, Privacy Act 1988, Use, Freedom of Information Act 1982, Privacy, Language, Awareness, Legislation, Information, Freedom, Fraud, Identity theft, Theft, Whaling, Online shopping, Lease, Weapon, Health insurance, Satellite navigation device, Birth control

= Commissioner calls for action as privacy concerns grow =

Key Points: 
  • = Commissioner calls for action as privacy concerns grow =
    Australians are concerned about online privacy, but are not using options already available to protect themselves.
  • Thats the key finding from a national survey released today by the Australian Information and Privacy Commissioner who says both businesses and consumers have work to do.
  • The 2017 Australian Community Attitudes to Privacy Survey, released for Privacy Awareness Week reveals that 69 per cent of Australians say they feel more concerned about their online privacy than they did five years ago, and 83 per cent believe privacy risks are greater online than offline.
  • However, the survey also shows that Australians do not use existing privacy tools to protect themselves online as well as they could.
  • The Australian Information and Privacy Commissioner, Timothy Pilgrim, says both individual responsibility and better business practice have a role to play to ensure Australians get the best privacy protection.
  • But we need to convert awareness into action, and use the options already available to us to protect our personal information.
  • The OAICs Australian Community Attitudes to Privacy Survey is a longitudinal study into public awareness of, and concern about, privacy.
  • Privacy Awareness Week (15 to 19 May 2017) is an annual initiative of the Asia Pacific Privacy Authorities forum.
  • It is held every year to promote and raise awareness of privacy issues and the importance of protecting personal information.
  • The OAIC encourages businesses and agencies to show their support for good privacy practice by becoming a Privacy Awareness Week partner.
  • There are currently over 340 organisations signed up as a partner this year with more expected to join throughout the week.

Australian Red Cross Blood Service data breach

Retrieved on: 
Monday, October 31, 2022
Australian Red Cross Lifeblood, Comment, Canadian Blood Services, Risk, Privacy Commissioner, Blood, Privacy Act 1988, Privacy, Red, International Red Cross and Red Crescent Movement, Australian Red Cross, Commissioner, Compliance, Australian Privacy Foundation, Disclosure, Risk management, Private investigator, Online shopping

Australian Red Cross Blood Service data breach

Key Points: 
  • Australian Red Cross Blood Service data breach
    On this page
    |Statement||Date|
    |Australian Red Cross Blood Service data breach||7 August 2017|
    |Comment by the Australian Privacy Commissioner Australian Red Cross||28 October 2016|
    Australian Red Cross Blood Service data breach
    7 August 2017
    The Australian Information and Privacy Commissioner, Timothy Pilgrim, has concluded an investigation into the Australian Red Cross Blood Services DonateBlood.com.au data breach.
  • Upon being notified, the Australian Red Cross Blood Service took immediate steps to contain the breach and notify affected individuals.
  • Data breaches can still happen in the best organisations and I think Australians can be assured by how the Red Cross Blood Service responded to this event.
  • Comment by the Australian Privacy Commissioner Australian Red Cross
    28 October 2016
    The Australian Red Cross Blood Service has advised my office of a data breach from the DonateBlood website.

Senate Estimates opening statement

Retrieved on: 
Monday, October 31, 2022
Review, Senate, Nature, OAIC, Freedom of Information Act 1982, FOI, Privacy Act 1988, Office of the Australian Information Commissioner, Privacy Act, Minister, Community, Awareness, Public service, Code, Policy, APS, Parliament, Freedom, NDB, Government, Access to Information Act, Department, Cabinet, Australian Public Service, Committee, Calendar, Health insurance, Online shopping, Cryptocurrency, Property management, Medical device, Privacy
Key Points: 

The Cosmetic Institute

Retrieved on: 
Monday, October 31, 2022
OAIC, Risk, Cosmetic, Privacy Act 1988, Office of the Australian Information Commissioner, Privacy, Government, NDB, Medical device, Cryptocurrency, Online shopping, Property management

The Cosmetic Institute

Key Points: 
  • The Cosmetic Institute
    On this page
    |Statement||Date|
    |The Cosmetic Institute privacy investigation launched||18 August 2017|
    |The Cosmetic Institute reported data breach||6 June 2017|
    The Cosmetic Institute privacy investigation launched
    18 August 2017
    On 15 August 2017, the Acting Australian Information Commissioner opened an investigation into The Cosmetic Institute data breach.
  • The data breach allegedly occurred after an error allowed the public to view The Cosmetic Institutes website index which included medical forms and images.
  • The Cosmetic Institute is cooperating with the Office of the Australian Information Commissioners (OAIC) inquiries.
  • The Cosmetic Institute reported data breach
    6 June 2017
    My office has contacted The Cosmetic Institute about this reported data breach.

