NSW introduces a mandatory data breach notification scheme
Last week, as part of Privacy Awareness Week, the NSW Privacy Commissioner announced a Mandatory Notification Data Breach scheme (MNDB scheme).
On Friday, the draft legislation to implement this was released for consultation. The MNDB scheme follows closely the Commonwealth Notifiable Data Breach (NDB) scheme, as has been informed by the experience of the NDB over the last two years, with both seeking to address breaches likely to result in serious harm. The MNDB will apply to all NSW government agencies and departments, local councils and some universities.
The amendments also extend the operation of the Privacy and Personal Information Protection Act 1998 to seven of the eight state-owned corporations in NSW.
NSW currently has a voluntary regime for notification and the MNDB scheme will provide individuals with certainty that they will receive timely notification if a breach is likely to cause serious harm.
The new legislation also gives the NSW Privacy Commissioner wide investigation and enforcement powers in relation to the MNDB scheme which will be monitored by the NSW Privacy Commissioner.
While the legislation is in the consultation phase, if passed it will commence 12 months later to allow parties sufficient time to prepare appropriate systems and processes to comply with the MNDB scheme’s requirements.
The report of the NSW Auditor-General into the Service NSW data breach in 2020 made a number of recommendations on breach handling that many agencies would now be well advised to consider in relation to their own existing processes. You can listen to our discussion on this case study here.
In the media
Have your say on NSW privacy laws NSW is set to become the first Australian state or territory to introduce a mandatory notification of data breach scheme to create new standards of accountability and transparency to protect personal information (07 May 2021). More...
The NSW Privacy Commissioner welcomes proposed Mandatory Notification Data Breach scheme The Privacy Commissioner, Samantha Gavel, welcomes the decision by the NSW Government to introduce a Mandatory Notification Data Breach scheme for NSW government agencies, which includes government departments, public universities and local councils (07 April 2021). More...
Law Council calls for expanded oversight by IGIS and PJCIS The Law Council recommends that the PJCIS accept the recommendation from the IIR in full regarding expanding the oversight functions of the Inspector-General of Intelligence and Security and the PJCIS to cover all 10 Commonwealth agencies which collectively comprise the National Intelligence Community (06 May 2021). More...
Australian government ban on overseas travel during pandemic violates rights, Federal Court hears The Commonwealth government's ban on citizens travelling overseas infringes on the fundamental rights of Australians, the Federal Court has heard. The Australian government has used the Biosecurity Act to prevent citizens from travelling overseas without an exemption (06 May 2021). More...
No place for secret trials in Australia The Human Rights Law Centre has called for new legal safeguards to prevent secret trials following the case of Witness J, an intelligence agent who was prosecuted and jailed in complete secrecy (04 May 2021). More...
IP Australia releases 110 years of data IP Australia has released the latest edition of its Intellectual Property Government Open Data (IPGOD2021), a publicly available data set that includes over 110 years of information on IP rights applications. IP Australia’s IPGOD2021 can be downloaded here (03 May 2021). More...
Make privacy a priority this Privacy Awareness Week Privacy Awareness Week, is an important reminder for organisations and individuals to protect personal information. This year, the OAIC is calling on the Australian community to 'Make privacy a priority’ in their professional and personal lives (03 May 2021). More...
Judicial impartiality consultation paper released The ALRC has released a consultation paper for the review of judicial impartiality, and is calling for submissions on its questions and reform proposals. In Australia, judicial independence and impartiality are seen as fundamental to the common law system of adversarial trial, to the exercise of judicial power under the Australian Constitution, and to upholding public confidence in the administration of justice (30 April 2021). More...
Expanded remand centre biggest in Australia Australia’s largest remand centre will now hold up to 1,540 inmates, following the official opening of the 440-bed expansion in NSW by Minister for Counter Terrorism and Corrections Anthony Roberts (30 April 2021). More...
Commonwealth Ombudsman report into the AFP’s use and administration of telecommunications data powers The Commonwealth Ombudsman, has released a report on his investigation into the AFP’s use and administration of telecommunications data powers. The investigation was launched in response to a disclosure the AFP made to the Ombudsman that it had identified compliance issues affecting ACT Policing’s handling of requests for a certain type of telecommunications data (LBS) (28 April 2021). More...
