Office of the Australian Information Commissioner - Home

Australian Government - Office of the Australian Information Commissioner
Australian Government - Office of the Australian Information Commissioner

Main menu

Chapter Four — Communication and engagement

Overview

An important statutory function of the Office of the Australian Information Commissioner (OAIC) is to promote awareness and understanding of the Freedom of Information Act 1982 (FOI Act) and the Privacy Act 1988 (Privacy Act).

The OAIC promotes awareness of privacy and freedom of information (FOI) rights and responsibilities in many different ways that include the OAIC website, publications, speeches and presentations, awareness campaigns, stakeholder events (including the inaugural OAIC Information Policy Conference, see Chapter 5), meetings, media and social media, and stakeholder updates and alerts.

The OAIC maintained a strong public profile throughout the year. Media interest in privacy and FOI issues continued to rise. In 2011–12 the OAIC responded to 285 requests for information from journalists, compared with 223 in 2010–11, an increase of 28%.

A key focus of the OAIC has been to increase opportunities for information professionals to meet, share expertise and collaborate. The OAIC hosts the Information Contact Officer Network (ICON) (for public sector information professionals) and the Privacy Connections network (for business).

The OAIC continued to foster productive relationships with counterpart organisations in other jurisdictions through national and international forums such as the Association of Information Access Commissioners (AIAC), the Asia Pacific Privacy Authorities Forum (APPA), Privacy Authorities Australia (PAA), the Organisation for Economic Co-operation and Development (OECD), Asia Pacific Economic Cooperation (APEC), and the International Conference of Data Protection and Privacy Commissioners (ICDPPC).

In addition to running a successful Privacy Awareness Week (PAW) 2012, the OAIC increased its use of web 2.0 technology to communicate education and awareness messages, and to collaborate and consult with organisations, agencies and the wider community.

The OAIC also released a range of informative guidance material to help individuals, businesses and government agencies understand their information rights and responsibilities.

Back to Contents

Privacy Awareness Week 2012

PAW is an annual promotion coordinated by members of APPA. The week provides an opportunity for organisations and agencies in APPA jurisdictions to promote awareness of privacy rights and responsibilities to staff, clients and the wider community.

PAW 2012 was held from 29 April to 4 May with APPA members promoting privacy awareness activities across the region. The OAIC attracted a record number of 146 PAW partners, up from 80 in 2011.

Over the week, many partners displayed PAW web banners and published the OAIC’s privacy messages on their intranets and websites, displayed PAW posters, and hosted internal events to raise awareness about privacy protection.

The OAIC hosted a business breakfast as its PAW launch event on 30 April 2012 at which more than 180 professionals gathered to consider what to do when faced with a data breach. This high-profile panel discussion entitled Data breach: are you ready? brought together the Privacy Commissioner, Timothy Pilgrim, with risk management executives from the telecommunications, retail and banking industries. Australian Information Commissioner, Professor John McMillan, launched the OAIC’s revised edition of Data breach notification: A guide to handling personal information security breaches.

Retaining consumer trust and the importance of leadership in promoting a strong privacy culture were identified as key issues for business during the breakfast discussion. Feedback from panellists and guests indicated that the breakfast was a success and there was great value in the business community coming together to share thoughts around a common problem.

In 2012, the OAIC again maintained APPA’s PAW website at www.privacyawarenessweek.org, publishing several new pages including a list of youth resources developed by APPA members. The website attracted 7460 visitors over the campaign period. The OAIC was also active on Facebook and Twitter throughout the campaign.

PAW is an important annual campaign to increase awareness of privacy choices and obligations, assisting the OAIC to meet its strategic goals. It also provides the opportunity for the OAIC to develop robust relationships with Australian businesses, government agencies, non-government organisations and the wider community, while strengthening its links with APPA members.

Back to Contents

International and regional engagement

Association of Information Access Commissioners

The AIAC met on two occasions during 2011–12: in November 2011 and March 2012. The association was established in September 2010 by the statutory officers in each Australian jurisdiction responsible for FOI oversight, and development of information policy. The membership of the AIAC comprises Information Commissioners (Commonwealth, NSW, NT, Queensland and WA), the Commonwealth Freedom of Information Commissioner, the Queensland Right to Information Commissioner and the Ombudsman from other state jurisdictions.

