1 / 12

Professor John McMillan AO Australian Information Commissioner

Balancing open access and privacy protection. Professor John McMillan AO Australian Information Commissioner. Balancing Open Access and Privacy Protection John McMillan Australian Information Commissioner. Access and privacy – a changing context.

gallia
Download Presentation

Professor John McMillan AO Australian Information Commissioner

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Balancing open access and privacy protection Professor John McMillan AOAustralian Information Commissioner

  2. Balancing Open Access and Privacy ProtectionJohn McMillanAustralian Information Commissioner

  3. Access and privacy – a changing context • FOI and access requests now more common, under a reformed Act that embodies a strong presumption of access • Privacy Act strengthened to accord greater importance to privacy protection • Heightened pressure on agencies to share and proactively release data sets of economic and social value • Technology posing new threats to privacy security • OAIC role in striking a balance between those competing pressures

  4. Access to information upon request • Balancing access and privacy under the FOI Act • 79.5% of 24,944 requests in 2012/13 were personal information requests • Personal privacy exemption applied in 20.6% of cases • Third party objections to release – 24 of 483 IC review applications • The personal privacy exemption (s 47F): whether disclosure of ‘personal information’ would be ‘unreasonable’ and ‘contrary to the public interest’ • ‘personal information’: any information that reasonably identifies a natural person • Straightforward application of s 47F - eg, information about benefit payments to third parties, detainees, the identify of correspondents

  5. Access to information upon request • IC review decisions rejecting an agency decision under s 47F • Complex issues arising in IC reviews • Access to anonymised statistical data • Release of vocational assessment information of a successful APS applicant • Other FOI situations in which an access/privacy balance must be struck • Facilitating informal administrative access • Publishing documents released under the FOI Act on agency Disclosure Log • A developing (but dubious) agency practice of automatically deleting routine work references to non-SES personnel

  6. Proactive release and open data • Pressures for adoption of an open data culture • Australian Government policy framework documents, eg • Australian Public Service Big Data Strategy (2013) ‘Big Data Principles’: ‘Data sets that government holds are a national asset [that] should be used for public good’ and ‘should be available for community access and use’. • OAIC, Open public sector information principles • International trends, eg • G8 Open Data Charter: ‘The world is witnessing the growth of a global movement facilitated by technology and social media and fuelled by information … Open data sits at the heart of this global movement.’

  7. Proactive release and open data q • Proposals for improved Australian Government practice • National Commission of Audit Recommendation 61: Data - There is untapped potential to use anonymised data and new data analytic techniques to improve the efficiency and effectiveness of government. [Government should] rapidly improve the use of data in policy development, service delivery and fraud reduction by … extending and accelerating the publication of anonymised administrative data … • Productivity Commission Annual Report, ‘Australia lacks a culture of information sharing and proactive data release. …[T]he main barriers … are: protection of privacy; the resources needed to ensure that data are of sufficient quality for policy evaluation; and concerns by governments about unfavourable findings on policy effectiveness.’

  8. Proactive release and open data • Pressures for stronger privacy protection • New Australian Privacy Principles, and stronger enforcement powers conferred on OAIC • Increase internationally in damaging data breaches • Heightened community concern about privacy protection • Greater complexity of anonymising ‘big data’

  9. Proactive release and open data Ex • Striking a balance between open data and privacy protection – accustomed strategies • Applying the APPs • Privacy by design • Privacy impact assessment • Information security measures • Data breach notification • De-identification of personal information

  10. Proactive release and open data Key FOI changes • Will a new approach be needed? See US Report by President’s Council of Advisers on Science and Technology, Big Data and Privacy: A Technological Perspective • Understanding the implications of big data, and the difficulty of predicting whether non-obvious information will later raise a privacy issue • Developing different privacy strategies for different information categories, eg, ‘born analog’, ‘born digital’, ‘data fusion’ • Develop more advanced technology building blocks (eg, encryption, auditable controls, cybersecurity), and place less reliance on accustomed methods (eg, de-identification) • Shift emphasis from notice and consent to the responsibility of data holders and users

More Related