Office of the Australian Information Commissioner - Home

Australian Government - Office of the Australian Information Commissioner
Australian Government - Office of the Australian Information Commissioner

Main menu

Privacy fact sheet 8: Ten tips to protect your privacy

January 2015

Your privacy is valuable and worth protecting. The Privacy Act 1988 (Privacy Act) requires entities to protect your personal information. Personal information is information or an opinion that identifies you or could identify you. Some examples are your name, address, telephone number, date of birth, medical records, bank account details and opinions about you.

However, you should also take responsibility for your privacy. This 10 step guide gives you some tips to help you protect your personal information, and your privacy.

1. Know your rights

The more you know about your rights, the easier it will be for you to exercise them. The Privacy Act contains 13 Australian Privacy Principles (APPs) that Australian and Norfolk Island Government agencies, and most private sector organisations, (collectively called ‘APP entities’) must follow when they handle your personal information.

There is more information about your privacy rights on our website, www.oaic.gov.au or you can call our Enquiries Line on 1300 363 992.

Tip: Familiarise yourself with the APPs so that you can exercise your rights.

Back to Contents

2. Read privacy policies and collection notices

All entities must have a clearly expressed and up-to-date privacy policy explaining how they will handle your personal information. They must explain the kinds of personal information they collect and use, and what they are going to do with it. They must also say how you can access and correct your personal information and make a privacy complaint.

An entity’s privacy policy must also tell you if personal information is likely to be sent overseas. If something goes wrong the entity that disclosed your information overseas may be legally responsible for this.

The privacy policy will usually be available on their website. If you don’t have access to the internet, you can call and ask for a copy.

Entities should also give you a ‘privacy notice’ when they collect your personal information, which should tell you who they are and how to contact them, why they are collecting your personal information, if there are consequences if you don’t provide it, and who they are likely to give it to, including whether they are likely to send it overseas.

Tip: If you don’t understand a privacy policy or notice, ask for an explanation.

Back to Contents

3. Always ask why, how and who

Entities must only collect your personal information by lawful and fair means and, generally, must only collect information that is reasonably necessary for their functions. For example, a store loyalty card program is unlikely to need to collect information about your medical history. If you don’t think they should collect the information they are asking for, ask why they want or need it. This helps you to know how your personal information is going to be used, and if it is going to be given to someone else.

There are often situations when you do not need to give out your personal information. In many situations you also have the right to use a pseudonym or engage anonymously.

Tip: Don’t give out your personal information unless you are comfortable with how it is going to be used

Back to Contents

4. Check your credit report

You can access or ask for corrections to your credit report for free.

It’s important to make sure your credit information is correct, because if it’s not it may end up having an impact on your ability to make financial decisions, such as get a credit card, loan or buy a house.

You do not need to use a credit repair agency to get a mistake on your credit report fixed — you can request it yourself. Our Enquiries line or our website can give you more information about how to do this.

Tip: Make sure your credit information is correct and up-to-date.

Back to Contents

5. Protect yourself online

There are a lot of ways you can protect your privacy when transacting online.

Make sure you are visiting secure web sites before handing over personal information such as banking and credit card details. You should never share financial details openly online.

You should also avoid using unsecured Wi-Fi networks for secure transactions, like banking or online shopping.

Use different passwords for different accounts, make sure you choose strong passwords and change them regularly. A random combination of numbers, letters and punctuation over eight characters long is recommended. Consider using a password manager to help you with this.

Tip: Use strong passwords and don’t use the same ones across different accounts.

Back to Contents

6. Be aware of your mobile security

A lot of our day-to-day transactions are now completed on our mobile phones — email, contact lists, banking, online shopping, social media, records keeping.

Think about how much of your personal information is stored on your phone, and how many services (such as social media) you stay logged in to.

Most services, like online banking, use SMS or email verification to change passwords or account settings, and chances are you leave your phone logged in to your email. Putting a pin lock on your phone is the best way to protect yourself against unauthorised access to everything from your personal photos to your bank account.

You should also consider the information you share via mobile apps and settings like geo-location. Only download apps from reputable sources, especially if you’re sharing location or financial information.

Tip: Treat your phone like your wallet, and keep it secured at all times.

Back to Contents

7. Use security software

Using security software on your computer is one of the simplest ways to protect yourself and your privacy.

Good computer security includes installing reputable anti-spyware, anti-virus scanners and firewall software.

Tip: Keep your online security tools up-to-date.

Back to Contents

8. Be careful what you share on social media

If you use social media sites, make sure that you read their privacy policies, and choose the privacy settings that best suit your needs.

Your digital footprint can be forever, so think before you share. You may not be able to take back comments or posts if you change your views, or someone shares them without your consent.

The results of over-sharing, or having your posts shared without your consent, can be as varied as personal and professional reputational damage and identity fraud.

Tip: Use your social media privacy settings to control the amount and type of information you want to share.

Back to Contents

9. Don't leave your personal information lying around

Properly destroying personal information you don't want others to see before throwing it out will help to protect you from potential identity theft.

This includes shredding documents and physically destroying expired banking and government-issued cards.

You should also make sure you wipe hard drives and remove the phone’s SIM before you throw out or give away your old phone, computer or tablet.

Tip: Securely dispose of hard copy and electronic records.

Back to Contents

10. Beware of scams

Be careful — there are many online and email scams out there.

If you’re not expecting a request to update information, to get a refund, or to /win a prize, don’t give out your personal information until you’re sure it’s legitimate and above-board.

The Australian Competition and Consumer Commission provides useful information on how to protect yourself against scams on their SCAMwatch site.

You can also subscribe to the Stay Smart Online free alert service to receive email alerts of scams and other cyber issues.

State and Territory Departments of Fair Trading may also have lists of current scams.

Tip: If it looks too good to be true, don’t share your personal information!

Back to Contents

Don't leave your privacy to chance.

Have you had a privacy problem?

If you think that your personal information has not been handled properly, your first step is to complain to the entity, and give them 30 days to respond.

If they don’t respond, or you’re not happy with their response, you can then make a complaint to us.

For more information go to our website or call our Enquiries Line on 1300 363 992.

Back to Contents