The AIAC aims to exchange information and experience between offices about the exercise of oversight responsibilities, and to promote best practice and consistency in information access policies and laws. Matters discussed at meetings included work practices for handling complaints and reviews, case law developments, monitoring and audit activity, research projects, staff training, public awareness activities and international links.

The November 2011 AIAC meeting was hosted by the OAIC and coincided with the OAIC’s Information Policy Conference in Canberra. Commissioners from other jurisdictions participated in the conference. More information on the conference can be found in Chapter 5.

Asia Pacific Privacy Authorities

The OAIC continues to be actively involved in the APPA Forum. Members met in Melbourne in December 2011 and in Hong Kong in June 2012. This year, membership of the Forum continued to grow with APPA welcoming the Korean Personal Information Protection Commissioner to the Forum.

At these meetings, members discussed a range of topics, including the potential for future joint enforcement activities; the privacy implications of social media sites, cloud computing, smart phone applications and other technology platforms; credit reporting reforms; and balancing the right to privacy with the right to freedom of expression.

The OAIC provides secretariat services to APPA, including maintaining its webpage.

Group photo of APPA representatives

Representatives of APPA jurisdictions at the June 2012 APPA meeting, Hong Kong

Privacy Authorities Australia

PAA is a group of Australian privacy authorities that meets regularly to promote best practice and consistency of privacy policies and laws.

PAA membership includes the OAIC, privacy representatives from all states and territories, and the Australian Government department responsible for privacy (formerly, the Department of the Prime Minister and Cabinet, now the Attorney General’s Department). The Privacy Commissioner hosted a PAA meeting in Sydney in September 2011 and attended a PAA meeting in Melbourne in May 2012. Topics discussed included national regulatory schemes, the Document Verification Service, the eHealth system and the Australian Early Development Index.

Organisation for Economic Co-operation and Development

Thirteen privacy enforcement authorities from around the world, including Australia, joined forces to launch the Global Privacy Enforcement Network (GPEN) in September 2010. GPEN is designed to facilitate cross-border cooperation in the enforcement of privacy laws. As at 30 June 2012, GPEN had 28 member authorities, including 21 nations, four subnational authorities, and the European Union.

GPEN builds on the OECD’s Recommendation on Privacy Law Enforcement Co-operation (2007), which recognised the need for greater cooperation between privacy enforcement authorities in cross-border privacy matters. The Recommendation states that member countries should foster the establishment of an informal network of privacy enforcement authorities and other appropriate stakeholders to discuss the practical aspects of privacy law enforcement cooperation.

More information about GPEN can be found at: www.privacyenforcement.net.

Asia Pacific Economic Cooperation

In 2007, APEC economies endorsed the APEC Data Privacy Pathfinder (the Pathfinder) to guide implementation of the APEC Privacy Framework.

The Cross-border Privacy Enforcement Arrangement (CPEA) has been developed as part of the Pathfinder initiative, and provides a framework for privacy regulators to cooperate and seek information and advice from each other on cross-border enforcement matters.

The CPEA came into force in July 2010. The OAIC is one of the CPEA’s co-administrators, and is jointly responsible for conducting eligibility checks on privacy enforcement authorities that wish to participate in the CPEA.

The Pathfinder also involves the development and implementation of a Cross-border Privacy Rules (CBPR) system. The system will provide guidance on the how the CBPR of businesses can meet the standards of the APEC Privacy Framework and be recognised across APEC economies. More information about CPEA can be found at: www.apec.org.

33rd International Conference of Data Protection and Privacy Commissioners

The 33rd ICDPPC was hosted by the Federal Institute for Access to Information and Data Protection (IFAI) in Mexico City in November 2011. The theme of the conference was ‘Privacy: The Global Age’.

The Conference adopted resolutions on a number of matters, including data protection and major natural disasters, the use of unique identifiers in the deployment of internet protocol version 6, and privacy enforcement and coordination at the international level. The OAIC was represented by the Privacy Commissioner at the conference.

