The role of the Office of the Privacy Commissioner in telecommunications Andrew Solomon Director, Policy.

Slides:



Advertisements
Similar presentations
Institutional Telecomms and Computer Network Monitoring Andrew Charlesworth University of Bristol 10 June 2002.
Advertisements

Data Protection Information Management / Jody McKenzie.
CHARTERED SECRETARIES AUSTRALIA New Privacy Laws 6 June 2013.
The Problem Solvers TM Privacy Rights: Minors and Parents Michael J. Hewitt Marcel Daigle Singleton Urquhart LLP.
The Data Protection (Jersey) Law 2005.
Supporting and Protecting Adults From Harm Community Planning Board 10 th November 2011 Wendy Hinnie.
Data-Sharing and Governance Consultation ANALYSIS OF RESPONSES.
PRIVACY COMPLIANCE An Introduction to Privacy Privacy Training.
The Australian Privacy Principles Protecting information rights –­ advancing information policy.
CSE2500 Systems Security and Privacy Week 11 Privacy Law in Australia (after 2000)
Information Systems Unit 3 – Outcome 3 Legal Obligations of Programmers Student Lecture.
6/1/2015MINISTRY OF ENERGY, COMMUNICATIONS AND MULTIMEDIA 1 PRESENTATION OF PERSONAL DATA PROTECTION BILL PRESENTATION OF PERSONAL DATA PROTECTION BILL.
Hong Kong Privacy Code on Human Resource Management
Data Protection and Records Management
The Australian telecommunications access regime Presentation to ACMA International Training program 2006 Michael Eady Communications Group Compliance and.
Managing Personal Information - Australian Companies Outsourcing to India and the Philippines Professor Margaret Jackson and Marita Shelly.
Introduction to the APPs and the OAIC’s regulatory approach Presented by: Este Darin-Cooper Director, Regulation and Strategy May 2015.
Taking Steps to Protect Privacy A presentation to Hamilton-area Physiotherapy Managers by Bob Spence Communications Co-ordinator Office of the Ontario.
Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.
Protecting information rights –­ advancing information policy Privacy law reform for APP entities (organisations)
The ICO and the DPA Ken Macdonald Assistant Commissioner Information Commissioner’s Office ScotStat Public Sector Analysts Network 30 th September 2010.
1 OVERVIEW PRESENTATION FREEDOM OF INFORMATION (SCOTLAND) ACT 2002.
First steps for a data protection commissioner: Some suggestions from New Zealand Katrine Evans Assistant Commissioner (Legal and Policy) Kuala Lumpur,
Documentation: The legal aspects Maternal and Child Health Conference 5 February 2010 Your speakers: Joanne Kummrow Daniel Perkins.
13 July 2006Susan Joseph Health Privacy It’s My Business Health Records Act 2001 (Vic) eReferral Service Co-ordination System.
Privacy Law for Network Administrators Steven Penney Faculty of Law University of New Brunswick.
HIPAA PRIVACY AND SECURITY AWARENESS.
1 Freedom of Information (Scotland) Act 2002 A strategic view.
Protecting information rights –­ advancing information policy The Australian Privacy Principles.
1 Office of the Privacy Commissioner for Personal Data Hong Kong SAR Tony LAM Deputy Privacy Commissioner for Personal Data Asian Personal Data Privacy.
The European influence on privacy law and practice Nigel Waters, Pacific Privacy Consulting International Dimension of E-commerce and Cyberspace Regulation.
Part 6 – Special Legal Rights and Relationships Chapter 35 – Privacy Law Prepared by Michael Bozzo, Mohawk College © 2015 McGraw-Hill Ryerson Limited 34-1.
Managing Risks Associated With Privacy Alison Baker- Senior Associate Hall & Wilcox 24 November
“What’s Ethics Got To Do With It” Presentation to the Canberra Evaluation Forum Gary Kent Head Governance Australian Institute of Health and Welfare.
Data Protection Act AS Module Heathcote Ch. 12.
FAQs about the new regulatory framework Lucy Rhodes
TAIEX Multi beneficiary Workshop on Data Protection and the Internet - New Challenges, June 2013, Zagreb TAIEX Multi beneficiary Workshop on Data.
The Data Protection Act What Data is Held on Individuals? By institutions: –Criminal information, –Educational information; –Medical Information;
Regulatory Transparency and Efficiency in the Communications Industry in Australia Jennifer Bryant Office of Regulation Review Australia.
Do Not Call Register scheme Peter Sutton Manager Do Not Call Taskforce International Training Program 12 September 2006.
Barry’s Buzz Items of interest affecting Local Government Revenue Management.
1 Office of the Privacy Commissioner for Personal Data Hong Kong SAR Tony LAM Deputy Privacy Commissioner for Personal Data Briefing to Asian Data Privacy.
Privacy in the Workplace Roland Hassall, Partner Date: 12 November 2015.
INTRODUCTION TO DATA PROTECTION An overview of the Irish Data Protection legislation.
An Introduction to the Privacy Act Privacy Act 1993 Promotes and protects individual privacy Is concerned with the privacy of information about people.
Human Rights Act, Privacy in the context of auditing Phil Huggins Chief Technologist, IRM PLC
Sharing Information (FERPA) FY07 REMS Initial Grantee Meeting December 5, 2007, San Diego, CA U.S. Department of Education, Office of Safe and Drug-Free.
Presentation to the Local Authorities Revenue Management Association – October 2012 The role of the Office of the Information Commissioner.
Information Security TechLink Seminar, 17 April 2013 James Knapton, Information Compliance Officer, Registrary’s Office.
Introduction to the Australian Privacy Principles & the OAIC’s regulatory approach Privacy Awareness Week 2016.
Federal Privacy Law Coverage and new requirements CLCNSW presentation 20 May 2014 Patrick Fair Partner Baker & McKenzie.
Data protection—training materials [Name and details of speaker]
Understanding Privacy An Overview of our Responsibilities.
2011 Annual May Workshop The Australian Privacy Law Reform Project: a snapshot Karin Clark 4 May 2011.
Understanding Privacy An Overview of our Responsibilities.
Nassau Association of School Technologists
Surveillance around the world
CASL Agenda CASL 101 Complaints Enforcement Actions: CRTC
Director, Regulation and Strategy
(Portfolio Committee on Justice and Correctional Services)
Privacy principles Individual written policies
Regulatory Transparency and Efficiency in the Communications Industry in Australia Jennifer Bryant Office of Regulation Review Australia.
General Data Protection Regulations: what you really need to know
APP entities (organisations)
Data Protection Legislation
Notifiable data breaches Roundtable
GENERAL DATA PROTECTION REGULATION (GDPR)
Move this to online module slides 11-56
Employee Privacy and Privacy of Employee Information
On the Cutting Edge – Update on Privacy Legislation
Presentation transcript:

