Greetings, APAC privacy pros — it seems a month is a long time in privacy. Since my last post in late April we have traversed through Australia's Privacy Awareness Week, closely followed by New Zealand's privacy week. Both were highly successful initiatives of local regulators' offices to raise public and private awareness of the need for robust and fundamental privacy frameworks to protect citizens and corporates and to help build trust in the community.
We'd barely begun Australia's privacy week, when we got announcements from the Commonwealth Attorney-General that the Office of the Australian Information Commissioner would be getting a refreshed and fully staffed leadership team going forward — with current Commissioner Angelene Falk moving into the senior leadership role of information commissioner, making way for a new privacy commissioner and a new freedom of information commissioner. We also got news that Toni Pirani would begin serving as acting freedom of information commissioner while this search process plays out.
Perhaps the most significant news of the month from the Australian market was the announcements within the federal budget that the OAIC will be getting a significant funding boost to support its oversight and enforcement efforts in the coming years. In response to the budget announcements the OAIC stated:
"The OAIC will receive an extra AUD17.8 million in the 2023–24 financial year. Over four years the OAIC will receive AUD44.3 million to support privacy activities, including work responding to the increased complexity, scale and impact of notifiable data breaches, as reflected in recent large-scale breaches. In addition, AUD9.2 million is allocated over two years to continue to regulate privacy aspects of the Consumer Data Right, My Health Record and Digital Identity.
"'The increased funding to support the OAIC's regulation across the Australian economy will send a strong message that protection of Australians' personal information must be a priority for business and government agencies,' Australian Information Commissioner and Privacy Commissioner Angelene Falk said.
"This funding is an important addition to bolster the OAIC's capacity to regulate in line with community expectations into the future."
While this was playing out the OPC in New Zealand and the OAIC in Australia announced a joint investigation into the Latitude Financial data breach.
Last week In New Zealand, Commissioner Michael Webster released his guidance paper on the expectations around New Zealand agencies, businesses and organizations using generative artificial intelligence. The commissioner outlined seven points of advice to help businesses and organizations engage with the potential of AI in a way that respects people's privacy rights.
While all this was playing out, the IAPP ANZ delegate tour though the first week of May was a resounding success and brought together diverse gatherings of privacy professionals, regulators, academics and other related sectors in Sydney, Melbourne and Auckland. Following on from the tour, I was able to stay on in New Zealand and meet with more local privacy pros in both Auckland and Wellington. I'm looking forward to returning to New Zealand many more times and working with the passionate privacy community there to grow the IAPP presence and reach.
Warm regards.