NSW introduces a mandatory data breach notification scheme
Last week, as part of Privacy Awareness Week, the NSW Privacy Commissioner announced a Mandatory Notification Data Breach scheme (MNDB scheme).
On Friday, the draft legislation to implement this was released for consultation. The MNDB scheme follows closely the Commonwealth Notifiable Data Breach (NDB) scheme, as has been informed by the experience of the NDB over the last two years, with both seeking to address breaches likely to result in serious harm. The MNDB will apply to all NSW government agencies and departments, local councils and some universities.
The amendments also extend the operation of the Privacy and Personal Information Protection Act 1998 to seven of the eight state-owned corporations in NSW.
NSW currently has a voluntary regime for notification and the MNDB scheme will provide individuals with certainty that they will receive timely notification if a breach is likely to cause serious harm.
The new legislation also gives the NSW Privacy Commissioner wide investigation and enforcement powers in relation to the MNDB scheme which will be monitored by the NSW Privacy Commissioner.
While the legislation is in the consultation phase, if passed it will commence 12 months later to allow parties sufficient time to prepare appropriate systems and processes to comply with the MNDB scheme's requirements.
The report of the NSW Auditor-General into the Service NSW data breach in 2020 made a number of recommendations on breach handling that many agencies would now be well advised to consider in relation to their own existing processes. You can listen to our discussion on this case study here.
In the media
Have your say on NSW privacy laws
NSW is set to become the first Australian state or
territory to introduce a mandatory notification of data breach
scheme to create new standards of accountability and transparency
to protect personal information (07 May 2021).
More...
The NSW Privacy Commissioner welcomes proposed Mandatory
Notification Data Breach scheme
The Privacy Commissioner, Samantha Gavel, welcomes the
decision by the NSW Government to introduce a Mandatory
Notification Data Breach scheme for NSW government agencies, which
includes government departments, public universities and local
councils (07 April 2021).
More...
Law Council calls for expanded oversight by IGIS and
PJCIS
The Law Council recommends that the PJCIS accept the
recommendation from the IIR in full regarding expanding the
oversight functions of the Inspector-General of Intelligence and
Security and the PJCIS to cover all 10 Commonwealth agencies which
collectively comprise the National Intelligence Community (06 May
2021).
More...
Australian government ban on overseas travel during
pandemic violates rights, Federal Court hears
The Commonwealth government's ban on citizens
travelling overseas infringes on the fundamental rights of
Australians, the Federal Court has heard. The Australian government
has used the Biosecurity Act to prevent citizens from travelling
overseas without an exemption (06 May 2021).
More...
No place for secret trials in Australia
The Human Rights Law Centre has called for new legal
safeguards to prevent secret trials following the case of Witness
J, an intelligence agent who was prosecuted and jailed in complete
secrecy (04 May 2021).
More...
IP Australia releases 110 years of data
IP Australia has released the latest edition of its
Intellectual Property Government Open Data
(IPGOD2021), a publicly available data set that
includes over 110 years of information on IP rights applications.
IP Australia's IPGOD2021 can be downloaded here (03 May
2021).
More...
Make privacy a priority this Privacy Awareness
Week
Privacy Awareness Week, is an important reminder for
organisations and individuals to protect personal information. This
year, the OAIC is calling on the Australian community to
'Make privacy a priority' in their professional and
personal lives (03 May 2021).
More...
Judicial impartiality consultation paper released
The ALRC has released a consultation paper for the review
of judicial impartiality, and is calling for submissions on its
questions and reform proposals. In Australia, judicial independence
and impartiality are seen as fundamental to the common law system
of adversarial trial, to the exercise of judicial power under the
Australian Constitution, and to upholding public confidence in the
administration of justice (30 April 2021).
More...
Expanded remand centre biggest in Australia
Australia's largest remand centre will now hold up to
1,540 inmates, following the official opening of the 440-bed
expansion in NSW by Minister for Counter Terrorism and Corrections
Anthony Roberts (30 April 2021).
More...
Commonwealth Ombudsman report into the AFP's use and
administration of telecommunications data powers
The Commonwealth Ombudsman, has released a report on his
investigation into the AFP's use and administration of
telecommunications data powers. The investigation was launched in
response to a disclosure the AFP made to the Ombudsman that it had
identified compliance issues affecting ACT Policing's handling
of requests for a certain type of telecommunications data
(LBS) (28 April 2021).
More...
Prosecution of Richard Boyle highlights urgent need for
whistleblower reform
The Human Rights Law Centre has criticised the
Commonwealth Director of Public Prosecutions' decision not to
drop the prosecution of whistleblower Richard Boyle, saying that
the ongoing saga shows the need to urgently overhaul
Australia's whistleblower protection laws (29 April 2021).