Prosecution of Richard Boyle highlights urgent need for whistleblower reform The Human Rights Law Centre has criticised the Commonwealth Director of Public Prosecutions’ decision not to drop the prosecution of whistleblower Richard Boyle, saying that the ongoing saga shows the need to urgently overhaul Australia’s whistleblower protection laws (29 April 2021). More...
In practice and courts
Law Council update The Law Council produces a fortnightly newsletter which highlights the Law Council's important activities and advocacy. View the latest edition here.
AAT Bulletin The AAT Bulletin is a weekly publication containing a list of recent AAT decisions and information relating to appeals against AAT decisions. Read issue no. 9/2021, 3 May 2021, here.
OAIC: The importance of privacy by design in the sharing of health data for domestic or international travel requirements The Global Privacy Assembly Executive Committee has published a joint statement on the importance of privacy by design in the sharing of health data for domestic or international travel requirements during the COVID-19 pandemic. Read more here.
National Health (Privacy) Rules 2018 review The closing date for submissions is 4 June 2021. Click here to read more.
Consultation on Data-Matching Program Guidelines In May 2021, a public consultation process on the Data-Matching Program (Assistance and Tax) Guidelines 1994 (the Guidelines) started to ensure they are fit for purpose. The current Guidelines sunset on 1 October 2021. The closing date for comments is 19 May 2021. Learn more here.
IC review direction for applicants The closing date for comments is 12 May 2021. Read more here.
OAIC: Our FOI disclosure log The information described in our disclosure log has been released by the OAIC under the Freedom of Information Act 1982. Updated 12 April 2021. Click here to read more.
CDPP launches new Partner Agency Portal The CDPP has launched a new Partner Agency Portal, giving investigators from partner agencies easy and timely access to information. Learn more here.
Regulator performance guide for consultation The guide will empower regulators to demonstrate and report on best practice performance that is in line with the Government’s expectations and supports investment and growth. Submissions open until 21 May 2021. Read more here.
ANAO consultations Due to table: May 2021. Open for contribution: Administration of the National Bushfire Recovery Agency. The objective of this audit is to assess the effectiveness of the National Bushfire Recovery Agency and its administration of the National Bushfire Recovery Fund. Due to table: May, 2021. Open for contribution: Australian National University’s Governance and Control Frameworks. The objective of this audit is to examine the effectiveness of the Australian National University’s governance and control frameworks.
Finance and Public Administration Legislation Committee Data Availability and Transparency Bill 2020 [Provisions] and Data Availability and Transparency (Consequential Amendments) Bill 2020 [Provisions]. Read the report here. Operation and management of the Department of Parliamentary Services. On 22 February 2021, the reporting date was extended to 19 May 2021.
Legal and Constitutional Affairs Legislation Committee Judges’ Pensions Amendment (Pension Not Payable for Misconduct) Bill 2020. On 18 March 2021, the Senate granted an extension of time for reporting until 20 May 2021.
Consultation: Privacy and Personal Information Protection Amendment Bill 2021 [Draft] If passed, this Bill will introduce a scheme that will ensure greater openness and accountability in relation to the handling of personal information held by NSW public sector agencies. Public submissions can now be made until 18 June here. Click here to learn more.
Statutory Review of majority verdicts amendments The NSW Department of Communities and Justice is reviewing the operation of the amendments made to the Jury Act 1977 by the Jury Amendment (Verdicts) Act 2006 to determine whether the policy objectives of those amendments remain valid and whether the terms of the amendments remain appropriate for securing those objectives. Submissions close on 14 May 2021. Learn more here.
Supreme Court (Criminal Appeal) Rules 2021 The Supreme Court (Criminal Appeal) Rules 2021 provide for the practice and procedure in the Court of Criminal Appeal, repeal the Criminal Appeal Rules and commenced on 1 May 2021.
Court of Appeal: 2020 year in review The document will provide a valuable resource for judges, practitioners, litigants, academics and students, and that a similar document will be published on an annual as well as consolidated basis. The publication will be available on the Court of Appeal website and can be accessed here.
Artificial Intelligence (AI) The NSW Government believes that the NSW Government can use AI to benefit the community and is taking actions to ensure that AI is used safely, ethically and effectively. We have an AI Strategy that outlines our vision for the use of AI, and ensures transparency, fairness and accountability. Have your say until 31 December 2021 here.
