HomePrivacy

Privacy

The Qantas privacy finding: a positive lesson in third-party oversight

A serious data breach does not automatically mean governance failed. The more important question is whether an organisation can demonstrate that it understood the risks,...

Australia’s Data Breach Risk Has Moved From Cyber Issue to Operating Risk

The OAIC has published new Notifiable Data Breaches statistics for 2025, showing notifications at an all-time high and issuing a new quick reference guide for entities covered by the scheme. This is not a new…

OAIC draws a hard line on tracking pixels and sensitive data

OAIC has confirmed, through two determinations published on 24 June 2026, that Medmate and Monash IVF interfered with privacy by using third-party tracking pixels on health-related websites to collect sensitive information and target advertising. The…

OAIC determination puts insider privacy risk back in the spotlight

The OAIC found an organisation breached APP 11.1 after an employee accessed customer personal information without authorisation. With the Medibank civil penalty case before the Federal Court, OAIC enforcement on internal access controls is active and escalating.

AI Risk Sits Inside the Services You Procure

The recent ABC reporting on VIQ Solutions is a useful case study for any organisation thinking about AI governance, data risk and third-party services. 30...

Australians are losing trust in AI and privacy practices

OAIC has published its 2026 Australian Community Attitudes to Privacy Survey, showing rising privacy concern, very low trust in AI and stronger expectations for transparency, fairness and complaint handling.