Administrative Review Council

The Information Commissioner is an ex officio member of the Administrative Review Council under the Administrative Appeals Tribunal Act 1975 (s 49(1)). Other ex officio members of the Council are the Commonwealth Ombudsman, President of the Administrative Appeals Tribunal, President of the Australian Law Reform Commission, and President of the Australian Human Rights Commission.

The Information Commissioner participated actively in meetings and projects of the Council during the reporting year. The main project in 2011–12 was a review of the framework for Australian judicial review. The report will be published in September 2012. The Commissioner was a member of the sub-committee conducting that project.

Back to Contents

Networks and Committees

Information Contact Officer Network

ICON is a network for FOI, privacy and information policy contact officers in Australian Government agencies. ICON also includes the Norfolk Island administration and, in relation to privacy, ACT Government agencies.

During 2011–12, ICON meetings were held quarterly, with three meetings in Canberra and one meeting in Sydney. The attendance at Canberra meetings ranged from 150 to 200 people. The meetings provide information and updates on the work of the OAIC and give participants the opportunity to network and share knowledge with information professionals from other Government agencies.

Topics discussed included agency compliance with the Information Publication Scheme (IPS), FOI extension of time provisions, FOI disclosure logs and redaction, privacy impact assessments, cloud computing, the eHealth system, privacy reforms, and PAW 2012. The agenda, related documents and audio from each meeting are available on the OAIC website.

Privacy Connections

During 2011–12 the OAIC relaunched Privacy Connections, a network for privacy professionals in the private sector. One event was held during the year, the Privacy Awareness Week 2012 business breakfast. The OAIC plans to develop this network further in the next financial year to assist Australian businesses keep up to date with privacy developments, including privacy law reforms.

Privacy Advisory Committee

The Privacy Advisory Committee (PAC) is established by the Privacy Act (s 82). PAC is chaired by the Information Commissioner; other members are appointed by the Governor-General. PAC’s function, as outlined in s 83 of the Privacy Act, is to advise the Information Commissioner on matters relevant to his functions and to engage in and promote protection of individual privacy in the private sector, government and the community. Minutes of PAC meetings are published on the OAIC website.

PAC met three times during the reporting period, with one meeting being a joint meeting with the Information Advisory Committee. The PAC provided independent advice to the OAIC on a range of issues including data breach notification and the OAIC’s revised guide to handling personal information security breaches, PAW 2012, and electronic health records. A member of the Privacy Advisory Committee also participated in airport body scanning trials.

A list of PAC members can be found in Appendix 7.

Information Advisory Committee

The Information Advisory Committee (IAC) is established by the Australian Information Commissioner Act 2010 (s 27). The IAC is chaired by the Information Commissioner; other members are appointed by the Minister. The IAC’s function is to assist and advise the Information Commissioner in the performance of the information commissioner functions. Minutes of IAC meetings are published on the OAIC website.

Twelve members were appointed to the IAC in September 2011. Dr Ian Reinecke, an inaugural appointee, resigned in June 2012. The IAC now has 11 members in addition to the Chair.

The IAC met twice during the reporting period, including a joint meeting with PAC. The meetings discussed the OAIC review of FOI Act charges, the OAIC survey to assess compliance with IPS requirements, open public sector information practices in agencies, journalist interest in the disclosure log, the Australian Government’s digital transition policy and issues relating to agency website accessibility.

A list of IAC members can be found in Appendix 7.

Back to Contents

Media

In 2011–12, the OAIC received 285 media enquiries, an increase of 28% on the previous year.

A significant amount of media interest was generated by some high profile data breaches, OAIC investigation reports, an Australian Government issues paper on a statutory cause of action for privacy breaches, and progress on privacy law reform. While the majority of media enquiries related to privacy, there was an increase in the number of enquiries related to FOI. The media was particularly interested in the OAIC’s review of FOI Act charges and Information Commissioner review decisions.

The OAIC Commissioners participated in a large number of media interviews during the year. In particular, the Privacy Commissioner participated in a panel discussion on SBS’s Insight program in August 2011 and the FOI Commissioner held a media briefing for journalists in May 2012.

The OAIC published 18 media releases during 2011–12.

