Your privacy is valuable and worth protecting. You should always be aware of it when using websites and apps (such as social media).

How to protect your privacy

Use secure websites to handle personal information

Make sure you are visiting a secure website before entering your personal information, such as banking and credit card details. There are several ways to check if a site is secure, such as if it uses ‘https’ at the beginning of its domain name or has a security icon, usually a small locked padlock, on its browser. You should also use an encrypted wi-fi network that needs a password for a secure transaction.

Use up-to-date security software

Install patches and security software on your computer, including anti-spyware, anti-virus scanners and firewall software.

Download apps from reputable sources

Only download an app from a reputable source, especially if you’re sharing location or financial information.

Use strong passwords

  • Create unique, long, and complex passwords for your different online accounts - if you have a large number of online accounts or have trouble remembering your passwords, consider using a password manager
  • Add another layer of security for your online accounts by enabling Multi-Factor Authentication when available
  • Before entering your password, verify the website is genuine by confirming the website address matches the intended website
  • Avoid entering your password into a webpage after clicking on a link in an email, SMS, or instant message
  • Check Have I Been Pwned? to find out if you have been compromised in a data breach, and change your password for any compromised accounts
  • Only change your password if you suspect your password or account has been compromised

Read privacy policies and privacy notices

An organisation or agency must have a privacy policy that explains how they’ll handle the personal information you enter on their website or app if the Privacy Act 1988 covers the organisation or agency. The Privacy Act covers organisations with an annual turnover of more than $3 million and a link to Australia, and some other organisations.

An organisation or agency should also give a privacy notice when they collect your personal information which explains who they are and how to contact them, why they're collecting your personal information, if there are consequences if you don’t give it, and who they're likely to give it to, including if they're likely to send it overseas.

Know what it means to have information on the cloud

The cloud refers to software and services that run on the internet. You access a cloud service on any device with an internet connection.

Information held in the cloud is protected by the Privacy Act if the organisation supplying the cloud service is an organisation that the Privacy Act covers.

Whether a cloud service has breached your privacy may depend on whether the information is stored in an Australian cloud or overseas.

Before signing up for a cloud service, always read their privacy policy.

Help if you’ve been harassed, bullied or defamed

If you’re concerned aboutContact
Your personal information being mishandled The OAIC
A data breach See Data Breach Support and Resources
An Australian child being cyberbullied

The Office of the eSafety Commissioner


Having been defamed A lawyer
Protecting yourself online

Australian Cyber Security Centre

Australian Communications and Media Authority

Serious harassment The police

For more information

Download the Be safe be alert online directory with tips on how to protect your personal information online and get support from:

  • the Office of the Australian Information Commissioner (OAIC)
  • the Office of the eSafety Commissioner
  • the Australian Cyber Security Centre and
  • the Australian Competition and Consumer Commission.