Personal information is part of your customers’ everyday life.
Ensure privacy protection is part of your everyday business.
Personal information is part of your customers’ everyday life.
Ensure privacy protection is part of your everyday business.
2018 marks 30 years of the Australian Privacy Act 1988. Since then, there have been remarkable changes in the way personal information is put to use across the world. Utilising personal information to engage with businesses, government, and each other online is an everyday occurrence. At the same time, the public benefits of increased data analysis and data mobility to research, policy-making, and the Australian economy are being actively sought.
This has reinforced the vital importance of privacy, which is integral to building and maintaining people’s trust in both government agencies and businesses in their handling of personal information.
Privacy today is founded on the principles of transparency and accountability. It is about ensuring individuals can exercise choice and control and that the actions of organisations reflect the value of personal information to individual’s wellbeing and dignity.
To that end — 2018 is the year a number of regulatory developments were introduced in Australia that enhance privacy governance across the public and private sector. The Notifiable Data Breaches (NDB) scheme came into force in February, formalising a long-standing community expectation for organisations to notify individuals affected by data breaches that are likely to result in serious harm. In just under two months’ time, Australian Government agencies must comply with the Australian Government Agencies Privacy Code. Internationally, on 25 May the European Union’s (EU’s) General Data Protection Regulation takes effect for all Australian businesses operating in the EU.
These regulatory developments highlight the importance of exploring this year’s Privacy Awareness Week (PAW) theme, ‘from principles to practice’.
Throughout this week, we encourage Australian organisations to review and improve how they handle personal information to ensure they are transparent and accountable, in line with community expectations and legislative requirements. Building these principles into your internal practices supports greater public and consumer trust, and can ensure you are well positioned to navigate an increasingly data-rich environment.
PAW is also an opportunity for all of us to discuss and improve our individual privacy practices, to increase awareness about potential privacy risks and how to reduce them.
The Office of the Australian Information Commissioner is also able to help with privacy questions. Call our enquiries line to discuss a privacy issue.
So this PAW, take stock of how you manage personal information. Read the resources on our website to find out how you can improve your privacy practices, or attend one of this week’s events.
The OAIC looks forward to engaging with you throughout the week and the year, as we continue our work to embed privacy principles into practice.
Angelene Falk
Acting Australian Information Commissioner
and Acting Privacy Commissioner
This PAW we are celebrating 30 years of the Privacy Act 1988. This timeline highlights ten key moments in privacy since the Act commenced.
Share other key moments online with #2018PAW.
The passage through Federal Parliament of the first iteration of Australia’s Privacy Act applying to Australian Government Agencies
The establishment of Asia Pacific Privacy Authorities (APPA)
Access to the Internet among Australian households grew rapidly
Expansion of the Privacy Act to include the private sector
Start of the social media boom
ALRC’s privacy inquiry — resulting in the largest ever ALRC report (#108) of 3 volumes and 295 recommendations
First release of the smartphone — smartphones become an everyday necessity
Commencement of the Australian Privacy Principles, registration of the Credit Reporting Code and an expansion of regulatory tools available to the OAIC
Joint investigation with Canada on Ashley Madison data breach (subsequently winner of an International Privacy Commissioner’s conference award)
The Notifiable Data Breaches Scheme commences
When: 7.30am to 9.30am, Monday 14 May 2018
Where: Heritage Ballroom, The Westin, 1 Martin Place, Sydney NSW
With the European Union’s General Data Protection Regulation (EU GDPR) coming into effect in May, recognised EU and international data protection law expert Sheila FitzPatrick will headline the 2018 PAW Business Breakfast, providing her thoughts on what a GDPR influenced future will look like. Deep diving into the modern reality of privacy practice in Australia, a business panel will follow to reflect how businesses are responding to new privacy developments.
Currently joining the panel is Lisa Schutz, Founder and CEO of InFact Decisions and Verifier, and Emma Hossack, CEO at Extensia. The third panellist is Tommy Viljoen, National Lead Partner for Cyber Risk Strategy and Governance at Deloitte. The panel will be moderated by former Australian Privacy Commissioner, Malcolm Crompton.
The Acting Australian Information Commissioner and Acting Privacy Commissioner Angelene Falk will open the breakfast and launch Privacy Awareness Week 2018.
This event is sold out.
When: 10.30am to 11.30am, Tuesday 15 May 2018
For: Privacy Officers and Champions within Australian Government agencies
Cost: Free
If you are involved in creating or updating your Australian Government Agency’s PMP, this is the webinar for you. Join us online to find out about how to use our new Privacy Management Plan (PMP) tool and companion guide. We will help you to understand your agency’s PMP obligations under the Australian Government Agencies Privacy Code; the value of a PMP and how it can improve privacy practice across your agency; how to conduct a maturity assessment; how to use this assessment to formulate the goals and actions for your agency’s PMP; and how to effectively measure and document your agency’s performance against the PMP.
The webinar will be presented by Acting Deputy Commissioner, Melanie Drayton, and Acting Assistant Commissioner – Regulation and Strategy, Sarah Ghali, and will be followed by a live Q&A.
It is aimed specifically at Privacy Officers, Privacy Champions, and anyone else who is responsible for privacy in Australian Government agencies. We recommend registering early to test the webcast on your device.
When: 5.30pm to 7.30pm, Wednesday 16 May 2018
Where: MinterEllison Level 23, Rialto Towers, 525 Collins Street, Melbourne VIC
The acting Australian Information Commissioner and acting Privacy Commissioner, Angelene Falk, will feature on an expert panel to discuss the importance of good privacy governance. Leader of MinterEllison’s National Privacy Group and Special Counsel, Veronica Scott, will facilitate the discussion to further explore the 2018 PAW theme ‘Privacy: from principles to practice.’ Also featuring on the panel is the Victorian Information Commissioner, Sven Bluemmel, and Senior Legal Counsel - Chief Privacy Officer at National Australia Bank, Jade Haar.
This event is invitation only to the OAIC’s Melbourne Privacy Professionals’ Network members.
When: 7.30am until 1.30pm, Thursday 17 May 2018
Where: Wynyard Park, Sydney CBD, NSW
Have you ever thought about your credit health and the important role it plays in life’s big moments? To find out more, come along to Wynyard Park in the Sydney CBD and speak with representatives from the Office of the Australian Information Commissioner and the Australian Retail Credit Association’s CreditSmart consumer education team and supporters.
Pick up a free coffee and learn why having good credit history is important and why you should be keeping track of it.
