This report is the culmination of two years of extensive consultation and review of the Privacy Act 1988 (Cth). The review was instigated following the Australian Competition and Consumer Commission’s 2019 Digital Platforms Inquiry final report, which made several privacy recommendations.

The Consumer Data Right (CDR) gives consumers greater control over their consumer data by enabling consumers to direct a data holder to safely share their CDR data with an accredited data recipient. This report outlines findings regarding six data holders’ compliance with their authorisation-related CDR...

Digital identity systems provide an opportunity to unlock economic benefits by simplifying and securing user interactions with government and private-sector digital services. However, to realise those benefits, this report makes eight recommendations to balance convenience, privacy and security considerations.

Data is increasingly available at scale and many of the fastest growing companies are built on data and data analytics. This paper reports data on Australian’s attitudes to data trust and data privacy and how these have changed since October 2018 using data from the...

This report responds to growing calls for reform around the use of facial recognition technology from leading voices in civil society, the private sector, government and academic experts. It outlines a model law to regulate the development and use of FRT in order to protect...

A key finding from this inquiry is that where police take photographs of people in contexts outside those specific statutory situations, officers must comply with the Privacy Act and the information privacy principles within it, taking into account the status of digital photographs as sensitive...

Organisations are increasingly collecting people’s sensitive personal information and analysing it using biometric technology. The Office of the Privacy Commissioner is seeking the views of New Zealanders on biometrics and their use in New Zealand in response to this consultation paper.

This paper discusses the main opportunities and challenges associated with digital social protection, drawing on trends pre-COVID and since the onset of the pandemic. It offers eight lessons to help social protection actors capitalise on technology’s potential in a risk-sensitive manner.

Our physical public areas – town squares, pedestrian zones, shopping centres and bus stops – are increasingly subject to unfettered digitalisation. This report sets out a number of concrete actions cities can take to increase their influence and effectiveness in protecting the data of their...

This report brings together highlights of the biennial survey and the New Zealand Privacy Commissioner's internal insights reporting to provide a fuller picture of what New Zealanders think about in relation to privacy in New Zealand, and how they utilise their privacy rights.

Data abundance, digital connectivity and ubiquitous technology are redefining national security and the way governments protect individual rights and freedoms. This analysis examines Australia’s policy options in a world defined by big data.

This document provides guidance on how the New Zealand Privacy Act applies to sensitive personal information.

The aim of this paper is to provide an update on attitudes of the general public to data privacy during the COVID-19 period, as well as the factors associated with the use of QR codes and other government apps/web-sites for contact tracing purposes.

A year after the introduction of COVID-19 Contact Tracing Apps in Europe, this report looks at their impact on digital rights. The authors identify three main problems with the way Member State governments introduced contact tracing apps

This paper argues that as state governments begin trialling home quarantine programs, they need to take active steps to ensure they are not crossing a new frontier in the surveillance of citizens by using facial recognition technology.

The rapid development of facial recognition technology requires an exploration of how to use it responsibly, complemented in this report by an overview of the current legislative landscape in the United States.

Mass vaccination is needed to mitigate against the effects of COVID-19, and to help Australia start to ease restrictions. This paper explores some fundamental principles which form the blueprint for a safe and ethical 'vaccination passport' system.

In this article, the author suggests that rather than thinking about vaccine passports as temporary and isolated public health-related measures, we should view them as just one example of how the pandemic is accelerating the rollout of digital identity infrastructure across the world.

The European Union has embarked on putting in place an aggressive regulatory regime for artificial intelligence (AI). In this report, Meredith Broadbent comments and reflects on the future of the transatlantic relationship and technological sovereignty.

This report maps a range of social fault lines and data-related challenges that the COVID-19 pandemic has raised. In the process, it highlights some emerging best practices and lessons learned that can guide future emergency responses.

The COVID-19 pandemic is bringing the opportunities and challenges of sharing health and care data to the front of public debate. This report sets out two interlinked challenges to building a data-driven health and care system.

Across the Middle East and North Africa, data protection legislation is still in its infancy, and it remains a low priority in countries where data protection laws are either very weak or non-existent. In this report, the authors explore data protection legislation in Jordan, Lebanon...

The research shows that Facial Recognition Technology (FRT) is increasing in usage in Aotearoa and comparable countries. It is used across sectors including government departments, policing, banking, travel, security, and customer tracking. In this report, the authors argue that if regulation gaps aren't plugged soon...

This rapid research brief analyses whether COVID-19 had an impact on public sentiment in relation to privacy and the widespread use of data and technology by government in responding to the public health crisis, be it through tracing, compliance or enforcement.

This framework document seeks to inform decision-makers on how best to re-use data to solve public problems, such as tackling COVID-19. This framework seeks to inform if, when and how the re-use of personal data can be aligned with people’s expectations and societal values.