More...
In practice and courts
Law Council update
The Law Council produces a fortnightly newsletter which
highlights the Law Council's important activities and advocacy.
View the latest edition here.
AAT Bulletin
The AAT Bulletin is a weekly publication containing a list
of recent AAT decisions and information relating to appeals against
AAT decisions. Read issue no. 9/2021, 3 May 2021,
here.
OAIC: The importance of privacy by design in the sharing
of health data for domestic or international travel
requirements
The Global Privacy Assembly Executive Committee has
published a joint statement on the importance of privacy by design
in the sharing of health data for domestic or international travel
requirements during the COVID-19 pandemic. Read more
here.
OAIC consultations
National Health (Privacy) Rules 2018 review
The closing date for submissions is 4 June 2021. Click
here to read more.
Consultation on Data-Matching Program Guidelines
In May 2021, a public consultation process on the Data-Matching
Program (Assistance and Tax) Guidelines 1994 (the
Guidelines) started to ensure they are fit for purpose.
The current Guidelines sunset on 1 October 2021. The closing date
for comments is 19 May 2021. Learn more
here.
IC review direction for applicants
The closing date for comments is 12 May 2021. Read more
here.
OAIC: Our FOI disclosure log
The information described in our disclosure log has been
released by the OAIC under the Freedom of Information Act 1982.
Updated 12 April 2021. Click
here to read more.
CDPP launches new Partner Agency Portal
The CDPP has launched a new Partner Agency Portal, giving
investigators from partner agencies easy and timely access to
information. Learn more
here.
Regulator performance guide for consultation
The guide will empower regulators to demonstrate and
report on best practice performance that is in line with the
Government's expectations and supports investment and growth.
Submissions open until 21 May 2021. Read more
here.
ANAO consultations
Due to table: May 2021. Open for contribution:
Administration of the National Bushfire Recovery Agency. The
objective of this audit is to assess the effectiveness of the
National Bushfire Recovery Agency and its administration of the
National Bushfire Recovery Fund.
Due to table: May, 2021. Open for contribution:
Australian National University's Governance and Control
Frameworks. The objective of this audit is to examine the
effectiveness of the Australian National University's
governance and control frameworks.
Finance and Public Administration Legislation
Committee
Data
Availability and Transparency Bill 2020 [Provisions] and Data
Availability and Transparency (Consequential Amendments) Bill 2020
[Provisions]. Read the report
here.
Operation
and management of the Department of Parliamentary Services. On
22 February 2021, the reporting date was extended to 19 May
2021.
Legal and Constitutional Affairs Legislation
Committee
Judges'
Pensions Amendment (Pension Not Payable for Misconduct) Bill
2020. On 18 March 2021, the Senate granted an extension of time
for reporting until 20 May 2021.
NSW
Consultation: Privacy and Personal Information
Protection Amendment Bill 2021 [Draft]
If passed, this Bill will introduce a scheme that will
ensure greater openness and accountability in relation to the
handling of personal information held by NSW public sector
agencies. Public submissions can now be made until 18 June
here. Click
here to learn more.
Statutory Review of majority verdicts amendments
The NSW Department of Communities and Justice is reviewing
the operation of the amendments made to the Jury Act 1977 by the
Jury Amendment (Verdicts) Act 2006 to determine whether the policy
objectives of those amendments remain valid and whether the terms
of the amendments remain appropriate for securing those objectives.
Submissions close on 14 May 2021. Learn more
here.
Supreme Court (Criminal Appeal) Rules
2021
The
Supreme Court (Criminal Appeal) Rules 2021 provide for the
practice and procedure in the Court of Criminal Appeal, repeal the
Criminal Appeal Rules and commenced on 1 May 2021.
Court of Appeal: 2020 year in review
The document will provide a valuable resource for judges,
practitioners, litigants, academics and students, and that a
similar document will be published on an annual as well as
consolidated basis. The publication will be available on the Court
of Appeal website and can be accessed
here.
Artificial Intelligence (AI)
The NSW Government believes that the NSW Government can
use AI to benefit the community and is taking actions to ensure
that AI is used safely, ethically and effectively. We have an AI
Strategy that outlines our vision for the use of AI, and ensures
transparency, fairness and accountability. Have your say until 31
December 2021
here.
Review of Model Defamation Provisions
Attorneys General is seeking feedback on a discussion
paper for the stage two review of the Model Defamation Provisions.
Have your say by 19 May 2021
here.
