The Office of the Australian Information Commissioner (OAIC) has recently published the 2020 Australian Community Attitudes to Privacy Survey (ACAPS).
The ACAPS provides insights to Australians’ views and understanding of privacy and privacy-related issues. Interestingly, the ACAPS also includes a snapshot of those views during the COVID-19 outbreak.
COVID-19
Interestingly, the survey was carried out during the COVID-19 pandemic, and the OAIC took the opportunity to pose questions specific to this unusual point in time.
Significantly, half of Australians considered their privacy to be more at risk during COVID-19[1] and 72% agreeing that the pandemic “does not excuse business or government from meeting their usual obligations under privacy laws.”[2]
Many entities are working under extreme pressure to deliver greater than normal services, which can lead to errors. Recently, The Department of Foreign Affairs and Trade inadvertently disclosed the personal email addresses of some ‘vulnerable Australians’ by ‘cc’ing’ rather than ‘bcc’ing’ email recipients. This type of error is common, however it does show the importance of robust privacy practices that can withstand high pressure work environments.
Privacy Policies
For entities captured by the Privacy Act 1988, perhaps the most practical take away from ACAPS is about the attitudes of Australians to the Privacy Policies which the entities must publish, with only 20% reading and being confident they understand these important documents.[3]
The ACAPS reveals that ease of comprehension and navigation are very important attributes for a privacy policy. The responses indicate that Australians support three key improvements:
- The use of icons as a visual indication that certain activities are undertaken;
- A plain English summary are the start;
- A standard, simple language used in all policies.[4]
What is concerning is that 44% of Australians chose not to use a service after reading a privacy policy.[5] However, we consider this is more likely to be a problem when a privacy policy is so dense and complex that the reader cannot make sense of it, and just gives up on going any further.
So what can you do?
You can review your policy and consider how it is written and presented to ensure comprehension by those that read it. Privacy professionals such as Griffin Legal can help with that to ensure your privacy policy effectively discharges your obligations, and informs the reader in a clear and concise way.
Privacy as a selling point
ACAPS comes at a time when large companies such as Apple are promoting their focus on privacy. Apple even acknowledge the difficulties in doing so:
We design Apple products to protect your privacy and give you control over your information. It’s not always easy. But that’s the kind of innovation we believe in.[6]
This shift to promoting privacy by big corporations seems consistent with concerns expressed by Australians, with more than half being “uncomfortable with a business combining data about their customers (for example, loyalty card transaction history) with other data (for example, IP address, type of browser used) to better profile their customers.”[7]
Despite these concerns, the average Australian carries four to six loyalty cards.[8] Australian’s concerns may be warranted though as the Australian Competition and Consumer Commission states “that some loyalty schemes collect and use their customers’ data in order to develop consumer insights, which may be shared with or sold to other businesses, and to target customers with tailored advertising. Some loyalty schemes may also use this data to deliver targeted and personalised advertising to their own customers on behalf of other businesses.”
This apparent contradiction between attitudes and actions may be explained through some of the ACAPS findings which suggest Australians, or at least certain cohorts, are not reading or cannot understand what information companies are collecting or what they will do with it, which takes us back to our first point about the importance of clear privacy policies.
Now is the opportune time to revisit your privacy policy, especially if it has not been refreshed since the Australian Privacy Principles commenced in 2014.
Contact Griffin Legal, and we can help you produce a contemporary privacy policy that meets the expectations of your customers.
[1] Page 103
[2] Page 110
[3] Page 8
[4] Pag 76
[5] Page 72
[6] https://www.apple.com/au/privacy/
[7]https://www.oaic.gov.au/assets/engage-with-us/research/acaps-2020/Australian-Community-Attitudes-to-Privacy-Survey-2020.pdf, page 30.
[8] https://www.accc.gov.au/system/files/Customer%20Loyalty%20Schemes%20-%20Final%20Report%20-%20December%202019.PDF