22/10/2025 The Federal Court recently ordered Australian Clinical Labs (ACL) pay $5.8 million in civil penalties following a mishandled ransomware attack in 2022. As noted by Privacy Commissioner Carly Kind, “for the first time, a regulated entity has been subject to civil penalties under the Privacy Act…” On 25 February 2022, Medlab Pathology, now a …
Read more
24/09/2025 Australian retail giant Kmart’s facial recognition practices have been found to have breached Australia’s Privacy Act. The Privacy Commissioner, Carly Kind, of the Office of the Australian Information Commissioner (OAIC), handed down her determination on 26 August 2025. Kmart deployed facial recognition (FR) cameras in 28 of its stores during a pilot program between …
Read more
22/08/2025 In 2022, Optus suffered one of the most notorious data breaches since the Notifiable Data Breaches Scheme began in 2018. The data breach affected approximately 9.5 million Australians, being current and former Optus customers who all had varying amounts of their personal information stolen by hackers. The information stolen included names, dates of birth, …
Read more
03/09/2025 Last week news broke of yet another data breach that has affected millions of Australians. This time, it was customers of the airline Qantas. On Monday, 30 June 2025 Qantas detected unusual activity on one of their third-party platforms. The cyber criminals targeted a Qantas offshore call centre in the Philippines to gain access to …
Read more
You may have used or seen a Quick Response code, more commonly known as a QR code. A QR code is a grided barcode that when scanned with a device’s camera, can take the user to websites, connect to Wi-Fi networks, allow the user to view and order food, download files, authenticate services or even …
Read more
In November 2024, following the infamous Bunnings Determination the Office of the Australian Information Commissioner (OAIC) published a guide for organisations in using facial recognition technology (FRT). The guide walks organisations through how the Australian Privacy Principles (APPs) should be applied in the context of using facial recognition technology (FRT) in a commercial setting. FRT …
Read more
In 2025, AI no longer only exists in dedicated applications like ChatGPT and OpenAI. It is now integrated with everyday applications, such as Microsoft Teams, Outlook, Word and Excel. Everyone is now using AI as part of work before they realise. Mundane daily tasks like reminders, notetaking and summary-making are automatically generated with the assistance …
Read more
Amendments to the Privacy Act 1988 (Cth) (Privacy Act) increased the enforcement powers of the Office of the Australian Information Commissioner (OAIC), introducing new civil penalty tiers and giving the OAIC the ability to issue infringement notices for minor breaches. This marks the beginning of a stronger regulatory environment for organisations that do not comply …
Read more
Australian Government Agencies have been urged by the Office of the Australian Information Commissioner (OAIC) to strengthen their policies on messaging apps like Signal, WhatsApp, Telegram and Facebook messenger. On 19 March 2025 the OAIC published ‘Messaging apps: a report on Australian Government agency practices and policies’ highlighting significant gaps in the governance of messaging …
Read more
In the 2023-24 financial year, Australia saw nearly 94,000 reports of cybercrime submitted to the Australian Cyber Security Centre. This was a 23% increase compared to the previous year. The Australian Signals Directorate (ASD) received over 36,700 calls to its Australian Cybersecurity Hotline, an increase of 12% from the previous financial year. The ASD also …
Read more