Resources - InfoGovANZ

Featured Articles Information Governance Cyber & Info Security Privacy Records Management

eDiscovery Data & Infonomics AI & Ethics COVID-19 IG Case Studies

Australians deserve tech that protects their rights

A new report by the Australian Human Rights Commission calls for far-reaching changes to ensure government, companies and others safeguard human rights in the design, development and use of new technologies like artificial intelligence (AI). The Human Rights and Technology Final Report makes 38 recommendations to ensure human rights are […]

Information Governance maturing, data breach, legal proceedings and investigations driving IG Projects: key findings from the 2021 IG Industry Report

To kick off Privacy Awareness Week (PAW) and Information Awareness Month (IAM2021), InfoGovANZ is delighted to release the 2021 IG Industry Report, revealing information governance trends particularly within the Australia and New Zealand region. This is InfoGovANZ’s third survey collecting the opinions of practitioners and industry participants charting the development of information governance over the past five years. The survey engaged 338 participants and highlights the status, priorities and challenges of information governance for organisations in 2021. The IG Report highlights that implementing and maintaining an IG framework is the most important priority for organisations for nearly half of industry professionals, with the three main enterprise-wide drivers of IG projects identified as external regulatory, compliance and or legal obligations(74%); good business management practices(68%); and internal technology restructuring or transition(50%). “While only one in five respondents indicated that COVID had been a driving factor for IG projects, there was a notable increase since our […]

Member only content (join now)

7 Information Governance Takeaways for 2021

As we put 2020 behind us and look forward to 2021, InfoGovANZ reflected in an interactive virtual discussion forum on the key IG learnings from the past 12 months and the insights and actions we now need to be taking to make the most of the opportunities and challenges on the road to recovery in 2021. We’ve seen the different ways governments have responded to the COVID-19 pandemic and the results in managing the pandemic. Similarly, organisations have had to adapt to the changes and, in particular, to faster digital transformation. Robust governance of organisations and of information has never been so important. Increased cyber risks and the importance of access to real-time and accurate data for decision-making, both at the board level and throughout the organisation, are now critical issues. Given the expected ongoing complex and uncertain operating environment in 2021, robust information governance is needed to provide […]

Member only content (join now)

Accountability & IG – Sonya Sherman

As we put 2020 behind us and look forward to 2021, we reflected in an interactive virtual discussion forum on the key IG learnings from the past 12 months and the insights and actions we now need to be taking to make the most of the opportunities and challenges on the road to recovery in 2021. We’ve seen the different ways governments have responded to the COVID-19 pandemic and the results in managing the pandemic. Similarly, organisations have had to adapt to the changes and, in particular, to faster digital transformation. Robust governance of organisations and of information has never been so important. Increased cyber risks and the importance of access to real-time and accurate data for decision-making, both at the board level and throughout the organisation, are now critical issues. Our expert panel included InfoGovANZ Advisory Board member, Sonya Sherman, with over 20 years’ experience is a highly regarded […]

Member only content (join now)

Collaboration & IG – Bryn Bowen

As we put 2020 behind us and look forward to 2021, we reflected in an interactive virtual discussion forum on the key IG learnings from the past 12 months and the insights and actions we now need to be taking to make the most of the opportunities and challenges on the road to recovery in 2021. We’ve seen the different ways governments have responded to the COVID-19 pandemic and the results in managing the pandemic. Similarly, organisations have had to adapt to the changes and, in particular, to faster digital transformation. Robust governance of organisations and of information has never been so important. Increased cyber risks and the importance of access to real-time and accurate data for decision-making, both at the board level and throughout the organisation, are now critical issues. Our expert panel included InfoGovANZ International Council member, Brynmor Bowen, Principal Consultant at Greenheart Consulting Partners, and a Board […]

Member only content (join now)