Review of Model Defamation Provisions Attorneys General is seeking feedback on a discussion paper for the stage two review of the Model Defamation Provisions. Have your say by 19 May 2021 here.
NSW Law Society: Applications open for the Access to Justice Innovation Fund The $1 million fund from the State Government supports innovative ideas to improve or enhance access to justice in NSW. Grants of between $50,000 and $250,000 are available for low cost, high impact projects that make a difference for those who need it most. Applicants will be advised of the outcome of their application by late May 2021. Find out more here.
Extension of strata and community lands COVID-19 regulations Regulations were published on 12 November 2020 which extend the COVID-19 measures as previously provided for strata and community lands to 13 May 2021. The measures include alternative means of holding meetings and execution of documents by an owners corporation or community association. See Community Land Management Amendment (COVID-19) Regulation (No 2) 2020 and Strata Schemes Management Amendment (COVID-19) Regulation (No 2) 2020.
Public inquiry into corruption allegation concerning former RMS employees The NSW ICAC held a public inquiry starting on Monday 10 May 2021 as part of an investigation it is conducting concerning former Roads and Maritime Services employees Alexandre Dubois and Craig Steyn (Operation Paragon). Click here to read more.
ICAC: Prosecution briefs with the DPP and outcomes The tables on this page each provide information on prosecution briefs that are currently with the Director of Public Prosecutions (DPP), and the outcomes of DPP advice and prosecutions. Last updated 4 May 2021.
Published – articles, papers, reports
Change the routine: Report on the independent review into gymnastics in Australia (2021) Australian Human Rights Commission: 03 May 2021. The Commission has made five overarching key findings and 12 recommendations. The Review included a high-level review of relevant corporate policies, protocols and governance structures at all levels of the sport, on a range of relevant areas including, sport governance and eating disorders. The final report is available on the Commission website. Read more here.
Australian Federal Police’s (AFP) use and administration of telecommunications data powers 2010 to 2020 Commonwealth Ombudsman: 28 April 2021. The investigation identified that many of the authorisations made by ACT Policing for LBS were not properly authorised or reported to the Ombudsman or the relevant Commonwealth Minister. The report makes eight recommendations to assist the AFP in addressing these issues and implementing processes to prevent recurrence of similar issues. The report can be found here.
Indigenous Business Australia’s business support and investment activities ANAO Report No 36: 07 May 2021. The objective of this audit was to assess the effectiveness and efficiency of Indigenous Business Australia’s management of its business support and investment activities. Read more here.
Implementation of the Great Barrier Reef Foundation partnership ANAO Report No 35: 05 May 2021. The objective of the audit was to examine whether the design and early delivery of the Australian Government's $443.3 million partnership with the Great Barrier Reef Foundation has been effective. Read more here.
PGPA newsletter 67 Published 06 May 2021. Changes to the flipchart – digital first approach – digital annual reporting tool – technical accounting policy and guidance update – RMG 116 and 125 – review of the Commonwealth Risk Management Policy. Comcover education – launch of consultation for regulation performance guide. Click here to find out more.
KPTT v Commissioner of Taxation  FCA 464PRACTICE AND PROCEDURE – whether identity of applicant should be suppressed – Court’s power to make suppression and non-publication orders – whether suppression orders necessary to prevent prejudice to the proper administration of justice. Administrative Appeals Tribunal Act 1975 (Cth) – Administrative Decisions (Judicial Review) Act 1977 (Cth) – Federal Court of Australia Act 1976 (Cth) – Judiciary Act 1903 (Cth).
Dring v Telstra Corporation Ltd  FCAFC 50COMPENSATION – claimant falls on wet floor – whether injury arising in course of employment – injury suffered during period of stay at hotel – place at which injury occurred – injury not connected to employment. ADMINISTRATIVE LAW – appeal from Administrative Appeals Tribunal – question of law. Administrative Appeals Tribunal Act 1975 (Cth) s 44 – Safety, Rehabilitation and Compensation Act 1988 (Cth) ss 5A, 14 – Workers Compensation Act 1987 (NSW) s 4.
