Editor's note: The IAPP is policy neutral. We publish contributed opinion and analysis pieces to enable our members to hear a broad spectrum of views in our domains.
There's been no shortage of headlines and commentary related to privacy, artificial intelligence governance and digital responsibility in Australia in recent weeks. Most prominent has been the Office of the Australian Information Commissioner's civil penalty proceedings in the Federal Court against telecommunications company Optus following an investigation into a 2022 data breach.
Australian Privacy Commissioner Carly Kind said the Optus breach "highlights some of the risks associated with external-facing websites and domains, particularly when these interact with internal databases holding personal information, as well as the risks around using third-party providers."
The OAIC's action follows repeated statements on its goal of taking a more active enforcement stance going forward. While members of the IAPP have been well-informed and aware of this for some time now, perhaps many of our colleagues and related entities outside the privacy community are not. As such, it falls to privacy and digital governance professionals — those doing the hard work within organizations, government departments and other entities — to raise the topic, highlight the tangible and very real effects, and discuss the importance of resourcing, supporting and investing in a robust and agile privacy and cybersecurity program.
Another hot topic over recent weeks has been the expected release of the Productivity Commission's interim report on its inquiry into harnessing data and digital technology — the third of five productivity inquiries commissioned by the government.
The emerging debate over the right balance between regulation and innovation is not unique to Australia. It feels like every country, every economy is currently considering this, and with a spectrum of approaches. Several have come out early and actively in support of reducing and removing regulations to stimulate and support innovation and economic windfalls from the development and deployment of AI platforms and technologies.
Others are taking a more considered and thoughtful approach, signaling lessons from the past, that providing guidelines and guardrails through sensible and effective public policy will develop a base of trust and safety among the population and users of AI tools, removing fear and reducing risks and, therefore, leading to higher uptake, higher productivity and better outcomes for both consumers and producers.
However this plays out, these topics will likely be key among attendees at the upcoming IAPP ANZ Summit 2025, which is approaching fast. The IAPP will bring together privacy, AI governance and digital responsibility professionals in Sydney, Australia, 2-3 Dec. to share community and content around these and other relevant and current topics. I can't wait to welcome my colleagues from Aotearoa NZ across the ditch to join us for this important annual gathering.
Adam Ford is the managing director, Australia, New Zealand, for the IAPP.
This article originally appeared in the Asia-Pacific Dashboard Digest, a free weekly IAPP newsletter. Subscriptions to this and other IAPP newsletters can be found here.