Editor's note: The IAPP is policy neutral. We publish contributed opinion and analysis pieces to enable our members to hear a broad spectrum of views in our domains.
As I write this, I'm packing and preparing to head to Singapore for IAPP Asia 2025: Privacy Forum + AI Governance Global. This will be my second time joining this incredible group of diverse and talented members and guests. I'm really looking forward to reconnecting with colleagues from across the global IAPP team and reuniting with so many members I met last year.
This year's program has been enhanced by the addition of a dedicated AI governance stream, giving members a double dose of content and community across both privacy and AI governance. As I shiver in wintery chill of Sydney, Australia, I'm looking forward to the warmth and humidity to come and the hospitality and warm nature of the IAPP member community in the Asia-Pacific region.
It was only a few weeks ago that the ANZ region marked Privacy Awareness Week in Australia. I was pleased to support this initiative in partnership with the Office of the Australian Information Commissioner in hosting a launch event with more than 700 attendees who heard Privacy Commissioner Carly Kind's update on the activities and priorities of the office.
Of special note was the announcement of a Privacy Foundations self-assessment tool. The OAIC noted, "Having good privacy practices in your business or organisation brings many benefits, including building consumer trust and confidence that you are handling personal information safely and securely. The OAIC's Privacy Foundations tool has been designed for businesses who want to embed a culture of privacy, and who want to establish or improve privacy practices, procedures and systems."
Australian professionals were reminded this week of the importance of their work following a major data breach of the Qantas airline. The company communicated with the market swiftly, stating, "Qantas can confirm that a cyber incident has occurred in one of its contact centres, impacting customer data. The system is now contained. … We are continuing to investigate the proportion of the data that has been stolen, though we expect it will be significant. An initial review has confirmed the data includes some customers' names, email addresses, phone numbers, birth dates and frequent flyer numbers. Importantly, credit card details, personal financial information and passport details are not held in this system."
Striking the right balance between customer trust and safety and bottom-line business outcomes must be one of the most difficult challenges and it falls on privacy, AI governance and digital responsibility professionals to help guide and advise organizations to a better state of maturity. It's important work and we must always look to elevate and educate colleagues across the sector that privacy matters to customers, individuals and society.
Adam Ford is the managing director, Australia, New Zealand, for the IAPP.
This article originally appeared in the Asia-Pacific Dashboard Digest, a free weekly IAPP newsletter. Subscriptions to this and other IAPP newsletters can be found here.