SDCV v Director-General of Security  FCAFC 51CONSTITUTIONAL LAW – judicial power of the Commonwealth – challenge to the constitutional validity of s 46(2) of the Administrative Appeals Tribunal Act 1975 (Cth) (AAT Act) – whether s 46(2) of the AAT Act requires the Court to act in a manner that is procedurally unfair – where the applicant appeals on a question of law – where s 46(2) of the AAT Act is to be read in the context of the legislative regime as a whole – whether a practical injustice results – held: s 46(2) of the AAT Act is valid. ADMINISTRATIVE LAW – appeal from a decision of the Administrative Appeals Tribunal to affirm an adverse security assessment (ASA) – where ASA determined that the applicant supported politically motivated violence and the Islamic State of Iraq and the Levant – where ASA determined that the applicant employed communications security tradecraft practices while engaging with individuals of security concern – where both open and closed evidence, submissions and reasons furnished which the applicant was prohibited from knowing or considering – held: the Tribunal did not apply an incorrect construction of phrase “directly or indirectly a risk to security” within the meaning of s 4 of the Australian Security Intelligence Organisation Act 1979 (Cth) – obligation to give reasons under s 43(2) of the AAT Act still applied where a direction under s 43AAA(5) of the AAT Act was in force but could not be read to require closed reasons to be produced – the Tribunal did not err by way of failure to make findings in concluding that the open evidence alone could not lead to a conclusion on whether the ASA was justified and in not making any positive findings on that evidence – there was no denial of procedural fairness by way of a failure to give the applicant sufficient information to make meaningful submissions as the applicant was able to answer the proposition put to him – there was no denial of procedural fairness having regard to the legislative context – it was open to the Tribunal to reach the decision based on the open and closed evidence – application dismissed.
Cambridge; Chief Executive Officer, Services Australia and (Freedom of information)  AATA 1142FREEDOM OF INFORMATION – whether practical refusal reason exists – majority of documents that are the subject of the request already provided under administrative access arrangements – processing the FOI request would substantially divert resources of Services Australia from its other operations – diversion of resources for 88.5 hours to provide documents that have already been provided is unreasonable – reviewable decision set aside and substituted.
'XB' and Cancer Australia (Freedom of information)  AICmr 15FREEDOM OF INFORMATION – amendment and annotation of personal records – whether the records are incorrect – whether the records should be amended – (CTH) Freedom of Information Act 1982, ss 48, 50, 51, 51A and 55D.
Burnett (on behalf of Burnett) v Secretary, Department of Communities and Justice  NSWCATAD 114ADMINISTRATIVE LAW – freedom of information – access to information – ground for refusing access – Government Information (Public Access) Act 2009 (NSW), items 1(g), 1(h), 4(c) and 4(d) of table to section 14 – public interest considerations against disclosure – unable to establish nominated effects reasonably expected to occur – confidential and copyright materials.
Kids Belong Family Daycare Pty Ltd v Department of Education  NSWCATAD 112ADMINISTRATIVE LAW – education and care services – cancellation of the applicant’s provider approval on the ground of: (a) the applicant having breached a condition of its provider approval and (b) the continued provision of education and care services of the applicant would constitute an unacceptable risk to the safety of any child or class of children being educated and cared for by the approved education and care service of the applicant – whether in the circumstances it was more appropriate to suspend the applicant’s provider approval.
Early Childhood Education Australia Pty Ltd v Secretary, Department of Education  NSWCATAD 28ADMINISTRATIVE LAW – education and care services national law – review of decision to cancel provider approval – fit and proper person – breach of approval condition – alternative measures available to the decision maker – new approval conditions imposed.
Bettington v Commissioner of Police  NSWCATAP 110APPEAL – where party has appealed from interlocutory decisions of the Tribunal relating to non-disclosure, non-publication and exclusion of a party and their legal representative from confidential hearing – whether leave should be granted to appeal from interlocutory decisions. STATUTORY INTERPRETATION – meaning of s 49 and s 64 of the Civil and Administrative Tribunal Act 2013 and s 59 of the Administrative Decisions Review Act 1997.
Commissioner of the Australian Federal Police v Ortmann  NSWSC 451PRIVATE INTERNATIONAL LAW – application for registration of foreign forfeiture order made in the US – whether registration would be contrary to the interests of justice within the meaning of s 34A of the Mutual Assistance in Criminal Matters Act 1987 (Cth).
