Privacy Commissioner releases survey on Australian Community Attitudes to Privacy in 2017

May 18, 2017

It is something of a rite of passage for the Privacy Commissioner to release a report on privacy compliance or a survey about community attitudes to privacy around Privacy week.  This year is no different, with a 51 page report on a survey on Australian’s attitudes to privacy, privacy risks and trust in government and organisations.  The point of reference by comparison is a similar survey in 2013.  While the results are in the main consistent with 2013, there is a growing level of concern about online privacy.  This is not Read the rest of this entry »

Privacy Commissioner and dating apps

February 14, 2017

Dating apps are notorious for both collecting a huge amount of highly sensitive personal information and being the subject of data breaches.  Ashley Madison data breach being just the most dramatic instance.

The Privacy Commissioner has issued a dos and don’ts on 4 dating apps, Tinder, Grindr, Happn and Bumble.  As far as it goes it is Read the rest of this entry »

Privacy Commissioner issues a response to the Mandatory Data Breach Notification legislation

The Privacy Commissioner has issued a statement regarding the passage of the Mandatory Data breach notification Bill.  The Privacy Commissioner has Read the rest of this entry »

Australian and Canadian Privacy Commissioner release report into Ashley Madison data breach

September 4, 2016

The Australian Privacy Commissioner has taken action against Ashley Madison data breach in July 2015 was a sensation.  As has the Canadian Privacy Commissioner.  They have released joint findings.  Joint findings are found here.

It is likely to be an influential findings as the combined report does undertake a detailed analysis of both the facts and the expectations under the various privacy principles.  Given the dearth of authorities this will provide valuable guidance.

As with many data breaches/interference with privacy complaints followed up by regulators the initial cause of the breach/interference gives rise to a broader investigation which almost invariably highlights deficiencies in compliance throughout the organisation.  It is commonly the case that a breach of security has many causes; out of data software protection, poor protocols, inadequate staff training, excessive data retention far beyond the date when it is usable or relevant to the organisations operations and a lack of understanding as to identity verification.

Ashley Madison, or more accurately its corporate entity Avid Life Media Inc (“ALM”), entered Read the rest of this entry »

Australian Information Commissioner investigates privacy breach by MUA

June 10, 2016

The Privacy Commissioner issued a statement today announcing that he is investigating a possible breach by the MUA.  The media release provides:

The Acting Australian Information Commissioner has opened an investigation into an incident in which personal information about members of the Maritime Union of Australia (MUA) was allegedly disclosed by the MUA to the Glen Lazarus Team (GLT) political party.

The Office of the Australian Information Commissioner will publish a statement about the outcome of this investigation at its conclusion.

The facts are outlined in Read the rest of this entry »

Privacy Commissioner releases draft Guide to big data and the Australian Privacy Principles

May 20, 2016

The Privacy Commissioner has issued a draft guide to big data and the Australian Privacy Principles.  The closing dates for submissions is 26 July 2016.

It relevantly provides Read the rest of this entry »

Privacy Commissioner speech at launch of Privacy Awareness Week

May 17, 2016

The Privacy Commissioner has done what he does best.  Another speech.  This time for the launch of Privacy Awareness Week.

The speech Read the rest of this entry »

Attorney General publishes submissions to draft Mandatory Data Breach Bill and Privacy Commissioner releases Guide to developing Data Breach response plan

April 21, 2016

Australia is yet to have mandatory data breach notification legislation. The Attorney General’s Department has published the submissions it Read the rest of this entry »

OAIC launches privacy awareness week, 15 – 21 May 2016

April 20, 2016

The OAIC has announced its program for the Privacy Awareness Week, 15 – 21 May 2016.  Privacy Weeks are part of the activities of most data regulators/privacy commissioners.  In New Zealand it is 9 – 14 May 2016.  Funnily enough the theme for both privacy weeks is “Privacy in your hands.”

The release Read the rest of this entry »

The Office of Australian Information Commissioner creates national privacy consumer forum

March 16, 2016

The Office of the Australian Information Commissioner (“OAIC”) has announced the creation of a Consumer Privacy Network.  It is a forum of Read the rest of this entry »