Trust & Information Insights – Sarah Auva’a

As we put 2020 behind us and look forward to 2021, we reflected in an interactive virtual discussion forum on the key IG learnings from the past 12 months and the insights and actions we now need to be taking to make the most of the opportunities and challenges on the road to recovery in 2021. We’ve seen the different ways governments have responded to the COVID-19 pandemic and the results in managing the pandemic. Similarly, organisations have had to adapt to the changes and, in particular, to faster digital transformation. Robust governance of organisations and of information has never been so important. Increased cyber risks and the importance of access to real-time and accurate data for decision-making, both at the board level and throughout the organisation, are now critical issues. In the world of data privacy, unfortunately trust and confidence in the way that organisations use data was already […]

Member only content (join now)

Privacy Developments in ANZ – Daimhin Warner

As we put 2020 behind us and look forward to 2021, we reflected in an interactive virtual discussion forum on the key IG learnings from the past 12 months and the insights and actions we now need to be taking to make the most of the opportunities and challenges on the road to recovery in 2021. We’ve seen the different ways governments have responded to the COVID-19 pandemic and the results in managing the pandemic. Similarly, organisations have had to adapt to the changes and, in particular, to faster digital transformation. Robust governance of organisations and of information has never been so important. Increased cyber risks and the importance of access to real-time and accurate data for decision-making, both at the board level and throughout the organisation, are now critical issues. Our expert panel included InfoGovANZ International Council member, Daimhin Warner, who is a Director of Simply Privacy, a NZ […]

Member only content (join now)

Hindsights and Insights Report – Information governance reflections on 2020 and insights for 2021

Member only content (join now)

Ethics & Implementing AI Responsibly – Aurelie Jacquet

As we put 2020 behind us and look forward to 2021, we reflected in an interactive virtual discussion forum on the key IG learnings from the past 12 months and the insights and actions we now need to be taking to make the most of the opportunities and challenges on the road to recovery in 2021. Our expert panel included InfoGovANZ International Council member Aurelie Jacquet, who works on leading global initiatives for the implementation of Responsible AI with both the International Standards Organisation (ISO) and the Institute of Electrical and Electronics Engineers (IEEE). With ISO, Aurelie is the chair of the Standards Australia committee representing Australia at the international standards on Artificial Intelligence. With the IEEE, she is an expert for the Ethics Certification Program for Autonomous and Intelligent Systems, and leads the work stream on Dignity and Agency as part of IEEE’ s Digital Inclusion, Identity, Trust, and […]

Member only content (join now)

Cybersecurity & IG Insights – Dr Peter Chapman

As we put 2020 behind us and look forward to 2021, we reflected in an interactive virtual discussion forum on the key IG learnings from the past 12 months and the insights and actions we now need to be taking to make the most of the opportunities and challenges on the road to recovery in 2021. We’ve seen the different ways governments have responded to the COVID-19 pandemic and the results in managing the pandemic. Similarly, organisations have had to adapt to the changes and, in particular, to faster digital transformation. Robust governance of organisations and of information has never been so important. Increased cyber risks and the importance of access to real-time and accurate data for decision-making, both at the board level and throughout the organisation, are now critical issues. Our expert panel included InfoGovANZ Advisory Board member Dr Peter Chapman who brings expertise in cybersecurity and Information Governance. […]

Member only content (join now)

Unlocking Data Value – Ronke Ekwensi

As we put 2020 behind us and look forward to 2021, we reflected in an interactive virtual discussion forum on the key IG learnings from the past 12 months and the insights and actions we now need to be taking to make the most of the opportunities and challenges on the road to recovery in 2021. We’ve seen the different ways governments have responded to the COVID-19 pandemic and the results in managing the pandemic. Similarly, organisations have had to adapt to the changes and, in particular, to faster digital transformation. Robust governance of organisations and of information has never been so important. Increased cyber risks and the importance of access to real-time and accurate data for decision-making, both at the board level and throughout the organisation, are now critical issues. Our expert panel included InfoGovANZ International Council member Ronke Ekwensi, who is Vice President of Data Management at Prudential. […]

