Is It A Privacy Violation To Send A Work Email Celebrating Someone’s Birthday?
You’ve worked there before. The company where you get cupcakes every time it’s someone’s birthday,......
You’ve worked there before. The company where you get cupcakes every time it’s someone’s birthday,......
This month the OAIC released 2 new guides on artificial intelligence (AI) for organisations for......
The last ten days of September were tough for Australia’s largest medical imaging provider, I-MED.......
Earlier this year, the European Union enacted the world’s first AI Act – and the......
If you’re considering a career in privacy and data protection, or if you’re an existing......
Data minimisation is a fundamental privacy principle, promoting the collection, processing, and retention of only......
Draft new cyber security bills were released this month. The purpose of the new laws......
On Thursday 12 September 2024, the Privacy and Other Legislation Amendment Bill 2024 (Bill) was......
The January to June 2024 Data Breach Report from the Office of the Australian Information......
After nearly five years of discussion, the much-anticipated Privacy Act changes were introduced into Parliament......
We are thrilled to announce that Privacy 108 has achieved ISO 27001 certification, a prestigious......
Human error data breaches through email are extremely common. The convenience, familiarity, and relative informality......
The Australian Federal Government announced in September 2024 that it will release ten mandatory AI......
We all know about hoarders – but what about data hoarders? Is it a ‘thing’......
Cal Newport’s book Digital Minimalism discusses the benefits of focusing on a small number of......
Employee records of current or former private sector employees are exempt from the Australian Privacy......
On July 19, 2024, we saw a major global IT outage caused by a faulty......
Understanding and managing your data is becoming a fundamental piece of any privacy compliance program.......
The last few years have seen a shift from data being the new oil to......
The CIPP/E certification is becoming increasingly popular. It is a great way to demonstrate your......
Data brokers play a significant (and extremely personal information-intensive) role in Australia’s business ecosystem. However,......
The Australian Communication and Media Authority (ACMA) recently announced its 2024-2025 enforcement priorities and plans......
Our report on privacy jobs advertised in Australia between January and March 2024 is now available.......
Cyber security is a key concern for almost every board member. But how best should......
ISO 29100 Privacy Framework is a standard all privacy practitioners should be aware of. Substantially......
There are privacy-related ISO standards, old and new, that can help in developing and improving......
In October 2022, Medibank suffered a severe breach, affecting 9.7 million people. It is alleged......
This week, headlines focused on the potential for a $21 trillion penalty against Medibank for......
If you’re taking the CIPP/E or just interested in how European and EU data protection......
Australia’s Privacy Awareness Week wrapped up on 12 May, but the components of its theme,......
We’ve analysed two determinations from the Australian Information Commissioner relating to data breach reporting and......
We have prepared this Template as an example AI impact assessment form that can be......
We’ve prepared this guide for personnel who engage in direct marketing activities, particularly those who......
Privacy 108 monitors and reports on privacy jobs advertised in Australia. We’ve tracked the number,......
What will the proposed changes to Australia’s Privacy Act mean for transparency? For Privacy Awareness......
For Privacy Awareness Week 2024 (from 6-12 May 2024), organisations are being asked to ‘power......
The OAIC’s determination in a recent case involving Serco and the systems it used in......
Australia’s Digital ID Bill passed on Mar 28, 2024. Our new ID system is designed......
Consultation on the latest proposals for cyber security regulation in Australia has now closed. What......
Australia’s privacy law landscape doesn’t grant the same rights individuals resident in the EU and......
We recently published our comprehensive guide to managing vendor privacy risk in 2024. The 17-page......
You know you need to do it, but the data minimization project is overwhelming. You......
News this week was that Medibank failed in its bid to stop the OAIC investigations......
Balancing user privacy with business growth isn’t always easy. Enter Privacy UX (shorthand for ‘privacy......
The Office of the Australian Information Commissioner (OAIC) has released its latest Notifiable Data Breaches......
Australia’s privacy risk management landscape is being shaped by increasing visibility of data breaches, penalties,......
Thinking of sitting for the CIPP/E? Here are 5 good reasons to get your CIPP/E......
Things are changing quickly in cybersecurity regulation in Europe. Here’s a list of the existing......
Privacy 108 monitors and reports on privacy jobs advertised in Australia. We’ve tracked the number,......
Privacy Impact Assessments are a powerful and often overlooked tool. They’re a compliance requirement, in......
Children’s privacy, in terms of the information that websites and apps collect about child users,......
In case you missed them, we’ve compiled the most popular posts we published in 2023.......
As the end of 2023 approaches (thank goodness say some!), let’s reflect on some of......
ISACA’s 2023 Privacy in Practice report included a list of the most common privacy failures......
Creating a complete data inventory is one thing – but supporting it over time is......
The Australian Securities and Investments Commission (ASIC) is ramping up its emphasis on cybersecurity with......
Privacy 108’s report on privacy jobs advertised in Australia between January and June 2023 is......
Third-party vendor management extends far beyond the initial signing of your contract. It’s an ongoing......
In February 2023, a hacker used an SMS phishing scheme on a HR employee in......
Optus has lost a bid in the Australian federal court to keep secret a Deloitte......
In November 2023, the Office of the Australian Information Commissioner (OAIC) announced the commencement of......
Things are changing fast in European privacy! We don’t typically see annual updates by the......
Data tagging helps businesses enhance data security, improve data governance, and better manage data and......
Queensland looks to join NSW as the only other Australian state with a mandatory data......
Earlier this year, we provided an update on the privacy reform proposals related to ‘accountability’......
Will Australia be getting a Cyber Security Act any time soon? The cyber security regulatory......
Privacy 108 Founder Dr Jodie Siganto recently appeared on The Briefing to discuss the GoodSam......
Privacy for technologists is a rapidly developing field. The IAPP’s CIPT Body of Knowledge has......
Data catalogues provide a unified and searchable view of an organisation’s data and data sources.......
Changes to the Privacy Act changes have been been flagged in the Australian Government’s response......
“Every technology, including AI like ChatGPT, comes with potential risks and benefits. Balancing innovation with......
In July 2023, the Australian Federal Court ordered two subsidiaries of social media giant Meta......
Key Findings in the OAIC’s Data Breach Report: January – June 2023 Some of the......
Passwords are probably the most well-known account security feature that exists today. But they’re problematic.......
Earlier this year, news broke about a third-party data breach that impacted the personal information......
The National Institute of Standards and Technology (NIST) Privacy Framework was developed through a collaborative......
Preparing for managing customer complaints after a privacy breach is a critical step in your......
Privacy skills are in demand. And as the demand grows and the privacy industry matures,......
Interested in what Australians think about privacy, use of AI and facial recognition and the......
Cyber insurance is not just becoming increasingly common, it is also becoming a requirement for......
2023 has brought with it a flurry of activity in terms of privacy legislation in......
Following the highly-publicised ban of TikTok on government devices, Australians are starting to pay more......
Victoria’s privacy watchdog, the Office of the Victorian Information Commissioner (OVIC), released a report into how......
Cybersecurity concerns are no longer the domain of the IT department. They permeate every aspect......
While Domain I might be the most challenging domain, Domain II in the CIPP/E certification......
It’s rare for an organization to not use at least one third party – whether......
The HWL Ebsworth data breach has sent shivers down the spine of every professional consulting......
The OAIC are again investigating the Australian Federal Police over AI surveillance concerns, this time......
Regulating AI has been on the agenda globally for some time, amid growing concern over......
After three years of limbo, personal data can flow from the EU to companies in......
As the privacy industry matures, we’re seeing more privacy and security jobs seeking professionals who......
In May, hundreds of AI experts warned that AI (if left unchecked) could pose an......
In Australia, privacy protections don’t apply once you’re dead. What do Kylie Minogue, John Lennon,......
Evaluating your privacy program helps to allocate and justify resources and budgets, align your privacy......
What do these scenarios have in common? Images of a woman sitting on a toilet......
The Organisation for Economic Co-operation and Development (OECD) published a report on privacy enhancing technologies......
ChatGPT promises to revolutionise the way we write and work. In late May, Thomson Reuters......
The IAPP announced its new course in September 2022 – Foundations of Privacy. This course......
Sending unsolicited emails, or spam, can not only damage your organisation’s reputation but also land......
This month the Commonwealth Attorney-General, Mark Dreyfus, announced that a stand-alone Australian Privacy Commissioner will......
Dark patterns is a subject close to our heart. We’ve written about them before, including:......
In February 2023, the Australian Attorney-General released its Privacy Act Review Report 2022 and we......
In the spirit of Privacy Awareness Week 2023, we are sharing 3 tips to safeguard......
Privacy Awareness Week 2023 runs from May 1 to May 7. To build on this......
We’ll continue our deep dive into Australia’s Privacy Act Review report in this article. We......
Privacy Awareness Week 2023 is May 1 to 7, 2023. This year the theme is......
On 8 December 2022, the Minister for Cyber Security, the Hon. Clare O’Neil MP, announced......
We’re continuing our deep dive into the Privacy Act Review Report. You can read our......
Organisations covered by the Australian Privacy Act must provide access to the personal information the......
Privacy 108’s report on privacy jobs advertised in Australia in October, November and December 2022......
Deep Dive 1: Security, data breach notification and retention In February 2023, after nearly three......
Australian financial services provider, Latitude Financial, has announced that it has suffered a data breach......
Differential privacy is a formal mathematical definition of privacy. At its core, implementing differential privacy......
The importance of organisational data is growing each year. And today, a data management strategy......
Key Findings in the OAIC’s Data Breach Report: July – December 2022 The OAIC highlighted......
An accurate and up-to-date data inventory is the basis of any privacy program. And with......
On 16 February 2023, the Commonwealth Attorney-General released the Privacy Act Review Report 2022. The......
When a potential hire sends you their CV, you will likely collect their personal information.......
In January 2022, Austria became the first EU country to state that the continuous use......
Around 400 parents of current and former Mount Lilydale Mercy students were recently alerted to......
The widespread information about website requirements for organisations covered by the GDPR and California Privacy......
Can you record conversations in Australia? This is the most common question we get asked......
ISO is set to launch a new privacy standard in February: ISO 31700 Privacy by......
DNA testing – should we care? You may have seen The Lost King, a fascinating......
The recent ACCC v Google LLC decision provides useful advice. Google recently defeated an action by......
Big data offers huge benefits: it improves human life with new medical and health solutions......
TechCrunch recently released its list of the most badly handled data breaches in 2022. Surprisingly......
A free online webinar on February 8th 2023 by Dr Andelka M. Phillips – Senior......
Biometrics technologies have been developed to help employers accurately track employee attendance and hours, track......
We’ve compiled our top ten most-read privacy blog posts for 2022. They’re listed below, starting......
Australia’s regulation of electronic surveillance has been a mess for some time. When it announced......
The OAIC’s latest reporting shows that 33% of human error data breaches in Australia are......
The OAIC’s Findings in its Data Breach Report January-June 2022 The OAIC highlighted the following......
Call centres are hotbeds for the collection – and theft and misuse – of personal......
The CPRA (California Privacy Rights Act) is set to change the face of privacy in......
The increase in data breaches has highlighted that organisations are holding onto data, a lot......
It has been some time since we covered data flows between the EU and US.......
The days of board directors delegating oversight of cybersecurity to department managers are long behind......
With Optus and Medibank data breaches affecting over 10 million Australians, many have pointed to......
Candidates with law degrees have been highly sought by employers looking to fill privacy roles......
Hot off the press – ISO 27001:2022 has been published! The much-anticipated update to ISO......
Biometric technologies have been making their way into schools for years. It’s not uncommon for......
This week the Federal Attorney General introduced legislation to increase fines for privacy breaches, largely......
While million-dollar fines are commonplace in Europe, the $1.2million settlement following the Sephora Enforcement Action......
Email marketing can be exceptionally effective – but engaging in it is also rife with......
There has been a great deal of backlash in the wake of the Optus data......
The Optus data breach has exposed how harmful a cyber incident can be. Many are......
5 practical tips on CIPT exam prep for anyone thinking of taking the exam. ......
Using privacy by design to bake privacy in early is becoming a must. The benefits......
Dr Jodie Siganto was one of the privacy and security experts interviewed by the ABC......
In September 2022 the Commonwealth Ombudsman reported a major spike in surveillance involving telco metadata......
Roe v Wade, the US Supreme Court case which protected the right to abortion for......
Key takeaways: Employee photos may be personal information for the purposes of the Privacy Act,......
Privacy has been in the headlines recently following the CHOICE investigation into the use of......
Email marketing is remarkably effective. In its 2021 Email Marketing ROI Statistics report Barilliance cites the average......
Like many countries Australia has an AI ethical framework. But how influential will it be......
The use of biometrics in Australia is increasing, in the workplace, by retailers, educational institutions......
One of the most common privacy questions is: are work email addresses considered personal information......
Small businesses[1] are largely exempt from the Australian Privacy Act 1988 (Cth) and this is......
The Office of the Australian Information Commissioner (OAIC) recently released its Notifiable Data Breaches Report: January......
Privacy engineering has emerged as a vital function for almost every business. Privacy engineers can......
Regulators around the globe have been targeting their enforcement efforts at companies that engage in......
ISO 27701 provides guidance on the protection of privacy, including how organizations should manage personal......
Privacy is an exciting field that’s attracting plenty of attention in the media. It’s an......
The Privacy 108 team has reviewed OAIC determinations published since 1 November 2010 and identified......
Data mapping is one of the most critical steps in any privacy program. Maintaining a......
Phenomenally high penalties pertaining to privacy breaches are now routinely found in news headlines. In......
Penalties have started to flow in for Clearview AI’s controversial scraping and use of the......
Rushed, imprecise and unlikely to be enforced? And most importantly, why? In November 2020, the......
What is the CIPT Certification? CIPT stands for Certified Information Privacy Technologist. It’s essentially a......
Australian federal law enforcement agencies can now alter online data and take over on-line accounts.......
In early May 2022, the Australian Federal Court released its judgement in the long-running ASIC......
Ransomware in Australia is on the rise! As a result, regulators are paying more and......
Thinking about getting the CISM? This is an easy guide to all the practical steps......
Google Trends tells us there has been a slow and steady increase in interest in......
The Woolworths Group have updated their Privacy Policy. The new policy is good but could......
In June, Swedish furniture chain IKEA was ordered to pay a fine of 1 million......
Flight Centre, Australia’s largest travel agency suffered a data breach affecting nearly 7,000 customers, as......
Today, there’s no such thing as the ‘ideal background’ for a privacy professional. Privacy is......
How can you give yourself the greatest chance of passing your CISM exam? We want......
Privacy 108’s analysis of Australian privacy jobs advertised in September 2022 is now available. Main......
Privacy 108’s analysis of Australian privacy jobs advertised in June 2022 is now available. Main......
Thinking of taking the iapp CIPP/E exam but not sure how to prepare or whether......
Privacy Awareness Week 2022 runs from 2-8 May. To highlight this year’s theme: Privacy –......
In 2019, we reported on three (3) Australian data breach class actions. Nearly 2 years......
5 practical tips on CIPP/E exam prep for anyone thinking of taking the exam. What......
Australia has a patchwork of state laws that cover listening devices and the surveillance of......
Cookies, aggregated data, dark patterns, and ransomware are just a few of thousands of privacy-related......
The IAPP’s CIPP/E certification covers key privacy terminology, and the practical considerations relating to personal......
We are often asked by privacy practitioners to recommend security training to help them get......
Organisations are getting used to the extraterritorial scope of privacy laws enacted in other countries,......
Compliance with Australia’s Privacy Principles is non-negotiable for organisations covered by Australia’s privacy laws (APP......
Canada appears to be looking to update and strengthen its digital privacy with the introduction......
Queensland is updating its Information Privacy and Right to Information Framework, with a consultation paper......
The American Data Privacy and Protection Act (ADPPA) is making its way through the US......
On 30 June 2022, the Cyberspace Administration of China (CAC) released a template agreement for......
The ISACA updates the content of its curriculum and exams around every five years. The......
The frequency of ransomware attacks is rising, as is the average cost of a privacy......
Privacy is an exciting and dynamic field that is rapidly changing. While this makes it......
The Australian Competition and Consumer Commission (ACCC) has proposed a “three-pronged approach” to ensure Australia......
Thailand enacted its comprehensive privacy law on 28 May 2019. After giving covered organisations three......
Dark patterns regulation has emerged as a focus in both the US and EU over......
Laws banning dark patterns, hidden advertising, and manipulated consumer reviews became effective in the EU......
Privacy breaches and enforcement in Europe, the US, and Australia garner much media attention in......
The New SCCs require organisations to undertake a transfer impact assessment before completing a transfer......
Privacy 108’s analysis of Australian privacy jobs advertised in March 2022 is now available. Main......
The penalties for sending unsolicited (or spam) marketing emails in Australia can be severe –......
We revealed in our December 2021 Privacy Jobs Report that larger organisations are increasingly implementing......
In a world where there’s no cookie cutter template to privacy, companies are hungry for......
Europe’s landmark General Data Protection Regulations (GDPR) came into effect (just over) 4 years on......
For any IAPP certification, real-world experience is an advantage – but sitting an exam is......
“Distrust is now society’s default emotion”. This is the no. 1 Takeaway from the 2022......
Many privacy and cyber security professionals across Australia were surprised by the $9.9 billion earmarked......
Under Australian law, organisations are required to notify the Office of the Australian Information Commissioner......
The Whitehouse and EU Commission announced the impending arrival of Privacy Shield 2.0 on 25......
With the rise of cyber security incidents and increased concern about ransomware, additional data breach......
The new 2022 revision of ISO 27002 was published on February 15, 2022 It’s been......
The EU General Data Protection Regulation (GDPR) requires certain organisations to appoint a data protection......
Australia’s Privacy Act 1988 requires APP entities to have a clear and up-to-date privacy policy......
When the GDPR introduced hefty new fines and more stream lined enforcement, many privacy advocates......
Finally, ISO 27002 has been updated! The information security management standard ISO 27001 and its......
China’s privacy law, the Personal Information Protection Law (PIPL), came into effect on November 1,......
De-identification is a powerful solution to many of the privacy concerns data sharing and use......
On January 19, the International Committee of the Red Cross (ICRC) published a press release......
As customers become more alert to privacy issues, organisational privacy programs must achieve customer trust......
Late last month, in our coverage of the largest GDPR fines in 2021, we outlined......
Results from our 2021 Privacy Professional Survey are now available. Thank you to everyone who......
EU privacy regulators last year levied fines totalling more than €1 billion for GDPR breaches,......
Privacy 108 has submitted its response to the Privacy Act Review Discussion Paper. You can......
The recent decision around the use of Google Analytics underlines the continuing battles between EU......
Facebook and Google have received hefty fines from France’s lead data protection authority, the CNIL,......
Privacy 108’s analysis of Australian privacy jobs advertised in December 2021 is now available. Main......
Thinking about taking the IAPP CIPM exam but you’re not sure how to prepare or......
Norway’s data privacy watchdog has issued a 6.5 million Euro fine to a location-based social......
The Privacy Act Discussion Paper, the latest stage in the comprehensive review of Australia’s Privacy ......
The World Economic Forum (WEF) recently released an article about “How to overcome mistrust of......
On December 15, 2021, the United States and Australia signed an agreement to make it......
As the new year approaches, it’s time to consider your resolutions for 2022. Business owners......
If you’re looking to make 2022 the year you land your dream job as a......
Many Australian organisations have suffered the double whammy of being caught by the extra territorial......
In October 2021, the Australian Attorney-General’s Department issued a discussion paper seeking further submissions on......
In 2019 we ran our first Australian Privacy Professionals Survey. Time has flown and the......
While not as well-publicised as greenwashing, consumers and regulators are becoming more aware of the......
The Certified Information Privacy Professional certifications offered by the International Association of Privacy Professionals (IAPP) are......
The Australian Competition and Consumer Commission (ACCC) has reiterated its call for Google to implement......
Working out how to get hired in a field that is relatively new and constantly......
The recent decision of the Office of the Australian Information Commission (OAIC) about privacy interferences......
In mid-October 2021, Australia’s new Ransomware Action Plan was released by the Department of Home......
Earlier this year, we published a post about Australia’s First Cyber Security Case – ASIC......
