Greetings Asia-Pacific privacy pros.
The 2022-2023 fiscal year has closed and we've moved in to 2023-2024 with news that one of the largest law firms in Australia, HWL Ebsworth, recently reported a data breach under the Office of the Australian Information Commissioner's notifiable data breaches scheme. The details and circumstances of the breach are still being investigated and the OAIC has noted in a statement dated 15 June:
"On 8 May 2023, HWL Ebsworth reported a data breach to the Office of the Australian Information Commissioner in the OAIC's capacity as regulator of the Notifiable Data Breaches scheme. HWL Ebsworth provides legal services to a range of Commonwealth clients, including the OAIC. On Saturday 10 June, HWL Ebsworth advised the OAIC that a document or documents relating to a limited number of OAIC files were included in the breach experienced by HWL Ebsworth.
"HWL Ebsworth is currently providing further information to the OAIC about those documents. The OAIC will review those documents to see whether they contain personal information, and, consistent with requirements under the Notifiable Data Breaches scheme, will notify affected individuals where necessary. The OAIC's systems have not been compromised."
While we await the outcomes of the OAIC review and any potential follow up, it serves as a timely reminder — like we needed any more reminding — that data governance practices and customer trust are critically important to all organizations and sectors.
Meanwhile, the IAPP has been moving at the speed of light to build and roll out its AI Governance Center and began to deliver on its commitments to the privacy community — standing up an AI Governance Dashboard Newsletter, convening an incredibly talented AI Governance Center Advisory Board, announcing the launch of the first IAPP AI Governance Conference to be held in Boston, Massachusetts, U.S., 2-3 Nov.
Perhaps the most significant and tangible deliverable was the recent delivery and launch of the AI Governance Professional Body of Knowledge, which will form the foundation of the training programs and certification that will be available for IAPP members to undertake in the near future. Privacy pros interested to learn more about this initiative should subscribe to the newsletter and can reach out to me directly for personal updates and to address any questions.
For those in the APAC region that wont be able to make it to the first AI conference in Boston, I am working hard to make sure our own ANZ summit in Sydney, 28 and 29 Nov., is loaded with keynotes, sessions and other relevant content from the AI Governance Center to ensure that APAC privacy pros are current and getting all the same information and opportunities that their U.S. and European colleagues receive. I'm expecting that many of our colleagues from Australia, New Zealand and around the Asia-Pacific region will be keen to join us and make this year's summit the biggest and best ever. Watch in the coming weeks for announcements on content and early bird rates for summit tickets.
Warm regards.