Member only content (join now)

Building trust in the public record – Public Release schedule

The National Archives of Australia‘s new whole-of-government information management policy, Building Trust in the Public Record: managing information and data for government and community is now in force – https://bit.ly/3nfgGlV The new policy supports a holistic approach to information and asset management using information governance. The aim of the policy is to continue to improve information management capability within the Australian Government (Cth) to meet current and future needs for trusted, authentic and reliable records, information and data for government and community. Accompanying the policy release are new, updated and existing National Archives guides and supporting advice to help government agencies implement the policy and meet each of the 17 policy actions. Learn more about what is required here including reviewing and updating your information governance framework to incorporate enterprise-wide information management including governance of records, information and #data: https://bit.ly/3ndX5CC

Member only content (join now)

Building Trust in the Public Record Highlights

Information Governance ANZ was pleased to host an interactive forum with David Fricker, Director-General of the National Archives of Australia regarding the new policy Building Trust in the Public Record: managing information and data for government and community. This interactive session covered: · Key information management requirements for Australian Government agencies · Actions that agencies can take to build information management capability and address areas of low performance · Current and future needs for authentic and reliable information and dat a by government and community The importance of trust David outlined the role of the National Archives and its responsibilities under the Archives Act 1983. NAA identifies archival resources, preserves them and provides the government and community with access to those resources. The Archives also develops standards to help Commonwealth agencies manage data and information – ensuring the integrity and accessibility of these resources for as long as they are needed. The public […]

Member only content (join now)

Universities information governance in a time of COVID-19

Without a shadow of a doubt, 2020, will be remember for the impact of COVID-19, lockdowns, deaths and hospitals stretched to the limits. For Australia, the pandemic also followed the worst drought in a century and the worst bushfires in recorded history. This has had a profound impact on one of Australia’s largest exports, valued at over trillion dollars, education. Universities across Australia have been impacted in so many ways, which have pushed their systems to their limits. It has highlighted the importance of data and technology and the crucial importance of information governance. Issues In April 2020, I was interviewed by GRC Professional journal on the risks to universities (before COVID-19 had taken a grip, but once Chinese student visas were cancelled). I was asked “What are some the broad risks that universities face?” My reply was the current risk in Australian universities is, without doubt, the impact of […]

Member only content (join now)

AI Transparency in Digital Government

In celebration of International Access to Information Day and Right to Know Week in NSW 2020, we held an event on AI Transparency in Digital Government with NSW Information Commissioner Elizabeth Tydd, Victorian Information Commissioner Sven Bluemmel and Dr Jat Singh, Senior Research Fellow at the University of Cambridge. The discussion focused on the duty government agencies have to disclose algorithms used in providing services and making decisions about services and benefits to citizens. The Commissioners highlighted that robust procurement processes are essential where technology using algorithms are being procured by agencies. Commissioner Bluemmel said the bar needs to be set really high where the algorithmic decision-making involves people and their liberties and livelihood. Transparency is necessary to understand how the decisions are made in order to assert our rights. Dr Singh pointed out that transparency needs to be meaningful so that it allows us to be able to interrogate, scrutinize and challenge, and it requires organisations to give careful consideration […]

Member only content (join now)

NAA’s new policy: Building Trust in the Public Record

The National Archives of Australia (NAA) published in July 2020 the draft policy Building Trust in the Public Record: managing information and data for government and community. It was been released together with a list of supporting advice that exists, or will be developed or updated, to support the policy. InfoGovANZ submitted its feedback in response to the new policy, which is available here. The new policy will take effect from 1 January 2021 and will follow the current Digital Continuity 2020 policy (DC2020) which concludes at the end of this year. The policy seeks to improve information management capability within the Australian Government to meet current and future needs for authentic and reliable information and data by government and community.

