Australians made over 19K privacy principle enquiries in 2017-18

2,947 privacy complaints were also received by the Office of the Australian Information Commissioner.
Written by Asha Barbaschow, Contributor

The Office of the Australian Information Commissioner (OAIC) responded to a total of 19,407 privacy enquiries in 2017-18, with the most common query over the use and disclosure of an individual's personal information.

Of the total privacy principle enquiries, 14,928 were made via phone, 4,452 were received in writing, and 27 were made in person, the OAIC's Annual Report [PDF] has revealed.

1,560 enquiries were made regarding the use or disclosure of personal information; 1,351 related to the access to personal information; 991 on the general collection of personal information; and 882 on the security of personal information obtained.

The Privacy Act 1988 requires Australian government agencies and private sector organisations to follow a set of rules when collecting, using, and storing individuals' personal information. It is one of the OAIC's responsibilities to provide information about privacy issues and privacy law to the public.

The number of privacy-related enquiries received by the OAIC in 2017-18 was a 16 percent increase over the year prior.

"Over half of all privacy phone enquiries received concerned the operation of the Australian Privacy Principles," the OAIC wrote. "The growth in enquiries indicates a continuation of the year-on-year trend of increased awareness about privacy issues, and a desire by individuals to exercise their rights."

The OAIC said it also received a number of phone enquiries during the year for other issues outside the 15 Privacy Principles, with 904 of the 1,847 total regarding credit reporting.

513 enquiries were made regarding the Notifiable Data Breaches (NDB) Scheme, and 229 were on the voluntary data breach notification process. Nine enquiries were made regarding privacy and the federal government's My Health Record and only one was made on data-matching.

In 2017-18 the OAIC said it received 2,947 privacy complaints -- an 18 percent increase on the number received last year, which was also a 17 percent increase in complaints over 2015-16.

According to the OAIC, this increase indicates a continuing awareness by individuals about their privacy rights, and a willingness by individuals to take steps to protect their personal information.

The office headed up by newly appointed Information and Privacy Commissioner Angelene Falk also finalised 2,766 complaints during the period -- an 11 percent increase on the number of complaints closed last year.

The introduction of the NDB scheme on February 22, 2018, as well as Europe's General Data Protection Regulation (GDPR) on May 25, 2018, also contributed to an increase in enquiries made to the OAIC, the report said.

Expecting 500 data breach notifications to come through the office in the first year of the NDB Scheme, in addition to the other responsibilities the OAIC's staff members already have on their plate, the Legal and Constitutional Affairs Legislation Committee in May shared concern with Falk that her office is understaffed and overworked.

Falk told the committee that the OAIC at the time boasted 75 full-time equivalent staff, but will be receiving a further 17 once the new Consumer Data Right comes into play in the next financial year.

"There is an increase in a number of matters that we're closing," she said. "The challenge is to manage responsibilities with the resources available.

"I acknowledge that we are receiving an increasing number coming through the door, and despite the fact that we are able to resolve more and more efficiently, there is a gap between the two, so we are doing some work internally in the next couple of months to re-look at our process to see if there's anything else that we might realign, we are also looking at our workload that's likely to occur over the next 12 months and do some analysis."


OAIC calls for sunset clause on encryption-busting Bill and warns of privacy risks

The Office of the Australian Information Commissioner seeking greater transparency and judicial oversight to Australia's proposed Assistance and Access Bill.

Private health providers called out in quarterly Australian data breach report

OAIC finds private health service providers and finance are the two most-breached sectors from April to end of June.

Reported breaches not painting complete picture of Australian security landscape

Although 63 data breaches were reported to the Office of the Australian Information Commissioner in less than six weeks, FireEye's Mandiant has warned the figure is higher, but organisations are unsure if their breach fits the brief.

Why Australia is quickly developing a technology-based human rights problem(TechRepublic)

Human rights advocates have called on the Australian government to protect the rights of all in an era of change, saying tech should serve humanity, not exclude the most vulnerable members of society.

Editorial standards