The COVID-19 pandemic has focused attention on privacy and created opportunities for greater transparency through the proactive release of government information, according to the 2019–20 annual report from the Office of the Australian Information Commissioner (OAIC).
Australian Information Commissioner and Privacy Commissioner Angelene Falk said the OAIC’s work in relation to COVID-19 has strengthened privacy safeguards and accountability for the community.
“The OAIC has continued to deliver on its purpose to uphold and promote privacy and information access rights throughout the pandemic, increasing the number of privacy complaints and Information Commissioner reviews finalised over the past year,” Ms Falk said.
“We are supporting Australia’s response and recovery through our role in overseeing the privacy safeguards built into the COVIDSafe app, and by providing advice and guidance to government, business and the community on privacy and information access issues arising in the pandemic.
“Our efforts to build trust and confidence in the protection of personal information and access to government-held information span a range of compliance, engagement, advisory and education activities.
“Through the Notifiable Data Breaches scheme and implementation of the Consumer Data Right, we are working to enhance personal information security across the economy.
“We have also joined with our international and state and territory counterparts to exchange information and intelligence to strengthen our guidance and regulatory activities.”
Commissioner Falk said the proactive and real-time release of government-held information has been a critical factor in the pandemic response.
“We continue to support proactive publication and information access as foundations of accountable government and public participation and have provided new resources and tools for agencies,” she said.
“The examples of proactive publication and privacy by design during this period set an encouraging precedent for the future of information management.”
The OAIC’s annual report also highlights its success in addressing a backlog of privacy cases created by sustained increases in complaints over recent years.
“Through a comprehensive review of our structures, systems and processes supported by additional funding, we resolved a backlog of complex and aged privacy complaints, which contributed to my office closing 3,366 privacy complaints during the financial year, up 15% on 2018–19,” Ms Falk said.
“We continued to enhance processes in our FOI area and resolved more Information Commissioner reviews during the reporting period than ever before, finalising 829, a 26% improvement compared to 2018–19.”
In 2019–20, the OAIC launched its first privacy civil penalty action, following a detailed investigation that included cooperation with international authorities. The Commissioner filed proceedings against Facebook Inc. and Facebook Ireland in the Federal Court of Australia.
“In operating as a contemporary regulator, our regulatory posture and approach is evidence-based, proportionate and seeks to respond to community expectations in addressing risk,” Ms Falk said.
Key 2019-20 statistics
- Finalised 3,366 privacy complaints (up 15% compared to 2018–19), in an average of 4.7 months (2018–19: 4.4 months)
- Finalised 829 Information Commissioner (IC) reviews of FOI decisions (up 26%), in an average of 8.1 months (2018–19: 7.8 months)
- Finalised 71 FOI complaints (up 223%), in an average of 11.6 months (2018–19: 7.2 months)
- Opened 19 Privacy Commissioner-initiated preliminary inquiries and investigations (up 27%)
- Received 2,673 privacy complaints (down 19%)
- Received 1,050 notifications under the Notifiable Data Breaches scheme (up 11%)
- Received 1,066 applications for IC review of FOI decisions (up 15%)
- Received 109 FOI complaints (up 79%)
- Received 14,842 privacy enquiries (down 15%)
- Received 2,297 FOI enquiries (down 20%).
