Salinger Privacy Director and Principal Anna Johnston, CIPP/E, CIPM, FIP, explored case studies from the Office of the Australian Information Commissioner showing how the regulator decides whether a complaint involves personal information as defined by the Privacy Act 1988. "The point of this legal definition is that if no individual is identifiable from a set of data, then the privacy principles — the backbone of an organisation’s legal obligations — simply won’t apply," Johnston said, using cases involving facial recognition claims against 7-Eleven, Clearview AI and the Australian Federal Police.
21 April 2022
A look at OAIC's personal data determinations
Related stories
Home sweet home or location, location, location: The best place for your company's privacy office
Transparency, good data and documentation: How HR can navigate the EU AI Act
Mind matters: Shaping the future of privacy in the age of neurotechnology
A view from DC: The FTC's next priorities
Notes from the IAPP Canada: CPS25 highlights privacy, AI, cybersecurity evolution
