[LINK] Privacy Toolkits

Roger Clarke Roger.Clarke at xamax.com.au
Thu Feb 10 15:02:28 AEDT 2022 

On 10/2/22 2:11 pm, Marghanita da Cruz wrote:
> Would welcome your thoughts on Federal and NSW Privacy Toolkits.
> Councils handle lots of private information and are covered by NSW
> legislation and are effectively a NSW gov agency.
> 
> Australian Gov https://education.oaic.gov.au/privacy-officer-toolkit/
> 
> NSW Gov
> https://www.ipc.nsw.gov.au/privacy/resources-agencies/essential-guidance-toolkit-information-access-and-privacy-fundamentals

Superficial and quick response only sorry Marghanita - in time-trouble.

I'm flicking on your enquiry to my colleagues on the APF Board, because
some of them, unlike me, may actually know what they're talking about.


1.  The toolkits in question have little to do with privacy:
(a)  The Privacy Act (Cth) and the PPIPA (NSW) are both 'data
     protection' laws not privacy laws
(b)  they're based on the long-outdated OECD 1980 model
(c)  they fall well short of reasonable coverage of even that
(d)  such limited protections as they provide are subject to whole
     flotillas of exemptions and exceptions, some in the original,
     others via amendments to the principal Act, many others by
     building overriding authorisations into other statutes

2.  As regards achieving compliance with relevant law, I assume the
documents are reasonable, although whether they're approachable, clear,
weave their way through the awful complexities in a reasonable manner,
reflect the accumulating case-law or are limited to compliance with the
Act as published, etc., I really don't know.

3.  If the intention is to achieve privacy protection *including*
compliance, a broader approach is needed - quite possibly then applying
such a toolkit, within a context, and as a signficant part of, but not
the whole of, the organisational solution.

4.  Advice by a professional in the area is advisable.  One such is Anna
Johnston's Salinger Privacy, at https://www.salingerprivacy.com.au
(Declaration:  Anna's no longer on the APF Board, but she was my
predecessor as Chair 15 years back).


-- 
Roger Clarke                            mailto:Roger.Clarke at xamax.com.au
T: +61 2 6288 6916   http://www.xamax.com.au  http://www.rogerclarke.com

Xamax Consultancy Pty Ltd      78 Sidaway St, Chapman ACT 2611 AUSTRALIA

Visiting Professor in the Faculty of Law            University of N.S.W.
Visiting Professor in Computer Science    Australian National University

More information about the Link mailing list