Elias v Commissioner for Fair Trading  NSWCATAD 111ADMINISTRATIVE REVIEW – home building – application for contractor licence – qualification and experience requirements set out in an instrument issued by the respondent – whether the applicant meets the terms of the instrument, read as a policy – whether the Tribunal is satisfied that the applicant has the requisite experience to be a builder – whether supervised in the doing of the work – remuneration requirement.
McEwan v Port Stephens Council  NSWCATAD 110ADMINISTRATIVE REVIEW – government information (public access) – scope of access application – secondary employment register – pecuniary interests register – public interest considerations in favour of disclosure – public interest considerations against disclosure – open access information – personal information – secrecy provisions.
DVT v Commissioner of Police  NSWCATAD 108ADMINISTRATIVE LAW – privacy – request for access to personal information under s14 PPIP Act/IPP 7 – what constitutes excessive delay in the circumstances – inability to unilaterally withdraw an undertaking.
Yelda v Sydney Water Corporation; Yelda v Vitality Works Australia Pty Ltd  NSWCATAD 107HUMAN RIGHTS – anti-discrimination – damages arising out of found sexual harassment claim – appropriate award of damages for hurt feelings, psychological injury and past economic loss.
Day v SAS Trustee Corporation  NSWCA 71ADMINISTRATIVE LAW – constructive failure to exercise jurisdiction – where appellant alleges primary judge failed to address “substantial, clearly articulated” arguments – whether arguments based on “established facts” – whether primary judge’s approach raised those arguments for separate determination. EMPLOYMENT AND INDUSTRIAL LAW – public sector – police – Police Regulation (Superannuation) Act 1906 (NSW), s 10B(2) – where primary judge found appellant incapacitated by transient condition for short period at time of resignation from police force – whether it follows that appellant incapable from infirmity of body or mind of exercising the functions of a police officer at that time – meaning of “infirmity” in Police Regulation (Superannuation) Act.
Freeman v Sydney Local Health District  NSWSC 423ADMINISTRATIVE LAW – judicial review – review committee under Health Services Act 1997 (NSW) determined no jurisdiction – jurisdictional error – also error of law on the face of the record – failure to exercise duty and jurisdiction – statutory construction – meaning of “re-appoint” – whether “position” was of the same kind. STATUTORY INTERPRETATION – Health Services Act 1997 (NSW) – plain and grammatical meaning – legislative intention – use of second reading speech – appeal against decision “not to re-appoint” – whether the subsequent position was “of the same kind” – whether re-appointment.
Black v Hunter New England Local Health District  NSWCATAP 105GOVERNMENT INFORMATION – refusal by agency to deal with application – sec 60(1)(b) Government Information (Public Access) Act 2009 – same information previously requested and refused – Tribunal held no reasonable belief that a different decision would be made – no question of law on appeal – leave to appeal refused.
Public Governance, Performance and Accountability Amendment (National Recovery and Resilience Agency Rules 202105 May 2021 – this instrument amends the Public Governance, Performance and Accountability Rule 2014 to rename the National Drought and North Queensland Flood Response and Recovery Agency and to amend and expand the purposes of the listed entity.
Biosecurity (Human Biosecurity Emergency) (Human Coronavirus with Pandemic Potential) (Emergency Requirements – High Risk Country Travel Pause) Determination 202101 May 2021 – this instrument requires passengers on a relevant international flight not to enter Australian territory at a landing place if the person has been in India within 14 days of the day the flight was scheduled to commence.
Proclamations commencing Acts Justice Legislation Amendment Act (No 2) 2019 No 20 (2021–195) – published LW 30 April 2021.
Regulations and other miscellaneous instruments Coal Mine Subsidence Compensation Amendment (Contributions) Regulation 2021 (2021–210) – published LW 7 May 2021. Coroners Regulation 2021 (2021– 211) – published LW 7 May 2021. Uniform Civil Procedure (Amendment No 95) Rule 2021 (2021–212) – published LW 7 May 2021. Supreme Court (Criminal Appeal) Rules 2021 (2021–194) – published LW 27 April 2021.
Bills introduced – Government – 7 May 2021 Payroll Tax Amendment (Jobs Plus) Bill 2021 Statute Law (Miscellaneous Provisions) Bill 2021 Tax Administration Amendment (Combating Wage Theft) Bill 2021