NSW Law Society: Applications open for the Access to
Justice Innovation Fund
The $1 million fund from the State Government supports
innovative ideas to improve or enhance access to justice in NSW.
Grants of between $50,000 and $250,000 are available for low cost,
high impact projects that make a difference for those who need it
most. Applicants will be advised of the outcome of their
application by late May 2021. Find out more
here.
Extension of strata and community lands COVID-19
regulations
Regulations were published on 12 November 2020 which
extend the COVID-19 measures as previously provided for strata and
community lands to 13 May 2021. The measures include alternative
means of holding meetings and execution of documents by an owners
corporation or community association. See
Community Land Management Amendment (COVID-19) Regulation (No 2)
2020 and
Strata Schemes Management Amendment (COVID-19) Regulation (No 2)
2020.
Public inquiry into corruption allegation concerning
former RMS employees
The NSW ICAC held a public inquiry starting on Monday 10
May 2021 as part of an investigation it is conducting concerning
former Roads and Maritime Services employees Alexandre Dubois and
Craig Steyn (Operation Paragon). Click
here to read more.
ICAC: Prosecution briefs with the DPP and outcomes
The tables on this page each provide information on
prosecution briefs that are currently with the Director of Public
Prosecutions (DPP), and the outcomes of DPP advice
and prosecutions. Last updated 4 May 2021.
NCAT
03 May 2021 –
NCAT transitioning to increased face-to-face hearings.
Published – articles, papers, reports
Change the routine: Report on the independent review
into gymnastics in Australia (2021)
Australian Human Rights Commission: 03 May 2021. The
Commission has made five overarching key findings and 12
recommendations. The Review included a high-level review of
relevant corporate policies, protocols and governance structures at
all levels of the sport, on a range of relevant areas including,
sport governance and eating disorders. The final report is
available on
the Commission website. Read more
here.
Australian Federal Police's (AFP) use and
administration of telecommunications data powers 2010 to 2020
Commonwealth Ombudsman: 28 April 2021. The investigation
identified that many of the authorisations made by ACT Policing for
LBS were not properly authorised or reported to the Ombudsman or
the relevant Commonwealth Minister. The report makes eight
recommendations to assist the AFP in addressing these issues and
implementing processes to prevent recurrence of similar issues. The
report can be found
here.
Indigenous Business Australia's business support and
investment activities
ANAO Report No 36: 07 May 2021. The objective of this
audit was to assess the effectiveness and efficiency of Indigenous
Business Australia's management of its business support and
investment activities. Read more
here.
Implementation of the Great Barrier Reef Foundation
partnership
ANAO Report No 35: 05 May 2021. The objective of the audit
was to examine whether the design and early delivery of the
Australian Government's $443.3 million partnership with the
Great Barrier Reef Foundation has been effective. Read more
here.
PGPA newsletter 67
Published 06 May 2021. Changes to the flipchart –
digital first approach – digital annual reporting tool
– technical accounting policy and guidance update – RMG
116 and 125 – review of the Commonwealth Risk Management
Policy. Comcover education – launch of consultation for
regulation performance guide. Click
here to find out more.
Cases
KPTT v Commissioner of Taxation
[2021] FCA 464
PRACTICE AND PROCEDURE – whether identity of
applicant should be suppressed – Court's power to make
suppression and non-publication orders – whether suppression
orders necessary to prevent prejudice to the proper administration
of justice.
Administrative Appeals Tribunal Act 1975 (Cth) –
Administrative Decisions (Judicial Review) Act 1977 (Cth) –
Federal Court of Australia Act 1976 (Cth) – Judiciary Act
1903 (Cth).
Dring v Telstra Corporation Ltd
[2021] FCAFC 50
COMPENSATION – claimant falls on wet floor –
whether injury arising in course of employment – injury
suffered during period of stay at hotel – place at which
injury occurred – injury not connected to employment.
ADMINISTRATIVE LAW – appeal from Administrative Appeals
Tribunal – question of law.
Administrative Appeals Tribunal Act 1975 (Cth) s 44 – Safety,
Rehabilitation and Compensation Act 1988 (Cth) ss 5A, 14 –
Workers Compensation Act 1987 (NSW) s 4.
SDCV v Director-General of Security
[2021] FCAFC 51
CONSTITUTIONAL LAW – judicial power of the
Commonwealth – challenge to the constitutional validity of s
46(2) of the Administrative Appeals Tribunal Act 1975 (Cth) (AAT
Act) – whether s 46(2) of the AAT Act requires the Court to
act in a manner that is procedurally unfair – where the
applicant appeals on a question of law – where s 46(2) of the
AAT Act is to be read in the context of the legislative regime as a
whole – whether a practical injustice results – held: s
46(2) of the AAT Act is valid.
