After The Ink Dries: Monitoring Third Parties You Share Personal Information with Beyond Due Diligence
Third-party vendor management extends far beyond the initial signing of your contract. It’s an ongoing...
Third-party vendor management extends far beyond the initial signing of your contract. It’s an ongoing...
In February 2023, a hacker used an SMS phishing scheme on a HR employee in...
In November 2023, the Office of the Australian Information Commissioner (OAIC) announced the commencement of...
Things are changing fast in European privacy! We don’t typically see annual updates by the...
Data tagging helps businesses enhance data security, improve data governance, and better manage data and...
Queensland looks to join NSW as the only other Australian state with a mandatory data...
Earlier this year, we provided an update on the privacy reform proposals related to ‘accountability’...
Privacy 108 Founder Dr Jodie Siganto recently appeared on The Briefing to discuss the GoodSam...
Privacy for technologists is a rapidly developing field. The IAPP’s CIPT Body of Knowledge has...
Data catalogues provide a unified and searchable view of an organisation’s data and data sources....
“Every technology, including AI like ChatGPT, comes with potential risks and benefits. Balancing innovation with...
Key Findings in the OAIC’s Data Breach Report: January – June 2023 Some of the most...
Passwords are probably the most well-known account security feature that exists today. But they’re problematic....
Earlier this year, news broke about a third-party data breach that impacted the personal information...
The National Institute of Standards and Technology (NIST) Privacy Framework was developed through a collaborative...
Preparing for managing customer complaints after a privacy breach is a critical step in your...
Privacy skills are in demand. And as the demand grows and the privacy industry matures,...
Interested in what Australians think about privacy, use of AI and facial recognition and the...
Cyber insurance is not just becoming increasingly common, it is also becoming a requirement for...
2023 has brought with it a flurry of activity in terms of privacy legislation in...
Following the highly-publicised ban of TikTok on government devices, Australians are starting to pay more...
Victoria's privacy watchdog, the Office of the Victorian Information Commissioner (OVIC), released a report into how...
Cybersecurity concerns are no longer the domain of the IT department. They permeate every aspect...
While Domain I might be the most challenging domain, Domain II in the CIPP/E certification...
It’s rare for an organization to not use at least one third party – whether...
The HWL Ebsworth data breach has sent shivers down the spine of every professional consulting...
Regulating AI has been on the agenda globally for some time, amid growing concern over...
After three years of limbo, personal data can flow from the EU to companies in...
As the privacy industry matures, we’re seeing more privacy and security jobs seeking professionals who...
In May, hundreds of AI experts warned that AI (if left unchecked) could pose an...
Evaluating your privacy program helps to allocate and justify resources and budgets, align your privacy...
What do these scenarios have in common? Images of a woman sitting on a toilet...
The Organisation for Economic Co-operation and Development (OECD) published a report on privacy enhancing technologies...
ChatGPT promises to revolutionise the way we write and work. In late May, Thomson Reuters...
The IAPP announced its new course in September 2022 – Foundations of Privacy. This course...
Sending unsolicited emails, or spam, can not only damage your organisation’s reputation but also land...
This month the Commonwealth Attorney-General, Mark Dreyfus, announced that a stand-alone Australian Privacy Commissioner will...
Dark patterns is a subject close to our heart. We’ve written about them before, including: Dark...
In February 2023, the Australian Attorney-General released its Privacy Act Review Report 2022 and we...
In the spirit of Privacy Awareness Week 2023, we are sharing 3 tips to safeguard...
Privacy Awareness Week 2023 runs from May 1 to May 7. To build on this...
We’ll continue our deep dive into Australia’s Privacy Act Review report in this article. We...
We’re continuing our deep dive into the Privacy Act Review Report. You can read our...
Organisations covered by the Australian Privacy Act must provide access to the personal information the...
Privacy 108's report on privacy jobs advertised in Australia in October, November and December 2022...
Deep Dive 1: Security, data breach notification and retention In February 2023, after nearly three years...
Australian financial services provider, Latitude Financial, has announced that it has suffered a data breach...
Differential privacy is a formal mathematical definition of privacy. At its core, implementing differential privacy...
The importance of organisational data is growing each year. As we move through 2023, a...
Key Findings in the OAIC’s Data Breach Report: July – December 2022 The OAIC highlighted the...
An accurate and up-to-date data inventory is the basis of any privacy program. And with...
On 16 February 2023, the Commonwealth Attorney-General released the Privacy Act Review Report 2022. The report...
When a potential hire sends you their CV, you will likely collect their personal information....
In January 2022, Austria became the first EU country to state that the continuous use...
Around 400 parents of current and former Mount Lilydale Mercy students were recently alerted to...
The widespread information about website requirements for organisations covered by the GDPR and California Privacy...
ISO is set to launch a new privacy standard in February: ISO 31700 Privacy by...
The recent ACCC v Google LLC decision provides useful advice. Google recently defeated an action by...
Big data offers huge benefits: it improves human life with new medical and health solutions...
TechCrunch recently released its list of the most badly handled data breaches in 2022. Surprisingly...
A free online webinar on February 8th 2023 by Dr Andelka M. Phillips - Senior...
Biometrics technologies have been developed to help employers accurately track employee attendance and hours, track...
Australia’s regulation of electronic surveillance has been a mess for some time. When it announced...
The OAIC’s latest reporting shows that 33% of human error data breaches in Australia are...
The OAIC’s Findings in its Data Breach Report January-June 2022 The OAIC highlighted the following key...
Call centres are hotbeds for the collection – and theft and misuse - of personal...
The CPRA (California Privacy Rights Act) is set to change the face of privacy in...
The increase in data breaches has highlighted that organisations are holding onto data, a lot...
It has been some time since we covered data flows between the EU and US....
The days of board directors delegating oversight of cybersecurity to department managers are long behind...
With Optus and Medibank data breaches affecting over 10 million Australians, many have pointed to...
Candidates with law degrees have been highly sought by employers looking to fill privacy roles...
Biometric technologies have been making their way into schools for years. It's not uncommon for...
This week the Federal Attorney General introduced legislation to increase fines for privacy breaches, largely...
While million-dollar fines are commonplace in Europe, the $1.2million settlement following the Sephora Enforcement Action...
Email marketing can be exceptionally effective – but engaging in it is also rife with...
There has been a great deal of backlash in the wake of the Optus data...
The Optus data breach has exposed how harmful a cyber incident can be. Many are...
Using privacy by design to bake privacy in early is becoming a must. The benefits...
In September 2022 the Commonwealth Ombudsman reported a major spike in surveillance involving telco metadata...
Key takeaways: Employee photos may be personal information for the purposes of the Privacy Act,...
Privacy has been in the headlines recently following the CHOICE investigation into the use of...
Like many countries Australia has an AI ethical framework. But how influential will it be...
One of the most common privacy questions is: are work email addresses considered personal information...
ISO 27701 provides guidance on the protection of privacy, including how organizations should manage personal...
Privacy is an exciting field that’s attracting plenty of attention in the media. It’s an...
The Privacy 108 team has reviewed OAIC determinations published since 1 November 2010 and identified...
Data mapping is one of the most critical steps in any privacy program. Maintaining a...
Phenomenally high penalties pertaining to privacy breaches are now routinely found in news headlines. In...
Penalties have started to flow in for Clearview AI’s controversial scraping and use of the...
What is the CIPT Certification? CIPT stands for Certified Information Privacy Technologist. It’s essentially a certification...
In early May 2022, the Australian Federal Court released its judgement in the long-running ASIC...
Thinking about getting the CISM? This is an easy guide to all the practical steps...
Google Trends tells us there has been a slow and steady increase in interest in...
The Woolworths Group have updated their Privacy Policy. The new policy is good but could...
In June, Swedish furniture chain IKEA was ordered to pay a fine of 1 million...
Flight Centre, Australia’s largest travel agency suffered a data breach affecting nearly 7,000 customers, as...
How can you give yourself the greatest chance of passing your CISM exam? We want...
Privacy 108’s analysis of Australian privacy jobs advertised in September 2022 is now available. Main Findings...
Thinking of taking the iapp CIPP/E exam but not sure how to prepare or whether...
Privacy Awareness Week 2022 runs from 2-8 May. To highlight this year’s theme: Privacy –...
In 2019, we reported on three (3) Australian data breach class actions. Nearly 2 years...
5 practical tips on CIPP/E exam prep for anyone thinking of taking the exam. What is...
Under Australian law, organisations are required to notify the Office of the Australian Information Commissioner...
Thinking about taking the IAPP CIPM exam but you’re not sure how to prepare or...
Earlier this year, we published a post about Australia’s First Cyber Security Case – ASIC...
With regulators increasing focusing on data security and cyber security, many tech professionals are considering...
We’re seeing more and more Australian employers seeking privacy professionals with relevant certifications. As more...
Domain 1 questions are the most challenging for the respondents to our on-line CIPP/E. Do you...
If you’re reading this, you likely already know that the CIPP/E is the IAPP's European...