Member only content (join now)

For Governance, Integration Matters

Effective corporate governance is not a one-size-fits-all approach, as recognised by regulators and self-regulatory organisations around the world. Principles propounded by local advisory and governing bodies provide guidance on how to effectively and transparently manage an organization and ensure it is meeting its obligations to all stakeholders. We will examine how corporate governance principles can be enhanced and improved by the explicit integration of information governance into companies’ corporate governance schema. Corporate Governance Corporate governance is, in its most general terms, how a business is controlled, governed, and operated. Principles of good corporate governance include fairness, accountability, responsibility, and transparency. A company’s system of governance is its framework of rules, relationships, controls, and processes. Company management and boards have myriad responsibilities. These range from planning for pandemics, natural disasters, and other major events that can affect a company’s basic ability to conduct business and disrupt operations; managing the company’s […]

Member only content (join now)

Information Governance Key to Good Corporate Governance

Information governance, data protection and security, privacy, cybersecurity and artificial intelligence (AI) have all become critical topics for boards and government bodies to consider. Historically, the issues tended to be dealt with under either ‘IT’ issues or records and information compliance issues. In recent years, the importance of cybersecurity, AI and data analytics together with changing privacy regulations have brought new governance challenges to the forefront of the minds of directors. Top issues for Directors There are common themes in the surveys of top issues confronting Boards of Directors, which have been carried out in recent years. These include the opportunities and challenges arising from technology innovation and disruption, the overriding concern of cybersecurity and data breach, which is highlighting the importance of information security, and regulatory compliance including changing privacy regulations. The Akin Gump Lawyers group in the USA report an annual “Top 10 topics for Directors” each year, […]

Member only content (join now)

COVID19 – Global Open Data Initiatives

The Open Government Partnership (OGP) has created a webpage collating government approaches responding to COVID-19. The open government community is focused on applying the principles of transparency, accountability and participation to the COVID-19 response. The webpage contains a crowd sourced list from a wide range of countries with a variety of initiatives, including: the release of theoretical models and data underpinning governments’ strategies; digital platforms and apps to keep citizens informed; and efforts tackling misinformation and disinformation online. The Open Government Partnership (OGP) is a multilateral initiative that aims to secure concrete commitments from national and local governments to promote open government, empower citizens, fight corruption, and harness new technologies to strengthen governance. Formed in 2011, its members now include governments from across 78 countries and thousands of civil society groups, representing more than 2 billion people worldwide. Open government strives to provide transparency and accountability to the public, […]

Member only content (join now)

Information and Data Governance Driving Interoperability

Achieving interconnected services, sharing and re-using information and data assets requires strategic planning and investment. The Data Interoperability Maturity Model (DIMM) is the latest advice from the National Archives of Australia for building interoperability under the Digital Continuity 2020 Policy. It highlights the importance of information and data governance to drive interoperability initiatives. The Director-General of the National Archives of Australia, David Fricker stated, ‘it is often said the data is the ‘oil’ of the 21st century, because in the future data will be the principal resource that drives our economy and our way of life. Just like oil, data has to be properly managed. It must discoverable, and of sufficient quality – pure, authentic and reliable – to drive the processes that rely on it. Unified information and data governance empowers an organisation to align its interoperability objectives while balancing associated risks.’ The DIMM’s downloadable assessment tool helps your […]

Member only content (join now)

Automated Speech Recognition

While Automated Speech Recognition (ASR) technology has been present in various forms for decades, advances in statistical modelling, artificial intelligence (AI) and automation connectively have resulted in a new frontier for speech-based interaction between humans and computer systems. In this article Dr Peter Chapman, Director in the KPMG Forensic Technology team and InfoGovANZ advisory board member, details some of the current applications of ASR technology and offers guidance on a number of emerging governance issues associated with these technologies. As a concept, computerised Automated Speech Recognition (ASR) has been around almost as long as the computer itself. However, only in the last decade have the capabilities of ASR technology reached the point where wide-scale commercial adoption is viable1. Natural human speech contains slang terms, dialect peculiarities, abbreviations and other “non-standardised” content. While humans are very adept at managing these issues, the enormous variability of human speech makes ASR a very […]

