Australia should “craft” its own version of Europe’s tough data protection laws, in any update to privacy settings, NSW Minister for Customer Service, Victor Dominello told stakeholders today in Sydney.
Following his address to the Privacy Enhancing Technologies Summit for Data Sharing, Dominello was asked if it was likely that Australia would develop similar privacy protection policies to the EU’s General Data Protection Regulation, which places explicit responsibilities on companies collecting and processing data, with steep fines for breaches.
Dominello said the “jury’s out” on whether GDPR like regulation should be templated widely outside Europe, pointing to California’s own privacy protection legislation as one alternative.
- Read more: Cover Story: Global Momentum Builds Behind New Privacy Laws. Next Stop California And CCPA
“My view is we reform to our own standards here,” Dominello told the crowd which included public sector leaders and privacy technology researchers and practitioners.
“Based on our own temperature. So we pick the best out of the GDPR, but we craft it to [Australia]. Because they’re [the EU] obviously leading. But we craft it to Australian conditions.”
Australia’s federal privacy legislation is set for review following the ACCC’s recommendation of reform after its landmark inquiry into digital platforms in Australia. State government agencies like Dominello’s Department of Customer Service are also governed by state privacy acts and regulators.
Critics of Australia’s current legal and regulatory privacy framework say its deliberately technology agnostic principles developed in the 1980’s are being exploited by businesses, while government agencies are reluctant to share citizen data across agencies out of fear of breaching privacy.
- Read more: Cover Story: As Surveillance Capitalism Takes Hold, Australia Lacks The Ability To Protect Its Citizens’ Privacy
Dominello said governments are under pressure to deliver services at increasingly high digital standards, driven by the standards of digital natives in the private sector. He said citizens allow some latitude in comparisons with the private sector service delivery, including some on privacy.
“They give governments a bit of latitude, a bit of latitude not much, a bit. Because they understand the complexity, they understand government’s this huge beast.”
Trust in privacy protection is difficult to earn and easily lost, Dominello said, and governments need to be up front with citizens, even when things go wrong.
“If there is a breach of the wall if there is a failure, and you try to hide it, then you will be punished. Then you go 10 steps back.”
In April Service NSW suffered a major cyber attack, with unknown attackers stealing 3.8 million documents containing the personal information of 186,000 customers. The agency did not begin notifying customers until several months after the attack and the Opposition claims the government may be liable for billions in compensation under state laws.
Dominello today said governments can never truly guarantee complete privacy to citizens.
“I don’t think there is a will ever get to a point where any government around the world can say with 100 per cent security, that ‘we will keep your privacy safe to 100 per cent’. That is the goal, that’s the aspiration. But if there is a crack, you’ve got to own it.”