The Australian Information and Privacy Commissioner, Timothy Pilgrim, to retire on 24 March 2018
February 20, 2018 |
According to a report in the Mandarin,Last man standing: information and privacy commissioner Timothy Pilgrim to retire, Timothy Pilgrim, the Privacy and Information Commissioner is to retire on 24 March 2018. It is also reported in itnews, computerworld and zdnet.
Timothy Pilgrim has been one of the better privacy commissioners. That is a comparative measure only. His predecessors ranged from ineffective to hopeless. As a result the privacy and data security culture has been poor. Pilgrim was far more active than his predecessors both in terms of work rate and general profile. But objectively measured he was a timid and tentative regulator. Even with a limited budget from 2014 the Office of the Information Commissioner took a very low profile. His determinations were excessively conservative and constrained. There were no civil penalty proceedings. The enforceable undertakings imposed on organisations were risibly lenient compared to those imposed by overseas regulators, including the Federal Trade Commissioner. While his was a more active tenure than his predecessors the office made no real regulatory impact on the market. It performed dismally compared to other regulators, such as ASIC and ACCC.
Will he be missed? Probably, but more by lawyers acting for organisations than privacy advocates. His was a very public service approach, where process and drafting trumped decisive action, which meant that few organisations had incentive to improve their privacy protections.
The Mandarin article provides:
Timothy Pilgrim has announced his resignation from his dual-role as privacy and information commissioner, effective March 24.
Pilgrim started as the privacy commissioner in 2010, when the Office of the Australian Information Commissioner was a much better resourced body with a separate commissioner for FOI and an overarching information commissioner in John McMillan, who left in 2015, when the Abbott government intended to abolish the agency.
Soon Pilgrim was the only one of the three left, and was a steady hand during that period of uncertainty, explaining clearly what was going on even though it was not clear how long the OAIC would last.
The government accepted the Senate would not agree to abolish it so instead it drastically downsized its unwanted statutory body and Pilgrim has run it as the sole commissioner since 2016, with a reduced budget that forced him to scale back its work and put pressure on its ability to meet statutory timeframes like those that apply to FOI reviews.
Today, Attorney-General Christian Porter said the commissioner had done an “outstanding job” in both roles and the government would soon begin the “merit-based selection process” to replace him. Of course, he did not refer to his erstwhile leader’s failed plan to axe the OAIC:
“Mr Pilgrim built a strong reputation, both within government and the wider community, with his thoughtful and considered approach to privacy and information regulation.
“He has worked tirelessly to help Australia deal with global privacy challenges, particularly through building closer relationships with other privacy regulators domestically and internationally.
“Mr Pilgrim oversaw the implementation of the amendments to Australia’s Privacy Act in 2014, the most significant reforms since the Privacy Act 1988 was extended to the private sector in 2000. He was awarded a Public Service Medal in 2015, in recognition of his outstanding work overseeing these reforms.
Mr Pilgrim has effectively governed the Office of the Australian Information Commissioner and has enhanced the Office’s relevance in a continually evolving policy environment.
“On behalf of the Australian Government, I would like to thank Mr Pilgrim for his distinguished service and wish him well in his retirement.”
The announcement comes two days out from the beginning of the Commonwealth’s new mandatory data breach notification scheme, and a few months after Pilgrim registered a new privacy code that applies specifically to federal government agencies.
“My intention in introducing the Australian Public Service Privacy Code is to ensure all Commonwealth agencies approach privacy management in an integrated way, as well as providing resources and support to build this capability,” Pilgrim told The Mandarin.
“The implementation of the Code will also provide Australian communities with confidence that a single, high standard of privacy protection exists across government agencies they deal with.”