ADMINISTRATIVE LAW – appeal from a decision of the
Administrative Appeals Tribunal to affirm an adverse security
assessment (ASA) – where ASA determined that
the applicant supported politically motivated violence and the
Islamic State of Iraq and the Levant – where ASA determined
that the applicant employed communications security tradecraft
practices while engaging with individuals of security concern
– where both open and closed evidence, submissions and
reasons furnished which the applicant was prohibited from knowing
or considering – held: the Tribunal did not apply an
incorrect construction of phrase "directly or indirectly a
risk to security" within the meaning of s 4 of the Australian
Security Intelligence Organisation Act 1979 (Cth) –
obligation to give reasons under s 43(2) of the AAT Act still
applied where a direction under s 43AAA(5) of the AAT Act was in
force but could not be read to require closed reasons to be
produced – the Tribunal did not err by way of failure to make
findings in concluding that the open evidence alone could not lead
to a conclusion on whether the ASA was justified and in not making
any positive findings on that evidence – there was no denial
of procedural fairness by way of a failure to give the applicant
sufficient information to make meaningful submissions as the
applicant was able to answer the proposition put to him –
there was no denial of procedural fairness having regard to the
legislative context – it was open to the Tribunal to reach
the decision based on the open and closed evidence –
application dismissed.
Cambridge; Chief Executive Officer, Services Australia and
(Freedom of information) [2021] AATA
1142
FREEDOM OF INFORMATION – whether practical refusal
reason exists – majority of documents that are the subject of
the request already provided under administrative access
arrangements – processing the FOI request would substantially
divert resources of Services Australia from its other operations
– diversion of resources for 88.5 hours to provide documents
that have already been provided is unreasonable – reviewable
decision set aside and substituted.
'XB' and Cancer Australia (Freedom of
information) [2021] AICmr
15
FREEDOM OF INFORMATION – amendment and annotation of
personal records – whether the records are incorrect –
whether the records should be amended – (CTH) Freedom of
Information Act 1982, ss 48, 50, 51, 51A and 55D.
Burnett (on behalf of Burnett) v Secretary, Department
of Communities and Justice [2021] NSWCATAD
114
ADMINISTRATIVE LAW – freedom of information –
access to information – ground for refusing access –
Government Information (Public Access) Act 2009 (NSW), items 1(g),
1(h), 4(c) and 4(d) of table to section 14 – public interest
considerations against disclosure – unable to establish
nominated effects reasonably expected to occur – confidential
and copyright materials.
Kids Belong Family Daycare Pty Ltd v Department of
Education [2021] NSWCATAD
112
ADMINISTRATIVE LAW – education and care services
– cancellation of the applicant's provider approval on
the ground of: (a) the applicant having breached a condition of its
provider approval and (b) the continued provision of education and
care services of the applicant would constitute an unacceptable
risk to the safety of any child or class of children being educated
and cared for by the approved education and care service of the
applicant – whether in the circumstances it was more
appropriate to suspend the applicant's provider approval.
Early Childhood Education Australia Pty Ltd v
Secretary, Department of Education [2021]
NSWCATAD 28
ADMINISTRATIVE LAW – education and care services
national law – review of decision to cancel provider approval
– fit and proper person – breach of approval condition
– alternative measures available to the decision maker
– new approval conditions imposed.
Bettington v Commissioner of Police
[2021] NSWCATAP 110
APPEAL – where party has appealed from interlocutory
decisions of the Tribunal relating to non-disclosure,
non-publication and exclusion of a party and their legal
representative from confidential hearing – whether leave
should be granted to appeal from interlocutory decisions.
STATUTORY INTERPRETATION – meaning of s 49 and s 64 of the
Civil and Administrative Tribunal Act 2013 and s 59 of the
Administrative Decisions Review Act 1997.
Commissioner of the Australian Federal Police v
Ortmann [2021] NSWSC
451
PRIVATE INTERNATIONAL LAW – application for
registration of foreign forfeiture order made in the US –
whether registration would be contrary to the interests of justice
within the meaning of s 34A of the Mutual Assistance in Criminal
Matters Act 1987 (Cth).
Elias v Commissioner for Fair Trading
[2021] NSWCATAD 111
ADMINISTRATIVE REVIEW – home building –
application for contractor licence – qualification and
experience requirements set out in an instrument issued by the
respondent – whether the applicant meets the terms of the
instrument, read as a policy – whether the Tribunal is
satisfied that the applicant has the requisite experience to be a
builder – whether supervised in the doing of the work –
remuneration requirement.
