Australia appoints information and privacy commissioner

Interim Information Commissioner and Privacy Commissioner Angelene Falk has been appointed to the role for the next three years, the attorney-general has announced.

Australian Attorney-General Christian Porter has announced appointing Angelene Falk as the nation's information commissioner and privacy commissioner for the next three years.

Falk has been serving as interim commissioner since March, after stepping into it from her deputy role following former Information Commissioner and Privacy Commissioner Timothy Pilgrim's departure.

According to Porter, Falk has previously focused particularly on "regulatory challenges and potential uses of data in a global environment", as well as promoting public access to government data.

She also helped implement the Notifiable Data Breaches scheme, which came into effect in February this year.

"Falk has extensive experience delivering the functions of independent regulators and a track record of working across Commonwealth and state agencies, business, and the community in law, policy, and education," Porter said on Friday.

"The commissioner role is critical to helping ensure the privacy of Australians, particularly in the online environment."

Australia's Notifiable Data Breaches scheme requires organisations covered by the Privacy Act 1988 to notify individuals whose personal information is involved in a data breach that is likely to result in "serious harm" as soon as practicable after becoming aware of a breach.

During Falk's tenure as acting privacy commissioner, the Office of the Australian Information Commissioner (OAIC) opened an investigation into the Facebook-Cambridge Analytica improper use of data after revealing that more than 311,127 Australians were caught up in the scandal.

The investigation, kicked off in April, will consider whether Facebook breached the Privacy Act.

"All organisations that are covered by the Privacy Act have obligations in relation to the personal information that they hold," Falk said at the time.

"This includes taking reasonable steps to ensure that personal information is held securely, and ensuring that customers are adequately notified about the collection and handling of their personal information."

OAIC had been slated to be disbanded in the 2014 Federal Budget, but with the Senate refusing to pass the legislation to abolish it, it was eventually handed AU$9.3 million annually for four years in the 2016 Budget.

Pilgrim had held the role of privacy commissioner since July 2010, finally also becoming Australian Information Commissioner in September 2016.

During Pilgrim's stint, Australians had their privacy and security eroded under the tenure of former Attorney-General George Brandis, who instituted mandatory data retention, sought to criminalise the re-identification of de-identified government data, and forced telcos to become beholden to the Attorney-General's Department in the name of national security.

Related Coverage

OAIC received 31 notifications in the first three weeks of data breach scheme

The OAIC has revealed to ZDNet it has received 31 notifications since the Notifiable Data Breaches scheme came into effect last month.

Australian privacy commissioner opens Facebook investigation

Investigation officially opened after Facebook revealed the data of over 300,000 Australians may have been improperly used by Cambridge Analytica.

Privacy Commissioner to look at Facebook compliance in Australia

Australia's Information and Privacy Commissioner is 'making inquiries' to clarify if any personal information of Australians was involved in Cambridge Analytica's misuse of Facebook user data.

Australia re-enters Information and Privacy Commissioner limbo

A little over a year after being permanently appointed, Information Commissioner Timothy Pilgrim is set to retire on March 24.

GDPR security pack: Policies to protect data and achieve compliance

One of the key requirements of the newly enacted GDPR is a demonstrated effort to enforce security measures that safeguard customer data. This bundle includes six policies you can customize and implement.