The changing face of data privacy attitudes in Australia

20 May 2021
Written by Daniel Parker

With more than 15 years of SAP experience, Daniel Parker specialises in data copy automation and data security. He leads an experienced consulting team, and delivers a variety of landscape solutions to organisations in the APJ region.

The-changing-face-of-data-privacy-attitudes-in-Australia---Blog-Image

With Australian Privacy Awareness Week taking place in May 2021, now feels like a good time to look back on the Office of the Australian Information Commissioner’s (OAIC) 2020 Australian Community Attitudes to Privacy Survey (ACAPS). ACAPS is a long-standing study designed to give a longitudinal picture of Australians' views on data privacy.

 

The previous survey was in 2017. Since that time, the 2020 survey results indicate individuals’ increasing awareness of data privacy and the desire to influence how organisations hold and use data. Certainly, something we suspected was the case is now backed up by the survey.

 

Key takeaways:

  • 85% of Australians understand why they should protect personal information, but 49% are not clear on how to go about it.
  • 76% of Australians identify theft and fraud as their biggest privacy risk, an increase from 19% in the 2017 survey.
  • The second largest identified risk was to data security or data breaches, with 61% of respondents identifying this, up from 17% in the 2017 survey.
  • 84% of Australians believe they should have the right to ask a business to delete personal information they hold about them.
  • 64% believe they should have the right to request deletion of personal data that a government agency holds about them.

While the research and results are focused towards consumer attitudes, there is still a strong underlying message here for those of us managing and running SAP® environments in the enterprise. We see a strong increase in concern around identity theft and data breaches with a desire for requesting data deletion. When checking the 2017 report’s results, we found that personal data removal and deletion was not even discussed at the time. It is certainly of interest to see a topic not mentioned in the previous survey capture such strong feelings three years later.

 

In the report, Angelene Falk, Australian Information Commissioner and Privacy Commissioner, discusses the importance of the survey result as input to a review underway on the Australian Privacy Act 1988. Falk stated, “The Australian Government has also committed to a new system of fines and penalties for interference with privacy.”

 

The desire to think differently about data privacy in Australia is being acknowledged. Of course, it remains to be seen how far the community attitude shift in the survey will drive actual change to the Australian Privacy Act and associated penalties. Regardless, there will continue to be more focus on protecting data and reporting on data loss in the future.

 

I am reminded here of my colleagues' recent journey around GDPR awareness and compliance across Europe. The strong shift to personal data rights with GDPR’s introduction in 2018 sees not just scrambling of personal data on SAP test systems becoming de facto but also a requirement to locate and redact or remove personal data within production systems as a growing and key need. Three years on from GDPR coming into effect, typical requirements from our clients include:

 

Where will privacy legislation in Australia be in three years’ time? We do seem to be at the start of an interesting journey, potentially a path taken already by our products and consulting teams. To help understand how your SAP systems and PII data footprint can be managed through reducing, scrambling and redacting please, request a complimentary system analysis.

 

DSM_Readiness_CTA-1

 

 

 

Explore Popular Tags

GDPR Data Privacy Data Security Data Secure GDPR compliance Data Redaction data scrambling Data Redact General Data Protection Regulation POPI Act POPIA SAP Data Security SAP GDPR SAP data privacy and compliance Data Archiving Data Sync Manager Data privacy regulations Right to be forgotten Data privacy compliance GDPR readiness GDPR deadline Personal data SAP SAP security SAP systems GRC for SAP SAP data privacy and security Access Risk management Access risk controls Data Privacy suite Data minimisation Data security breaches Governance, Risk Management and Compliance (GRC) compliance COVID-19 Data privacy by design Risk monitoring SAP data copying and masking SAR Soterion Subject Access Request anonymised data Australian Privacy Act 1988 CCPA Cenoti Client Sync Data Protection Day Data masking EPI-USE Labs’ solutions European operations Federal Law GDPR fine Guest order ICO May 2018 Object Sync One-time customer Privacy by Design Reducing risk Right to Erasure Risk minimisation S/4HANA Migrations SAP S/4HANA SAP data SAP data privacy & security Secure scrambled production data for testing Test Data Management security breach Backlog privacy debt Black Friday Black Friday hangover Black Friday sales Breach Notification Brexit Budget Canada data privacy legislation Cenoti, connecting SAP with Splunk Cloud migrations Confidentiality Consent DSM DSM Readiness Assessment Data Diclose Data Portability Data Removal Data Replication Data Sync Manager (DSM) Data integrity Data privacy assessment Data processor versus controller Data retention rules Documentation Employee data Europe Friday 25 May 2018 GDPR-type legislation GRC GRC for SAP tools General Data Protection HCM HR ILM Information Commissioner’s Office Information transfer Infotype 41 JSOX New Zealand Privacy Act News Online shopping Penalties Personal Data Protection Law (PDPL) Phantom Proportional Data Protect personal employee data Removing data in SAP Right to Access Rise with SAP Risk management S4HANA SAP Cloud SAP Data Privacy Suite SAP RISE SAP SuccessFactors SAP access risk simulations SAP data encryption SIEM SOX Sarbanes-Oxley (SOX) legislation Saudi Arabia Security Security Information and Event Management Security for SAP. Live Sensitive HCM data South African data privacy legislation Splunk Splunk UBA Splunk’s Enterprise Security Success Factors Territorial Scope UK Government User Access Review Virtual conference What does the European GDPR mean for Australia? ebook masking rules quality of test data system copy uk sox
+ See More

Get Instant Updates


Leave a Comment: