GL Insights
Where is the QR code actually leading you?
You may have used or seen a Quick Response code, more commonly known as a QR code. A QR code is a grided barcode that when scanned with a device’s camera, can take the user to websites, connect to Wi-Fi networks, allow the user to view and order food, download files, authenticate services or even …
Read more
How to tackle privacy risks when using facial recognition and biometrics
In November 2024, following the infamous Bunnings Determination the Office of the Australian Information Commissioner (OAIC) published a guide for organisations in using facial recognition technology (FRT). The guide walks organisations through how the Australian Privacy Principles (APPs) should be applied in the context of using facial recognition technology (FRT) in a commercial setting. FRT …
Read more
Responsible Use of AI in the Australian Government
In 2025, AI no longer only exists in dedicated applications like ChatGPT and OpenAI. It is now integrated with everyday applications, such as Microsoft Teams, Outlook, Word and Excel. Everyone is now using AI as part of work before they realise. Mundane daily tasks like reminders, notetaking and summary-making are automatically generated with the assistance …
Read more
Staying ahead of privacy reforms and building privacy resilience
Amendments to the Privacy Act 1988 (Cth) (Privacy Act) increased the enforcement powers of the Office of the Australian Information Commissioner (OAIC), introducing new civil penalty tiers and giving the OAIC the ability to issue infringement notices for minor breaches. This marks the beginning of a stronger regulatory environment for organisations that do not comply …
Read more
OAIC Finds Government Use of Messaging Apps Lacks Oversight
Australian Government Agencies have been urged by the Office of the Australian Information Commissioner (OAIC) to strengthen their policies on messaging apps like Signal, WhatsApp, Telegram and Facebook messenger. On 19 March 2025 the OAIC published ‘Messaging apps: a report on Australian Government agency practices and policies’ highlighting significant gaps in the governance of messaging …
Read more
How can you protect your data from cyber incidents?
In the 2023-24 financial year, Australia saw nearly 94,000 reports of cybercrime submitted to the Australian Cyber Security Centre. This was a 23% increase compared to the previous year. The Australian Signals Directorate (ASD) received over 36,700 calls to its Australian Cybersecurity Hotline, an increase of 12% from the previous financial year. The ASD also …
Read more
Does your organisation understand its whistleblower obligations?
Whistleblowers play an important role in recognising and reporting misconduct and breaches of the law by organisations. The Corporations Act 2001 (Corporations Act) contains a whistleblower protection scheme that imposes obligations on many organisations in relation to the handling of whistleblower disclosures.
Cyber security isn’t a set and forget matter!
On 13 March 2025, the Australian Securities and Investment Commission (ASIC) announced they had launched legal proceedings against an investment firm, FIIG Securities Limited (FIIG).
A tale of two intertwining records
The CEO of Services Australia (Agency) has recently been found by the Australian Privacy Commissioner (Commissioner) to have interfered with a customer’s privacy after a series of issues involving the Agency intertwining customer records.
Cyber Incident Response: Five things you’re forgetting to plan for
It’s the worst nightmare of every business: you get a call from your IT provider: there’s been suspicious activity on your network. It appears that hundreds or thousands of client records were accessible to a third party for several hours. They are still trying to work out what was accessed, and if anything was exfiltrated. …
Read more