Own Motion Investigation v Retailer [2009] PrivCmrA 25

pdf (93.36 KB)

Security of personal information

G v Counselling Service [2009] PrivCmrA 9

pdf (82.53 KB)

Failure to provide adequate notice when collecting personal information, disclosure of personal information and security of personal information

Own Motion Investigation v Airline [2009] PrivCmrA 7

pdf (79.54 KB)

Failure to keep personal information secure

Own Motion Investigation v Medical Centre [2009] PrivCmrA 6

pdf (84.35 KB)

Failure to keep personal information secure

U v Betting Agency [2008] PrivCmrA 21

pdf (77.12 KB)

Unauthorised access to consumer credit information files

M v Commonwealth Agency [2008] PrivCmrA 13

pdf (22.36 KB)

Unauthorised access and improper disclosure of personal information.

J v Home Shopping Retailer [2008] PrivCmrA 10

pdf (99.21 KB)

Improper disclosure of personal information.

F v Australian Government Agency [2008] PrivCmrA 6

pdf (20.34 KB)

Failure to keep personal information secure.

Y v Ticketing Company [2007] PrivCmrA 27

pdf (20.09 KB)

Security of personal credit card information

Q v Australian Government Agency [2007] PrivCmrA 19

pdf (20.46 KB)

Failure to keep personal information accurate and secure

I v Insurance Company [2007] PrivCmrA 11

pdf (18.54 KB)

Unauthorised access and use of personal information

E v Retail Organisation [2007] PrivCmrA 7

pdf (21.93 KB)

Improper disclosure of personal information; failure to take reasonable steps to protect personal information from misuse and from unauthorised access, modification or disclosure.

D v Insurance Company [2007] PrivCmrA 6

pdf (22.86 KB)

Improper disclosure of personal information; failure to take reasonable steps to ensure the personal information collected or disclosed was accurate, complete and up to date; failure to take reasonable steps to secure personal information from unauthorised access and disclosure.

Own Motion Investigation v Bankruptcy Trustee Firm [2007] PrivCmrA 5

pdf (33.93 KB)

Inadequate protection and improper disclosure of personal information.

Q v Financial Institution [2006] PrivCmrA 16

pdf (14.51 KB)

Security of personal information.

N v Utility Provider [2006] PrivCmrA 13

pdf (16.11 KB)

Security of personal information.

K v Tenancy Database Company [2006] PrivCmrA 10

pdf (14.05 KB)

Reasonable steps to ensure that information in a record is up-to-date.

I v Retail Company [2006] PrivCmrA 8

pdf (15.13 KB)

Collection of sensitive information by a retail company for the purpose of loss prevention and the security of personal information and destruction of old records.

H v Chartered Accountant [2006] PrivCmrA 7

pdf (16.58 KB)

Improper disclosure of Tax File Number information.

B v Australian Government Agency [2006] PrivCmrA 2

pdf (23.53 KB)

Failure to take reasonable steps to protect personal information.

R v Internet Service Provider [2005] PrivCmrA 17

pdf (22.59 KB)

Improper disclosure of personal information and failure to take reasonable steps to protect personal information.

OPC v Banking Institution [2005] PrivCmrA 11

pdf (20.21 KB)

Automated disclosure of personal information following use of incorrect facsimile number.

J v Superannuation Provider [2005] PrivCmrA 7

pdf (58.66 KB)

Improper disclosure of personal information and failure to take reasonable steps to protect, and correct personal information.

H v Commonwealth Agency [ [2005] PrivCmrA 5

pdf (37.3 KB)

 Acts and practices engaged in by a person in the performance of the duties of their employment.

N v Internet Service Provider [2004] PrivCmrA 10

pdf (18.53 KB)

Disclosure of personal information as a result of failure to provide adequate security over personal information / declined to investigate on the basis that complainant did not complain to the respondent before making the complaint to the Commissioner.

L v Commonwealth Agency [2003] PrivCmrA 10

pdf (69.24 KB)

Accuracy, security and disclosure of personal information

I v Major wholesaler [2003] PrivCmrA 7

pdf (10.6 KB)

Unauthorised access to credit reports held by a credit reporting agency

E v Financial Institution [2003] PrivCmrA 3

pdf (12.33 KB)

Adequacy of audit trail in relation to access to personal information

Data-matching in Commonwealth administration (February 1998)

pdf (314.67 KB)

Legislative Data-matching Program Annotated (September 1991)

pdf (65.34 KB)

Information Sheet (Private Sector) 6 - 2001: Security and Personal Information

pdf (77.27 KB)

National Privacy Principle (NPP) 4.1 provides that an organisation must take reasonable steps to protect the personal information it holds from misuse and loss and from unauthorised access, modification or disclosure. Data security is an important way of ensuring that personal information is only used for permissible purposes. In...

Information Sheet (Public Sector) 3 - Portable storage devices and personal information handling

pdf (378.01 KB)

This information sheet suggests a number of steps Australian and ACT Government agencies should consider taking to help safeguard personal information stored or handled on portable storage devices.  What is a portable storage device? A portable storage device (PSD) is defined in this information sheet as a small, lightweight, portabl...

ACMA and Australian Privacy Commissioner to examine botched Telstra mail out

27 October 2010 The Australian Communications and Media Authority and the Office of the Australian Privacy Commissioner are looking into the circumstances of a botched mail out by Telstra to its customers.

FlyBuys' privacy protections recognised in Privacy Awards

12 Nov 09 The parent company of the FlyBuys shopping rewards system, Loyalty Pacific, was named tonight as the winner of the Small-Medium Business category of the Australian Privacy Awards 2009.

Media Release: Privacy Commissioner urges Government agencies: Protect data on USBs & PDAs

08 May 2009 Research commissioned by the Office of the Privacy Commissioner has shown that, while most Australian Government agencies have policies regarding the transfer of personal information, not all have appropriate controls covering the use of portable storage devices (PSDs) for the handling of personal information....

Media Release: Privacy Commissioner launches data breach guide

25 August 2008 The Australian Privacy Commissioner, Karen Curtis, has released a "Guide to Handling Personal Information Security Breaches". It is for use by businesses, agencies and non-government organisations in preventing and, if necessary, responding to a data breach. "Under the Privacy Act, org...

Media Release: Privacy Commissioner seeks views on data breach notification guide

15 April 2008 The Australian Privacy Commissioner, Karen Curtis, has called for feedback from businesses, organisations, government agencies and the public on a draft Voluntary Information Security Breach Notification Guide. "While agencies and organisations are required to safeguard the personal information they hold, unfortunately and...

Media Release: Privacy Commissioner calls for mandatory reporting of major data security breaches

30 January 2008 In the wake of recent significant data breaches in the United Kingdom, the Australian Privacy Commissioner, Karen Curtis, has reiterated her call for compulsory notification of major data security breaches by Australian organisations. "While reporting would need to be proportional to the severity of the breach, it would p...

Media Release: Amend Privacy Act to address security breaches, biometrics and data-matching, says Privacy Commissioner

8 March 2007 While noting that the Privacy Act has generally worked well, the Privacy Commissioner, Karen Curtis, has recommended to the Australian Law Reform Commission (ALRC) that changes to the Privacy Act may be necessary to reflect technological developments. "New technologies can offer immense benefits but we need strong protections...

Media Release: Ticketmaster7 privacy errors highlight industry wide problem

12/2/04 "I am disappointed that businesses, covered by the Privacy Act for over 2 years, are still making fundamental errors," said Federal Privacy Commissioner, Malcolm Crompton. "Some businesses have continued to run web sites that allow anybody to view other customers personal information by changing numbers in the URL (web site...

Media Release: Respect customers' wishes when considering the transfer of personal financial information

8/10/03 The Office of the Privacy Commissioner has today released a Frequently Asked Question (FAQ) regarding the privacy obligations that financial advisors have when they choose to transfer between financial dealer groups. "Customers wishes must come first when financial advisers consider what to do with clients personal information whe...

Media Release: Federal Privacy Commissioner issues Guidelines for Federal and ACT Government World Wide Websites

13/5/1999 Federal Privacy Commissioner, Malcolm Crompton, today released Guidelines for Federal and ACT Government World Wide Websites. Mr Crompton said "the Guidelines will help Government agency websites achieve worlds best practice in relation to on-line privacy protection." "The Guidelines are designed to help Federal and ACT G...

Privacy and the AML/CTF Act - FAQ Flier

pdf (649.47 KB)

Privacy and the Cloud

pdf (465.55 KB)

Speech by Andrew Solomon, Acting Assistant Commissioner, Operations, to Cloud Computing Conference and Expo, 9 September 2010

Good Privacy is Good Business

pdf (204.98 KB)

Speech by Karen Curtis, Privacy Commissioner, to the Trans Tasman Business Circle, Canberra, 24 March 2009

Privacy: Let's shout it from the rafters

pdf (214.76 KB)

Speech by Karen Curtis, Privacy Commissioner, to the International Association of Privacy Professionals, Shangri-La Hotel Sydney, 27 August 2008.

The ABC of privacy - Everything you need to know about privacy

pdf (253.77 KB)

Speech by Karen Curtis, Privacy Commissioner, to the Department of Broadband, Communications and the Digital Economy, Canberra, 8 July 2008.

Top Ten Privacy issues

pdf (145.42 KB)

Speech by Karen Curtis, Privacy Commissioner, to the PIPA Conference 2007 ?Private Sector Privacy in a Changing World?, 20 September 2007, Hyatt Regency, Vancouver, British Columbia, Canada

Security vs Privacy

pdf (1.5 MB)

contributed by the Privacy Commissioner, Malcolm Crompton, to a panel session at ILPF 2002, a conference organised by the Internet Law and Policy Forum, Seattle USA, 19 September 2002.

Privacy and Security

pdf (20.45 KB)

a speech delivered by Malcolm Crompton, Privacy Commissioner, to the Security in Government Conference, organised by the Attorney-General''s Department, Canberra, 12 April 2002.