Back to Contents

Speeches

The OAIC executive and senior staff delivered 63 speeches and presentations on a range of information-related issues including information policy, FOI and privacy law reform. These speeches were delivered in a variety of forums, including national and international conferences and seminars, a hypothetical for young lawyers, and the Melbourne Writers Festival. Speeches covered FOI reform and cultural change, open government, information law and policy reform, the launch of University of Queensland privacy survey results, launch of Information Awareness Month, and privacy law reform.

A list of all speeches given by the Information Commissioner, Privacy Commissioner and FOI Commissioner is in Appendix 6.

Back to Contents

Training for Australian Government agencies

The OAIC provided training on the OAIC and FOI reforms to Australian Government agencies.

In 2011–12, the OAIC provided 17 training sessions to staff from a large number of Australian Government agencies and the Norfolk Island administration.

The training course provided an overview of changes to the FOI Act and the operation of the OAIC. The OAIC discontinued this course in April 2012 as the reforms to the FOI Act had then been in place for over 12 months.

The OAIC’s training materials are available on the OAIC website.

Back to Contents

Publications

The OAIC released a large number of new publications during 2011–12. Major publications included:

Freedom of Information

  • Guide to the Freedom of Information Act 1982
  • Review of charges under the Freedom of Information Act 1982 — Report to the Attorney-General
  • Frequently asked questions for agencies about access to documents and review rights under the FOI Act
  • 13 FOI Agency Resources for Australian Government agencies on topics including tips for FOI decision makers, calculating and imposing charges, exemptions, statement of reasons, and internal review
  • FOI Fact Sheet 15 on FOI and Norfolk Island

Privacy

  • 15 Privacy Fact Sheets on a range of topics, including online behavioural advertising, health care identifiers, the new eHealth record system, ten steps to protect personal information, and the OAIC’s privacy complaint handling process
  • A Privacy Agency Resource on individual healthcare identifiers for state and territory healthcare providers
  • Proposed revocation of the Biometrics Institute Privacy Code: Consultation paper

Information Policy

  • Issues Paper 2: Understanding the value of public sector information in Australia

The OAIC also reviewed and reissued a number of existing publications, including a number of Parts of the Guidelines issued by the Information Commissioner under s 93A of the FOI Act, the Tax File Number Guidelines 2011 (TFN Guidelines) issued under the Privacy Act, and Data breach notification: A guide to handling personal information security breaches.

OAIC publications can be accessed on the OAIC website.

Back to Contents

Website

During 2011–12, a large number of new publications and other relevant information was added to the OAIC’s website (www.oaic.gov.au) to assist the public in understanding their information rights, and to assist agencies and businesses understand their obligations. The OAIC has four RSS feeds to ensure that interested users are alerted to the latest updates.

In the second half of 2011–12, a tender was released to allow the OAIC to transition to a comprehensive website incorporating relevant privacy material from www.privacy.gov.au as well as the FOI and information policy materials already published at www.oaic.gov.au. This website redevelopment will significantly improve the ability of the OAIC to meet the Australian Government’s web content accessibility (WCAG 2.0) requirements. It is anticipated that the new website will be operational by the end of 2012.

Back to Contents

Social media and other communication platforms

The OAIC uses social media and other web 2.0 platforms to promote and inform the public about the work of the OAIC. In 2011–12, the OAIC increased its use of social media channels, including Facebook, Twitter, and YouTube.

In 2011–12, the OAIC continued to use Govspace (www.oaic.govspace.gov.au) to post information about FOI, privacy and information policy. Govspace is an online communications platform managed by the Department of Finance and Deregulation and used by the OAIC to host its public blog.

The OAIC also used GovDex, an Australian Government initiative designed to promote information sharing across Australian Government agencies. In 2011–12, the OAIC used GovDex to generate discussion across Australian Government agencies in relation to a number of topics, including the ICON network, managing FOI requests and compliance with the IPS.

OAICnet has 3473 subscribers and is the OAIC external communication platform for distributing email messages to stakeholders, media, and interested members of the public. The OAIC sent 34 OAICnet messages in 2011–12. The OAIC uses a similar platform to communicate with ICON members.

Back to Contents