Lander & Rogers supports Privacy Awareness Week 2024

Lander & Rogers is proud to support Privacy Awareness Week (PAW) 2024.

An initiative of the Office of the Australian Information Commissioner (OAIC), Privacy Awareness Week runs from 6 to 12 May and provides a chance for businesses to consider what they can do to "power up" their existing privacy practices and culture in advance of the Australian Government's impending privacy law reforms.

This year's theme, "Privacy and technology: Improving transparency, accountability and security", focuses on creating a more responsible and secure digital landscape that balances technological advancements with the preservation of the privacy rights of individuals.

Why is a focus on privacy important?

A number of recent technological developments have increased the risk to individual privacy, notably the rise of artificial intelligence, facial recognition technology, and the use of genetic data. This has been exacerbated by the ubiquity of social media and digital devices.

We have witnesses a rise in cyber threats and data breaches. The Australian Signals Directorate’s (ASD) Annual Cyber Threat Report for 2022-23 lays bare Australia’s cyber threat landscape, highlighting that Australian government entities, critical infrastructure, businesses and households continue to be the target of malicious state and non-state cyber actors. Notably, the report indicates that in the 2022-2023 financial year:

• over 94,000 reports of cyber crime were made to the Australian Cyber Security Centre (ACSC), the equivalent of approximately one report every six minutes and an increase of 23 percent from FY2021-22
• over 33,000 calls were made to the ASD's Australian Cyber Security Hotline, an increase of 32 percent from FY2021-22
• the average cost of cyber crime per report rose by 14 percent from FY2021-22, to $71,600 for large businesses, $97,200 for mid-size businesses and $46,000 for small businesses.

The most recent notifiable data breaches report published by the OAIC further highlights the urgent need to temper technological advancements with stringent privacy practices and data security safeguards. In the period between July to December 2023, the OAIC received 483 data breach notifications, up 19% on the preceding six-month reporting period. Contact and identity information continue to be the most common kinds of personal information involved in data breaches, with 88% of breaches involving contact information such as an individual’s name, home address, phone number and email address, and 63% exposing identity information such as date of birth, passport details, and other government identifiers.

How can individuals and organisations guard against cyber attacks?

The ACSC and OAIC provide advice for individuals and businesses on how to safeguard personal information and maintain privacy best practices.

Recommendations include:

• having strong and varied passphrases and enabling multifactor authentication, if it is available
• not disclosing personal information unless you are comfortable with how it is going to be used
• only using reputable cloud service providers and managed service providers that implement appropriate information and cyber security measures
• having a clear and practical data breach response plan available to staff in the event of a breach
• only collecting personal information that is strictly necessary to limit exposure in the event of a breach
• ensuring service agreements include provisions around destroying or deleting data and data breach response requirements.

How can I get involved in Privacy Awareness Week?

For more information about Privacy Awareness Week 2024, visit the OAIC's interactive Power Up Your Privacy resource centre.

Insights and further information

Lander & Rogers' team of data privacy and cyber security experts regularly publishes information and resources about privacy, regulatory action, data governance, incident response, cyber threats and privacy reforms. Access useful guidance and articles about data protection for organisations below.

Case study: OAIC v Facebook

Privacy mid-year review: Regulatory activity in 2023

Three significant areas of reform proposed in Privacy Act Review

Artificial intelligence regulation under the watchful eye of Digital Platform Regulators' Forum

For a comprehensive look at the cyber landscape and how to build cyber resilience, visit CyberSight 360.

Follow Lander & Rogers on LinkedIn for additional guidance on how to protect personal and sensitive information and keep yourself and your organisation, safe from cyber threats, as well as implement compliant privacy practices.