Concerned about privacy, Australians embrace mandatory data-breach scheme

OAIC busier than ever as NDB leadup sees businesses jumping onboard privacy bandwagon

Australians are becoming more concerned about their privacy and businesses are signing on for privacy-awareness activities as a result, the government’s information commissioner has noted as figures suggest 40 percent of Australians are uncomfortable with the government using their personal details for research or policy-making purposes.

The Office of the Australian Information Commissioner (OAIC) received 17 percent more privacy complaints during fiscal 2016-17 than the year before, the organisation’s recently released annual report revealed, with 16,793 privacy enquiries handled and 24 percent more information commissioner reviews received than in the previous year.

“Developments in technological, social, commercial and government service delivery environments continue to drive increasing community and professional interest in privacy and privacy governance,’ said Australian information and privacy commissioner Timothy Pilgrim in a statement.

Pilgrim lauded the “growth in privacy awareness” shown by the private sector, which saw a 49 percent increase in Privacy Awareness Week partners – of which there were 369 businesses and agencies – and an increase in Privacy Professionals’ Network (PPN) participants from 169 to 1235 members.

This reflects growing awareness of the need for better security and governance of private information, which will be tested as the newly legislated Notifiable Data Breach (NDB) scheme comes into effect in February.

OAIC received 114 voluntary data breach notifications during the 2016-17 year, a 7 percent increase over the previous year and a hint of what is likely to come once the NDB comes into force. The office also managed 35 mandatory data breach notifications – a 119 percent increase over the previous year – and closed 92 percent of voluntary data breach notifications within 60 days.

Fully 95 percent of respondents to the OAIC’s newest Australian Community Attitude to Privacy Survey (ACAPS) approved of the NDB and its goals – which Pilgrim said reinforces the understanding that citizens and customers attach significant value to their privacy. Interestingly, some 82 percent of the 2062 received freedom of information (FOI) requests – which are being processed by OAIC after the federal government re-asserted its role in the 2016-17 budget – related to individuals applying to access their own information.

The OAIC has been actively working to help organisations get ready for the new compliance environment, kicking off development of the Australian Public Service Privacy Governance Code – which will come into effect on 1 July 2018 – and releasing the Privacy Impact Assessment (PIA) eLearning Program designed to “improve skill and capability within Australian businesses and agencies”.

Community attitudes. Improvements in agencies’ and businesses’ privacy policies will be crucial as the public becomes more attuned to issues around data privacy and reuse. Fully 69 percent of respondents to the ACAPS survey said they were more concerned about online privacy than they were five years ago, with 32 percent citing online services as the biggest risk to privacy.

Identity fraud and theft were named as the biggest risk by 19 percent of respondents, with data breaches (17 percent) and theft of financial data (12 percent) the other biggest perceived risks.

Fully 58 percent of respondents said they had decided not to deal with particular businesses due to security concerns, with 79 percent saying they didn’t want their data shared with other organisations and – in a solid reiteration of data-sovereignty issues – 93 percent saying they didn’t want their personal data to be sent overseas.

Yet the survey also uncovered some lax privacy practices amongst the same people that claim to be concerned about security: just 61 percent, for example, check the security of web sites before giving personal information and only 43 percent said they had adjusted their privacy settings.

“The striking message in the 2017 survey,” Pilgrim noted, “is that while privacy is attracting concern from Australian consumers and communities, many of us are not converting that concern into using basic privacy protections that are already available to us.

“So, while it’s encouraging to see Australians taking privacy seriously, it’s important for individuals to use this concern to take active steps to protect their personal information. This includes knowing our privacy rights and protections, and insisting that the organisations we deal with take those protections seriously.”

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Follow our new CSO Australia LinkedIn
Follow our new social and we'll keep you in the loop for exclusive events and all things security!
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.

Tags data protectioncyber securityIdentity fraud / theftprivacy lawsgovernment data collection

More about

Show Comments

Featured Whitepapers

Editor's Recommendations

Brand Page

Stories by David Braue

Latest Videos

More videos

Blog Posts