Privacy and data matching continue to be major issues for governments, State and Federal, in 2017.
When the Office of the Australian Information Commissioner (OAIC) released its survey into public attitudes towards privacy as part of Privacy Awareness Week in May this year, the results were interesting. The community was asked how trustworthy they considered 14 different types of organisations. The highest levels of trust were recorded for:
- health service providers (79%)
- financial institutions (59%)
- state and federal government departments (both 58%).
The industries with the lowest levels of trust include social media (12%) and e-commerce (19%).
Given that individuals can choose not to deal with commercial entities but generally have no choice with government departments, this result is disappointing.
Governments however do score better on data sharing: 33% of people are comfortable with the idea of agencies sharing data while 49% are uncomfortable. These results are better than the private sector figures where only 10% of people are comfortable with businesses sharing their personal information, while 79% are uncomfortable.
This is also relevant in that the OAIC announced, as part of Privacy Awareness Week, that it would be developing an Australian Public Service Privacy Code. The Code is intended to be operational from 1 July 2018 and to assist government in balancing the requirements of privacy protection and supporting data innovation and the use of big data to obtain benefits for the public. It is proposed that the Code will be developed in close collaboration with the Australian Public Service and the OAIC.
The issues in big data usage, open data policy and using data for innovative purposes will continue to be topical as this new code of practice is developed and implemented.
This is not surprising given some of the recent issues that have arisen out of the Department of Human Services (DHS) in relation to the Centrelink robo-debt issues and the findings that there had been major frauds within the family day care system. The Minister for Human Services announced recently that a significant expansion of activity into data matching was being undertaken to ensure the integrity of the DHS data matching system and to minimise the cases of fraud.
It is clear that in 2017 mere compliance with the Privacy and Personal Information Protection Act 1998 is not enough to meet community expectations around the collection, use and disclosure of personal information. If agencies want to acquire the social licence to use data to its full potential then they will need to take steps to increase trust and transparency. In the commonwealth sphere the new APS Privacy Code is a solid foundation for this.