The role of the Office of the Privacy Commissioner in telecommunications Andrew Solomon Director, Policy

Presentation What is privacy? The role of the Office –Our legislation –Complaint handling –Policy advice –Promotion and Education Privacy and telecommunications regulation

What is privacy? Privacy can be divided into four separate but related concepts: Information privacy – involving rules for the handling of personal data Bodily privacy – protection of our physical selves against invasive procedures Privacy of communications – security and privacy of mail, telephones etc Territorial privacy – setting limits on intrusions into domestic and other environments. David Banisar, Electronic Privacy Information Centre,

Our legislation covers… Australian Government agencies Private sector: –annual turnover > $3m –trade in personal information –health service provider –contracted service provider for a Commonwealth contract Credit reporting Some other areas eg; ACT agencies, TFN

The National Privacy Principles The Privacy Act 1988 relates to information privacy. The National Privacy Principles apply to certain private sector organisations. In relation to personal information the principles cover: 1.Collection 2.Use and disclosure 3.Data quality 4.Data security 5.Openness

The National Privacy Principles 6.Access and correction 7.Identifiers (Australian Government) 8.Anonymity 9.Transborder flows of data (overseas) 10.Sensitive information

Complaint handling Our complaint handling approach emphasises: Resolution between organisation and individual where possible and Investigation and conciliation where complaints are made to the Privacy Commissioner

Complaint handling Typical outcomes following conciliation include: apologies access provided and/or records amended change in practice or procedure staff training and monetary or other compensation to redress actual loss or damage

Complaint handling Powers supporting complaints process include: make enquiries of third parties enter premises (with consent or warrant) require the production of information or documents undertake own motion investigations Apply to a court to enforce decisions made by Commissioner

Policy advice Our policy team: provides guidance and advice to Australian Government agencies and private sector organisations on privacy issues; examines and makes submissions on proposed legislation that may have privacy implications; and monitors technological and social developments that affect individual privacy.

Promotion and education Our public affairs team: “promotes an Australian culture that respects privacy” educates individuals and organisations of their rights and obligations manages media relations manages Privacy Contact Officer network

Privacy & telecommunications Is regulated by: National Privacy Principles, Privacy Act 1988 Telecommunications Act 1997 Telecommunications (Interception and Access) Act 1979 Spam Act 2003 Do Not Call Register Act 2006 Communications Alliance Codes (formerly ACIF) OPC 2005 Review of the private sector provisions: –Privacy Commissioner recommended greater consistency in privacy regulation

Privacy Act and Telco Act Acts taken to be authorised by law for purposes of Privacy Act s. 303B –If a disclosure or use of customer information is permitted by an exception in Part 13 of the Telco Act, then it is “authorised by law” for the purposes of NPP 2.

Responsibilities under Telco Act Registration of Industry Codes –Part 6 s. 117(1)(j): –ACMA must be satisfied that the Privacy Commissioner has been consulted about the development of the code, if privacy matters are relevant s. 117(1)(k): –ACMA must believe that the Privacy Commissioner is satisfied with the code, if the code deals with NPP matters

Responsibilities under Telco Act ACMA requesting codes s. 118(4A) –ACMA must consult the Privacy Commissioner before making a request for the development of an industry code that deals with NPP issues

Responsibilities under Telco Act Directions about compliance with industry codes s. 121 –ACMA must consult the Privacy Commissioner before directing a person to comply with an industry code, if NPP issues are relevant. Formal warnings—breach of industry codes s. 122 –ACMA must consult the Privacy Commissioner before issuing a formal warning about breaching of a code, if NPP issues are relevant

Responsibilities under Telco Act Consultation with the Privacy Commissioner on Industry Standards s. 134 –Before determining, varying or revoking an industry standard, ACMA must consult the Privacy Commissioner, if privacy issues are relevant (e.g. IPND industry standard)

Responsibilities under Telco Act Law enforcement and protection of public revenue s. 282 –ACMA must consult the Privacy Commissioner before determining requirements that law enforcement agencies must follow when certifying that a disclosure of customer information is reasonably necessary

Responsibilities under Telco Act Monitoring by the Privacy Commissioner s. 309 –Division 5 of Part 13 requires telecommunications companies to keep records of customer information that is released to law enforcement agencies under certain conditions Privacy Commissioner has the function of monitoring compliance with Division 5 through conducting audits of these records

2005 Review Recommendations Telecommunications –Clarify relationship between Telco Act, Spam Act and Privacy Act Recommendations 8, 10, 11 Further guidance Legislative amendment? –ISPs and directory producers covered Recommendation 9 Small business operator exemption? Regulations under s. 6E of the Privacy Act –Consider options for a Do Not Contact register Do Not Call Register now being implemented

Review Recommendations –Technological developments – internet, data- mining, biometrics etc –Support for technological neutrality –But some possible gaps identified eg VoIP, GPS, Mcommerce, spyware? Australian Law Reform Commission privacy review likely to pursue these areas.

Recent Telecommunications Submissions Inquiry into the provisions of the Do Not Call Register Bill 2006 and the Do Not Call Register (Consequential Amendments) Bill 2006; (June 2006) Inquiry into the provisions of the Telecommunications (Interception) Amendment Bill 2006; (March 2006) Review of the Spam Act 2003; (February 2006) Introduction of a Do Not Call Register, Possible Australian Model: Discussion Paper (December 2005) Telecommunications (Use of Integrated Public Number Database) Draft Industry Standard 2005 (August 2005)

More information Visit our website: Call our hotline: Join our Privacy Connections NetworkPrivacy Connections Network

The role of the Office of the Privacy Commissioner in telecommunications Andrew Solomon Director of Policy