Australians want better privacy protection - unsurprisingly coming from a country with some of the worst surveillance laws.

Australian study shows that citizens ask for better privacy protection and better laws.

Australians want better privacy - not more surveillance.

Australia - the country with some of the worst surveillance laws - sees a turn in attitudes among its citizens. More and more people demand better privacy protection from companies as well as legislators. The Office of the Australian Information Commissioner (OAIC) released a survey on Tuesday that clearly shows: privacy is in high demand.


Australia & privacy - a love-hate relationship

The awareness for the need of privacy is steadily rising in Australia. This does not come as a surprise as Australia has some of the worst surveillance bills in the world.

A new study - commenced by the very government that implemented the surveillance law - now shows how desperately Australians want privacy and miss the lack of it.

”Three in five (62%) Australians see the protection of their personal information as a major concern in their life."

"Eight in ten (82%) people care enough about protecting their personal information to do something about it, however 57% do not know what to do."

"Only a third (32%) of Australians feel in control of their data privacy, and 84% want more control and choice over the collection and use of their personal information."

"The 2 most common steps Australians are taking out of concern for their data privacy are checking an email, text message or phone call is not a scam before providing their information, and using unique passwords and not sharing them."

"Three-quarters (74%) of Australians feel data breaches are one of the biggest privacy risks they face today. This has increased by 13 percentage points since 2020."

"Most Australians place a high level of importance on their privacy when choosing a product or service, with 70% saying it is extremely or very important and another 26% stating it is quite important."

"After quality and price, data privacy is the third most important factor when choosing a product or service.”

While the study only talks about privacy and privacy protection in regards to companies and Big Tech surveillance, it is reasonable to conclude that Australians seek the same level of privacy protection from government surveillance.

It becomes clear that the Australian government is in a love-hate relationship with privacy: While the government wants to push for better privacy protection from Big Tech surveillance (and has commenced the above questionnaire to get citizens’ support in this), the same government does not want to grant its citizens privacy from state surveillance.

Data breaches as threat

Australian Information Commissioner and Privacy Commissioner Angelene Falk explained that the increased need for privacy among Australian citizens would arise from an increased number of data breaches resulting in a loss of privacy and security.

”Australians see data breaches as the biggest privacy risk today, which is not surprising with almost half of those surveyed saying they were affected by a data breach in the prior year. There is a strong desire for organisations to do more to advance privacy rights, including minimising the amount of information they collect, taking extra steps to protect it and deleting it when no longer required.”

In addition, many Australians are uncomfortable with the rise of biometrics and AI analysis which could be used for predictions, particularly known as predictive policing, which is already being used in countries such as the USA and the United Kingdom.

Main concerns also include targeting and profiling for commercial purposes such as targeted advertisement.

90% of Australians would like businesses and government to do more to protect their personal information, they are also demanding more control and choice over data collection as well as the use of their personal information.

The survey as well as the interpretation by the Australian authorities aim to prepare the revision of the Privacy Act. However, a much more pressing issue is completely ignored by the survey: government surveillance.

The Surveillance Legislation Amendment (Identify and Disrupt) Bill of 2020 gives the Australian Federal Police (AFP) and the Australian Criminal Intelligence Commission (ACIC) three powers for dealing with online crime:

  1. Data disruption warrant: gives the police the ability to “disrupt data” by modifying, copying, adding, or deleting it.

  2. Network activity warrant: allows the police to collect intelligence from devices or networks that are used, or likely to be used, by those subject to the warrant.

  3. Account takeover warrant: allows the police to take control of an online account (e.g. social media) for the purposes of gathering information for an investigation.

The two Australian law enforcement bodies AFP and ACIC have the power to modify, add, copy, or delete your data should you become a suspect in the investigation of a serious crime.

It is astonishing to see how the Australian government can discuss the revision of the Privacy Act while not even mentioning how the authorities themselves are undermining the very privacy of all Australians that they are trying to protect with the Privacy Act.

As defenders of privacy, we can’t say it often enough: more surveillance does not lead to more security.

We must keep fighting for privacy

As tendencies for increased surveillance are rising around the globe - not just in Australia, we must keep fighting for our right to privacy.

Everyone of us can help in the fight for privacy by encrypting as much data as possible. For instance, you can sign up for a free, encrypted email account and use encrypted chat apps like Signal or Threema.

Fight for freedom of speech: Encryption protects everyone's privacy Fight for freedom of speech: Encryption protects everyone's privacy


Australian Privacy Act

The Australian Privacy Act governs the collection, use, disclosure, and management of personal information by both government and private sector organizations within Australia. The act aims to protect individuals’ privacy rights and establish guidelines for the handling of personal data.

Key features of the Australian Privacy Act include:

Privacy Principles: The Act outlines 13 Australian Privacy Principles (APPs) that provide guidelines for the handling of personal information. These principles cover various aspects of data privacy, such as the collection, storage, use, disclosure, and security of personal information.

Personal Information: The Act defines personal information as any information or opinion about an identified individual or an individual who is reasonably identifiable, whether the information is true or not.

Consent: Organizations must obtain the consent of individuals before collecting their personal information, and individuals have the right to know how their information will be used.

Data Breach Notification: Organizations are required to notify individuals and the Office of the Australian Information Commissioner (OAIC) if a data breach occurs that is likely to result in serious harm to individuals.

Access and Correction: Individuals have the right to access their personal information held by organizations and request corrections if the information is inaccurate, incomplete, or outdated.

Sensitive Information: Special rules apply to the handling of sensitive information, such as health records, racial or ethnic origin, political opinions, etc. Higher standards of protection are applied to this type of data.

Cross-Border Data Transfers: If personal information is transferred to entities outside of Australia, the Act imposes obligations on the transferring organization to ensure that the recipient adheres to similar privacy standards.

Complaints and Enforcement: Individuals have the right to lodge complaints with the OAIC if they believe an organization has breached the Privacy Act. The OAIC has powers to investigate and take action against breaches.

Penalties and Fines: The Privacy Act establishes penalties for breaches of privacy obligations, including fines for non-compliance.