Privacy 108’s analysis of Australian privacy jobs advertised in September 2021 is now available. Main......
How are Cookie laws changing in APAC? We recently covered the move away from the......
A US medical malpractice lawsuit (scheduled for trial in November 2022) alleges that a hospital......
With regulators increasing focusing on data security and cyber security, many tech professionals are considering......
More than eight years since its last face-lift, ISO 27002 is under review with a......
We promised to keep you updated on the adventures of our Sanderling, the shorebird we......
Accessing data for potentially unauthorised purposes has been hitting headlines recently as various state police......
In July 2021, the Australian Privacy Commissioner issued a determination relating to Uber’s well publicised......
Interested in becoming a privacy consultant? Not sure what experience is required or what you......
The repeal of the Old SCCs is just around the corner – on 27 September......
The world of on-line cookies is changing with regulators making their use more difficult, browsers......
If you follow our blog posts, you may have noticed a theme emerging over the......
Another piece is added to the jigsaw of China’s privacy and security laws. The Personal......
Privacy 108 is a Moreton Bay Foundation Ambassador and delighted sponsor of a Sanderling, one......
Privacy 108’s analysis of Australian privacy jobs advertised in June 2021 is now available. Main......
The constantly changing global privacy landscape may seem overwhelming. More jurisdictions are enacting increasingly robust......
On 13 July 2021, the Australian Government through the Department of Home Affairs (DHA) opened consultation......
There is no doubt that ransomware attacks are amongst the most serious cyber threats to......
We have been monitoring privacy careers via privacy jobs advertised in Australia for almost three......
Google’s search engine has dominated the market for the better part of two decades. This......
More organisations are looking at automated solutions to support the efficient management of their privacy......
We’re seeing more and more Australian employers seeking privacy professionals with relevant certifications. As more......
China has released a new Data Security Law that adds to the existing web of......
Artificial intelligence (AI) is transforming the world in many aspects. Many countries are considering how......
Concerns around bias, discrimination and unfairness dog the use of Artificial Intelligence, not without justification......
From July 1, 2021 the CIPP/E body of knowledge and exam will be updated. The......
A very warm welcome to Alicia, the newest member of the Privacy 108 team! An......
The white-collar workforce is likely to look very different long into the future. While some......
There’s little doubt that ransomware is a serious risk to businesses globally. The roll call......
Privacy impact assessments are an underutilised tool that organisations can use to enhance data protection......
On 4 June, the European Commission (EC) published its finalised version of the new Standard......
Last year, Services NSW suffered data breaches that exposed the personal information of more than......
Was privacy a winner in the 2021 Federal budget? Not really …. Unless you think......
Domain 1 questions are the most challenging for the respondents to our on-line CIPP/E. Do......
The ACCC has successfully argued that Google engaged in misleading and deceptive conduct in a world-first enforcement proceeding.......
Global privacy law is undergoing massive change. Different countries are trying to keep up with......
Privacy Awareness Week (PAW) takes place in the first week of May each year. This......
Our earlier article about Flight Centre’s 2017 privacy breach and OAIC investigation received quite a bit of......
In November 2020, the OAIC released its report into Healthscope’s security and privacy processes. According......
The safety of digital files in transit was recently thrown into the spotlight by the Accellion......
Brisbane based Cryptoloc’s innovative encryption process may be the supplementary measure your business needs to......
The IAPP’s Privacy Glossary contains hundreds of essential terms today’s privacy professionals need to......
The OAIC 2020 Highlights Infographic gives us plenty of information about the direction of privacy......
ASIC’s action against RI Advice Group might be Australia’s first cyber security case. On 21......
The age-old idiom “less is more” is gaining traction in the privacy sphere. Data minimisation......
The EU Commission’s draft opinion favours recognising UK as an adequate jurisdiction for data transfers,......
In January, WhatsApp users received a popup outlining that they’d need to agree to the new terms......
If you’re reading this, you likely already know that the CIPP/E is the IAPP’s European......
Summary of Key Findings in our analysis of job trends for Australian Privacy Professionals: Sydney......
Privacy is experiencing rapid growth around the world. With change looming following the review of the......
In November 2020, the Australian Federal Government commenced its latest review of the Privacy Act......