New guide paves way for better data privacy management

Retrieved on: 
Monday, October 31, 2022
Machine learning, OAIC, Software, Risk, Privacy Commissioner, Office of the Australian Information Commissioner, University, Anonymity, ENDS, Privacy Act 1988, Freedom of Information Act 1982, Privacy, CSIRO, IOT, Legislation, Environment, Science, Information, Engineering, Robotics, Freedom, Government, Exercise, Research, Industry, Technology, Risk management, Medical device, Whaling, Online shopping

New guide paves way for better data privacy management

Key Points: 
  • New guide paves way for better data privacy management
    The Office of the Australian Information Commissioner (OAIC) and CSIROs Data61 have released a guide to assist organisations to de-identify their data effectively.
  • However, we need to remember that many of these data sets are made up of individuals personal information.
  • Deciding whether data should be released or shared and if so, in what form requires careful consideration.
  • At present, there is no publicly available, comprehensive risk management guide in Australia to assist organisations with de-identification.

Australians continue to exercise information rights: OAIC Annual Report 2016–17 released

Retrieved on: 
Monday, October 31, 2022
Office, Efficiency, Freedom of Information Act, OAIC, FOI, Workload, Corporation, Privacy Commissioner, Office of the Australian Information Commissioner, Privacy, Privacy Act 1988, Civil service commission, Goal, Awareness, Environment, Information, APS, Freedom, NDB, Annual report, Whaling, Bank, Online shopping, Health insurance, Sales

Australians continue to exercise information rights: OAIC Annual Report 201617 released

Key Points: 
  • Australians continue to exercise information rights: OAIC Annual Report 201617 released
    The Office of the Australian Information Commissioner (OAIC) has released its Annual Report for 201617 highlighting its proactive and engaged approach to privacy and FOI regulation.
  • Australians continue to be early-adopters of new technologies, many of which are reliant on personal information.
  • Visit Annual Report 201617
    For further information about the OAIC, please visit www.oaic.gov.au or follow @OAICgov.
  • Background
    Annual Report 201617
    The OAICs Annual Report highlights our key achievements and performance outcomes for our privacy and FOI functions.

Uber

Retrieved on: 
Monday, October 31, 2022
Uber, Privacy Act, Risk, Privacy Act 1988, Incidents, Privacy, Ridesharing company

Uber

Key Points: 
  • Uber
    Statement from the Australian Information and Privacy Commissioner
    I am aware of this incident and my office has commenced inquiries with Uber.
  • Incidents such as this are a timely reminder to Australians of the value of the personal information we provide in order to receive products and services.
  • It is also a timely reminder to Australian businesses and agencies of the reputational value of good privacy practice, and the reputational risks that can follow mishandling of personal data.
  • Failure to do so could lead to the imposition of penalties provided for in the Privacy Act.

Mandatory data breach notification comes into force this Thursday

Retrieved on: 
Monday, October 31, 2022
Government agency, OAIC, Data management, Risk, Privacy Act 1988, Office of the Australian Information Commissioner, CII, ENDS, Privacy, Privacy Act, Commissioner, NDB, Exercise, Property management, Health insurance, Online shopping, Tutoring, Private investigator, Practice of law, Lease

= Mandatory data breach notification comes into force this Thursday =

Key Points: 
  • = Mandatory data breach notification comes into force this Thursday =
    The Office of the Australian Information Commissioner (OAIC) has released new resources for the Australian public ahead of the commencement of the Notifiable Data Breaches (NDB) scheme on 22 February 2018.
  • One of the new resources published by the OAIC, titled Receiving data breach notifications, provides useful guidance on what to expect when you receive a data breach notification, including how organisations might deliver notifications and when a privacy complaint can be made to the OAIC.
  • The other new resource, What to do after a data breach notification, provides a wide range of actions you can take to reduce the risk of experiencing harm after a data breach.
  • The OAIC has worked with consumer groups, not-for-profits, and Australian Government agencies in the development of these resources.
  • The Australian Information Commissioner, Timothy Pilgrim, said, the Notifiable Data Breaches scheme formalises a long-standing community expectation to be told when a data breach that is likely to cause serious harm occurs.
  • By reinforcing accountability for personal information protection, the NDB scheme supports greater consumer and community trust in data management.
  • Organisations are required to notify the Australian Information Commissioner in addition to notifying individuals affected by an eligible data breach (a data breach that is likely to result in serious harm).
  • Mandatory data breach notification: https://www.oaic.gov.au/media-and-speeches/statements/mandatory-data-bre...

Commissioner’s opening statement — Senate Estimates 27 February 2018

Retrieved on: 
Monday, October 31, 2022
Information management, Review, Office, Australasian Legal Information Institute, Efficiency, Senate, Assistance, Disagreement, OAIC, Freedom of Information Act 1982, Democracy, Interception, Health, FOI, Workload, Time, Capital, Privacy Commissioner, Government, Face, Privacy Act 1988, The Department, Office of the Australian Information Commissioner, Proceeds of Crime Act 2002, Civil service commission, National Health, Privacy Act, Personal Property Securities Register, Community, Commissioner, Public service, Crime, Legislation, Environment, Information, Freedom, NDB, Policy, Department, Research, IPS, Hearing, Committee, Private sector, Information commissioner, Medical device, Internet service provider, Private investigator, Property management, Financial adviser, Online shopping, Marketing, Cryptocurrency, Bank, Whaling, Telecommunication, Privacy
Key Points: