Professor John McMillan AO Australian Information Commissioner Balancing open access and privacy protection.

Slides:

Advertisements

Similar presentations

© State Services Commission, 2006 Authentication to access government services What might the future hold? Laurence Millar Deputy Commissioner Information.

Advertisements

Mobile Payments and the FTC Manas Mohapatra Director of Mobile Policy Mobile Technology Unit Federal Trade Commission The views expressed are not necessarily.

Khammar Mrabit Director Office of Nuclear Security

Key Issues for the Competition Policy Review Professor Ian Harper Chair, Competition Policy Review Panel UNSW, 6 August 2014.

Information Privacy and Data Protection Lexpert Seminar David YoungDecember 9, 2013 Breach Prevention – Due Diligence and Risk Reduction.

Protecting information rights – advancing information policy ICON meeting Tuesday, 18 February 2014 Timothy Pilgrim Privacy Commissioner.

Statewide PCP Chairs and Executive Officers Tuesday 14 August 2012 Sylvia Barry Manager Partnerships and Primary Health.

Developing an Evaluation Strategy – experience in DFID Nick York Director – Country, Corporate and Global Evaluations, World Bank IEG Former Chief Professional.

Introduction to basic principles of Regulation (EC) 45/2001 Sophie Louveaux María Verónica Pérez Asinari.

Improving Vocational Education and Training: The “Australian Vocational Qualification System” (AVQS) Pam Caven Director Policy & Stakeholder Engagement,

Barry Sandison Deputy Secretary, Health and Information Department of Human Services Data: creating value for service delivery.

SES Ethics Workshop. Compliance or Culture How to institutionalise ethics in public administration.

1 Bryan Lyttle Planning and Transportation Policy Manager Localism One Year On.

Community Crime Prevention CCTV in Victoria A Guide to Developing CCTV in Victoria Presenter:Simon Walker Title:Senior Policy Officer Date:13 November.

1 Opening the Door: Access to Government Information A primer for Media Students Mohawk College Sept. 18, 2002 Bob Spence Communications Co-ordinator Office.

Queensland Treasury Department Role and Function of Treasury Financial Framework Charter of Fiscal and Social Responsibility and Priorities in Progress.

29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL DATA PROTECTION AND PRIVACY COMMISSIONERS.

Improving Cybersecurity Through Research & Innovation Dr. Steve Purser Head of Technical Competence Department European Network and Information Security.

Data-Sharing and Governance Consultation ANALYSIS OF RESPONSES.

The Australian Privacy Principles Protecting information rights – advancing information policy.

Introduction to the APPs and the OAIC’s regulatory approach Presented by: Este Darin-Cooper Director, Regulation and Strategy May 2015.

The role of the Office of the Privacy Commissioner in telecommunications Andrew Solomon Director, Policy.

The Information Systems Audit Process

Internal Control and Internal Audit

Contemporary Issues in Canadian Health Care Nola M. Ries, MPA, LLM Adjunct Assistant Professor, University of Victoria Research Associate, Health Law Institute,

Protecting information rights – advancing information policy Privacy law reform for APP entities (organisations)

Documentation: The legal aspects Maternal and Child Health Conference 5 February 2010 Your speakers: Joanne Kummrow Daniel Perkins.

Integrated Assessment and Planning

BITS Proprietary and Confidential © BITS Security and Technology Risks: Risk Mitigation Activities of US Financial Institutions John Carlson Senior.

Finance and Governance Workshop Data Protection and Information Management 10 June 2014.

Transforming Services Creating Efficiencies Empowering Citizens Transforming Services Creating Efficiencies Empowering Citizens Transforming Services Creating.

Protecting information rights advancing information policy.

Protecting information rights – advancing information policy The Australian Privacy Principles.

1 Office of the Privacy Commissioner for Personal Data Hong Kong SAR Tony LAM Deputy Privacy Commissioner for Personal Data Asian Personal Data Privacy.

Australia Cybercrime Capacity Building Conference April 2010 Brunei Darussalam Ms Marcella Hawkes Director, Cyber Security Policy Australian Government.

Recommendation of the OECD Council for enhanced access and more effective use of public sector information 11 th Meeting of the PSI Group European Commission.

Privacy and Security Risks to Rural Hospitals John Hoyt, Partner December 6, 2013.

Europe's work in progress: quality of mHealth Pēteris Zilgalvis, J.D., Head of Unit, Health and Well-Being, DG CONNECT Voka Health Community 29 September.

Privacy Impact Assessments Iain Bourne, Group Manager, Policy Delivery Information Commissioner’s Office, UK Workshop on data protection and the internet:

UNDP Handbook for conducting technology needs assessments and Preliminary analysis of countries’ TNAs UNFCCC Seminar on the development and transfer on.

PACIFIC AID EFFECTIVENESS PRINCIPLES. Purpose of Presentation Provide an overview of Pacific Principles on Aid Effectiveness Provide an overview of Pacific.

JOINING UP GOVERNMENTS EUROPEAN COMMISSION Establishing a European Union Location Framework.

Spectrum and Mobile Broadband Beyond Mobile Evolution in Australia G CDMA GSM AMPS First fully automatic mobile system Australian.

Regulatory Transparency and Efficiency in the Communications Industry in Australia Jennifer Bryant Office of Regulation Review Australia.

Protecting information rights – advancing information policy.

The privacy risks and rewards of distributed identity Conference Presentation (8 September 2003) Surveillance and Privacy 2003, University of New South.

The Principles Governing EU Environmental Law. 2 The importance of EU Environmental Law at the European and globallevel The importance of EU Environmental.

IM NETWORK MEETING 20 TH JULY, 2010 CONSULTATION WITH 3 RD PARTIES.

Educational Template Chapter 11 Data Privacy and Security Ross Fraser Chapter 11 Data Privacy & Security.

Kathy Corbiere Service Delivery and Performance Commission

Canada’s Access to Information Act Measuring Up? Panel 3: Select Country Cases April 28, :15 Americas Regional Conference on the Right of Access.

Introduction to the Australian Privacy Principles & the OAIC’s regulatory approach Privacy Awareness Week 2016.

Overview of Good Regulatory Practice Kent Shigetomi Office of the U.S. Trade Representative.

-1- WORKSHOP ON DATA PROTECTION AND DATA TRANSFERS TO THIRD COUNTRIES Technical and organizational security measures Skopje, 16 May - 17 May 2011 María.

Director, Regulation and Strategy

Rosalyn Moran CSDAN May 2017

Regulatory Transparency and Efficiency in the Communications Industry in Australia Jennifer Bryant Office of Regulation Review Australia.

Data Sharing Consultation Event

Privacy and Security in the Employment Relationship

APP entities (organisations)

GENERAL DATA PROTECTION REGULATION (GDPR)

Current Privacy Issues That May Affect Your Credit Union

Ethical questions on the use of big data in official statistics

Sameer Sharma, ITU 7 August, 2018 Dhaka, Bangladesh.

The activity of Art. 29. Working Party György Halmos

Strategic Environmental Assessment (SEA)

THE 13TH NATIONAL HIPAA SUMMIT HEALTH INFORMATION PRIVACY & SECURITY IN SHARED HEALTH RECORD SYSTEMS SEPTEMBER 26, 2006 Paul T. Smith, Esq. Partner,

Overview of Good Regulatory Practice

UNECE International Conference

Representation of the European Commission in Romania

Presentation transcript:

Professor John McMillan AO Australian Information Commissioner Balancing open access and privacy protection

Protecting information rights – advancing information policy

Balancing Open Access and Privacy Protection John McMillan Australian Information Commissioner

FOI and access requests now more common, under a reformed Act that embodies a strong presumption of access Privacy Act strengthened to accord greater importance to privacy protection Heightened pressure on agencies to share and proactively release data sets of economic and social value Technology posing new threats to privacy security OAIC role in striking a balance between those competing pressures Access and privacy – a changing context

Balancing access and privacy under the FOI Act – 79.5% of 24,944 requests in 2012/13 were personal information requests – Personal privacy exemption applied in 20.6% of cases – Third party objections to release – 24 of 483 IC review applications The personal privacy exemption (s 47F): whether disclosure of ‘personal information’ would be ‘unreasonable’ and ‘contrary to the public interest’ – ‘personal information’: any information that reasonably identifies a natural person Straightforward application of s 47F - eg, information about benefit payments to third parties, detainees, the identify of correspondents Access to information upon request

IC review decisions rejecting an agency decision under s 47F Complex issues arising in IC reviews – Access to anonymised statistical data – Release of vocational assessment information of a successful APS applicant Other FOI situations in which an access/privacy balance must be struck – Facilitating informal administrative access – Publishing documents released under the FOI Act on agency Disclosure Log – A developing (but dubious) agency practice of automatically deleting routine work references to non-SES personnel Access to information upon request

Pressures for adoption of an open data culture Australian Government policy framework documents, eg – Australian Public Service Big Data Strategy (2013) ‘Big Data Principles’: ‘Data sets that government holds are a national asset [that] should be used for public good’ and ‘should be available for community access and use’. – OAIC, Open public sector information principles International trends, eg – G8 Open Data Charter: ‘The world is witnessing the growth of a global movement facilitated by technology and social media and fuelled by information … Open data sits at the heart of this global movement.’ Proactive release and open data

q Proposals for improved Australian Government practice – National Commission of Audit Recommendation 61: Data - There is untapped potential to use anonymised data and new data analytic techniques to improve the efficiency and effectiveness of government. [Government should] rapidly improve the use of data in policy development, service delivery and fraud reduction by … extending and accelerating the publication of anonymised administrative data … – Productivity Commission Annual Report, ‘Australia lacks a culture of information sharing and proactive data release. …[T]he main barriers … are: protection of privacy; the resources needed to ensure that data are of sufficient quality for policy evaluation; and concerns by governments about unfavourable findings on policy effectiveness.’ Proactive release and open data

Pressures for stronger privacy protection New Australian Privacy Principles, and stronger enforcement powers conferred on OAIC Increase internationally in damaging data breaches Heightened community concern about privacy protection Greater complexity of anonymising ‘big data’ Proactive release and open data

Ex Striking a balance between open data and privacy protection – accustomed strategies Applying the APPs Privacy by design Privacy impact assessment Information security measures Data breach notification De-identification of personal information Proactive release and open data

Key FOI changes Will a new approach be needed? See US Report by President’s Council of Advisers on Science and Technology, Big Data and Privacy: A Technological Perspective – Understanding the implications of big data, and the difficulty of predicting whether non-obvious information will later raise a privacy issue – Developing different privacy strategies for different information categories, eg, ‘born analog’, ‘born digital’, ‘data fusion’ – Develop more advanced technology building blocks (eg, encryption, auditable controls, cybersecurity), and place less reliance on accustomed methods (eg, de-identification) – Shift emphasis from notice and consent to the responsibility of data holders and users Proactive release and open data

Protecting information rights – advancing information policy Questions?