McEwan v Port Stephens Council
[2021] NSWCATAD 110
ADMINISTRATIVE REVIEW – government information
(public access) – scope of access application –
secondary employment register – pecuniary interests register
– public interest considerations in favour of disclosure
– public interest considerations against disclosure –
open access information – personal information –
secrecy provisions.
DVT v Commissioner of Police
[2021] NSWCATAD 108
ADMINISTRATIVE LAW – privacy – request for
access to personal information under s14 PPIP Act/IPP 7 –
what constitutes excessive delay in the circumstances –
inability to unilaterally withdraw an undertaking.
Yelda v Sydney Water Corporation; Yelda v Vitality
Works Australia Pty Ltd [2021] NSWCATAD
107
HUMAN RIGHTS – anti-discrimination – damages
arising out of found sexual harassment claim – appropriate
award of damages for hurt feelings, psychological injury and past
economic loss.
Day v SAS Trustee Corporation
[2021] NSWCA 71
ADMINISTRATIVE LAW – constructive failure to
exercise jurisdiction – where appellant alleges primary judge
failed to address "substantial, clearly articulated"
arguments – whether arguments based on "established
facts" – whether primary judge's approach raised
those arguments for separate determination.
EMPLOYMENT AND INDUSTRIAL LAW – public sector – police
– Police Regulation (Superannuation) Act 1906 (NSW), s 10B(2)
– where primary judge found appellant incapacitated by
transient condition for short period at time of resignation from
police force – whether it follows that appellant incapable
from infirmity of body or mind of exercising the functions of a
police officer at that time – meaning of
"infirmity" in Police Regulation (Superannuation)
Act.
Freeman v Sydney Local Health District
[2021] NSWSC 423
ADMINISTRATIVE LAW – judicial review – review
committee under Health Services Act 1997 (NSW) determined no
jurisdiction – jurisdictional error – also error of law
on the face of the record – failure to exercise duty and
jurisdiction – statutory construction – meaning of
"re-appoint" – whether "position" was of
the same kind.
STATUTORY INTERPRETATION – Health Services Act 1997 (NSW)
– plain and grammatical meaning – legislative intention
– use of second reading speech – appeal against
decision "not to re-appoint" – whether the
subsequent position was "of the same kind" –
whether re-appointment.
Black v Hunter New England Local Health
District [2021] NSWCATAP
105
GOVERNMENT INFORMATION – refusal by agency to deal
with application – sec 60(1)(b) Government Information
(Public Access) Act 2009 – same information previously
requested and refused – Tribunal held no reasonable belief
that a different decision would be made – no question of law
on appeal – leave to appeal refused.
Legislation
Commonwealth
Regulations
Public
Governance, Performance and Accountability Amendment (National
Recovery and Resilience Agency Rules
2021
05 May 2021 – this instrument amends the Public
Governance, Performance and Accountability Rule 2014 to rename the
National Drought and North Queensland Flood Response and Recovery
Agency and to amend and expand the purposes of the listed
entity.
Biosecurity
(Human Biosecurity Emergency) (Human Coronavirus with Pandemic
Potential) (Emergency Requirements – High Risk Country Travel
Pause) Determination 2021
01 May 2021 – this instrument requires passengers on
a relevant international flight not to enter Australian territory
at a landing place if the person has been in India within 14 days
of the day the flight was scheduled to commence.
NSW
Proclamations commencing Acts
Justice Legislation Amendment Act (No 2) 2019 No 20
(2021–195) – published LW 30 April 2021.
Regulations and other miscellaneous instruments
Coal Mine Subsidence Compensation Amendment (Contributions)
Regulation 2021 (2021–210) – published LW 7 May
2021.
Coroners Regulation 2021 (2021– 211) – published LW
7 May 2021.
Uniform Civil Procedure (Amendment No 95) Rule 2021
(2021–212) – published LW 7 May 2021.
Supreme Court (Criminal Appeal) Rules 2021 (2021–194)
– published LW 27 April 2021.
Bills introduced – Government – 7 May
2021
Payroll Tax Amendment (Jobs Plus) Bill 2021
Statute Law (Miscellaneous Provisions) Bill 2021
Tax Administration Amendment (Combating Wage Theft) Bill
2021
This publication does not deal with every important topic or change in law and is not intended to be relied upon as a substitute for legal or other advice that may be relevant to the reader's specific circumstances. If you have found this publication of interest and would like to know more or wish to obtain legal advice relevant to your circumstances please contact one of the named individuals listed.