End of OAIC makes privacy, information-management enforcement “messier”: Noonan

The disbanding of the Office of the Australian Information Commissioner (OAIC) in the government's recently delivered budget may compromise the ability to effectively enforce tougher Australian privacy laws introduced in March, one analyst has warned.

Created in November 2010, the OAIC had unified enforcement of privacy legislation, freedom of information (FoI) legislation and information-protection requirements under a single banner unifying operations managed by privacy commissioner Timothy Pilgrim, FoI commissioner James Popple, and Australian Information Commissioner John McMillan.

As part of the Abbott government's push to trim budget expenses, on 1 January 2015 the OAIC will be disbanded and its constituent members reallocated to other departments – privacy in a separate Sydney office, and FoI jointly between the Attorney-General's Department, Administrative Appeals Tribunal and Commonwealth Ombudsman. The OAIC's information policy advice function will be terminated.

While the commissioners lauded the “substantial achievements” of the OAIC in a statement issued after the budget, Ovum research director in Ovum's Australian government practice Kevin Noonan believes the government's decision to split the OAIC's functions “makes things messier”.

“On the face of it, it looks like a change for the worse,” he told CSO Australia. “Privacy is an issue, and particularly for government. And while a lot of people are quite happily trading their privacy and rights for real or perceived benefits such as loyalty cards and the like, the government needs to be doing the right thing.”

Splitting the government's information-governance capabilities ran contrary to its overall efforts to consolidate and simplify government, Noonan added.

“At a time when we're looking to consolidate functions in other areas of government, it appeas to be going in the opposite direction.”

The OAIC decision was part of a budget that was far less focused on information security than the previous government's 2013-14 budget, which saw it combine functions to create the Canberra-based Australian Cyber Security Centre.

That organisation was designed to unify cybersecurity defence initiatives across a range of government agencies including the Australian Signals Directorate, Attorney-General's Department's Computer Emergency Response Team (CERT) Australia, Australian Federal Police, and Australian Crime Commision.

“The previous budget did quite a lot in the area of security,” Noonan said, noting that the new government's 2014-5 budget was “neither here nor there” when it came to information security and IT in general. “It's a missed opportunity.”

The most significant other information-security initiatives in the 2014-15 budget were the creation of the Children's e-Safety Commissioner; the development of community and youth-focused online safety initiatives to educate users about online safety; the introduction of certified online safety programs in primary schools; and advice on cybersecurity initiatives targeted at informing Australian consumers and small businesses about the risks of financial loss and the loss of personal information online.

This article is brought to you by Enex TestLab, content directors for CSO Australia.

Tags privacycertAttorney-General's DepartmentAFP (Australian federal police)OAICAustralian privacy laws

Show Comments