The Office of the Australian Information Commissioner (OAIC) has been considering whether to take further action against Clearview AI, Inc., which was the subject of a determination under s 52(1A) of the Privacy Act 1988 (Cth) issued on 14 October 2021. That determination found that Clearview AI, through its collection of facial images and biometric templates from individuals in Australia using a facial recognition technology, contravened the Privacy Act, and breached several Australian Privacy Principles (APPs) in Schedule 1 of the Act, including by…
Read moreAUSTRALIAN SUPERVISORY AUTHORITY: Statement on MediSecure breach
The Office of the Australian Information Commissioner (OAIC) has been advised by former prescription delivery service provider MediSecure that approximately 12.9 million individuals may have been impacted by its cyber security incident. This is the largest number of individuals impacted notified to the OAIC under the Notifiable Data Breaches scheme. MediSecure has issued a public statement on the data breach, which includes an outline of the types of personal information impacted. The Australian Government has updated its advice for individuals on what to do…
Read moreAUSTRALIAN SUPERVISORY AUTHORITY: GPEN Sweep finds majority of websites and mobile apps use deceptive design to influence privacy choices
A global privacy sweep that examined more than 1,000 websites and mobile applications (apps) has found that nearly all of them employed one or more deceptive design patterns that made it difficult for users to make privacy-protective decisions. Deceptive design patterns use features that steer users towards options that may result in the collection of more of their personal information. These patterns may also force users to take multiple steps to find a privacy policy, log out or delete their…
Read moreAUSTRALIAN SUPERVISORY AUTHORITY:
OAIC takes civil penalty action against Medibank The Australian Information Commissioner has filed civil penalty proceedings in the Federal Court against Medibank Private Limited in relation to its October 2022 data breach. The Commissioner alleges that from March 2021 to October 2022, Medibank seriously interfered with the privacy of 9.7 million Australians by failing to take reasonable steps to protect their personal information from misuse and unauthorised access or disclosure in breach of the Privacy Act 1988. The proceedings follow an…
Read more