Member only content (join now)

Information Governance 2020

The Information Governance 2020 Roundtable took place on Monday, 18 November at the Governance Institute of Australia. The event covered highlights from the recent InfoGovANZ Survey Report, privacy developments and trends globally, the new ISO working group developing an Information Governance standard, and the new records management cloud-based system utilising machine learning at the Australian Human Rights Commission. There was a great turn out of members, sponsors and interested parties for a fantastic session covering a broad range of IG topics. Executive Director, Susan Bennett started the ball rolling with a summary of valuable insights from the most recent InfoGovANZ IG Survey Report, noting the trend towards improved Information Governance awareness and leadership recognition since our 2017 survey. Just over half of the organisations surveyed have an formal IG framework with clearly articulated policies and procedures. 90% of respondents expressed agreement with the definition of ‘information governance’ – although some […]

Member only content (join now)

Information Governance: optimising the lifeblood of organisations

Data and information are increasingly becoming the lifeblood of organisations. However the exponential amounts of data being collected by companies and government alike, together with the risks and costs of holding and securing this information, have created a new set of issues for those responsible for organisational governance. IG provides a unified strategic framework for the control, security, optimisation and effective use of information. It is an essential part of good corporate governance, assisting organisations to maximise the value of information while minimising risks and costs by providing a mechanism to align policies and processes, people and technologies across an organisation. The IG diagram below shows different areas and activities within an organisation responsible for the security, control, optimisation and risk management of data and information. There may be more or fewer areas according to the type and size of the organisation. The key to implementing an effective information governance […]

Member only content (join now)

Information Governance as a Key Enabler of Successful System Design

This is the first in a series of articles explaining how design information governance (IG) adds to the ontological and structural language that creates the ‘sensemaking’ framework for complex adaptive systems. In doing so, IG provides a foundational enterprise capability which enables adaptive behaviour and organizational resilience in the face of changes in the internal and external environment. Modern society is enabled by systems, some of them technology-centric like our road and rail networks, some human-centric like our system of parliamentary democracy, and some a more balanced mix like our health system. Successful systems are those that are effective in meeting the needs that they were designed (or emerged) to meet and are sustainable in the face of change. A key enabler of successful systems is appropriate design information. For example, the number and boundaries of electorates in our parliamentary democracy are periodically adjusted to ensure that the (design) […]

Member only content (join now)

Information & Data Trends & Challenges – IAM 2019

InfoGovANZ joined with National Archives and other professional organisations including RIMPA, IM, DAMA, Australian Society of Archivists, Australian Library and Information Association as part of Information Awareness Month. The event provided an opportunity for industry leaders to share perspectives on contemporary information and data management trends and challenges. The Many Voices, One Message booklet summarising the key themes and topics discussed at the workshop has just been published this week. Access the booklet

Member only content (join now)

Corporate governance in the digital economy: The critical importance of information governance

Information is critical to decision-making and plays an essential role across all three pillars of governance. The emerging driver of good information governance globally is compliance with regulatory obligations, particularly with the growth in global privacy laws. Effective information governance requires top-down board and senior executive leadership. Good corporate governance in the data driven and digital economy poses significant challenges for Boards and seniors executives. This article highlights the importance of information governance to ensure there is a unified strategy and framework to govern information effectively. Good information governance enables organisations to maximise the value of information as a business asset while minimising risks and costs, particularly those associated with data breach. Over the last 25 years there has a lot been written about corporate governance. There have been debates about the value it adds to an organisation and even the share price on the Australian Securities Exchange (ASX). […]

Member only content (join now)

Jason R Baron: The Need for Information Governance more than ever

Presidential tweets, Self-destructing messages and the use of Shadow IT as the ‘new normal’: The need for Information Governance more than ever – Jason R Baron Thanks to Gilbert+Tobin and Thomson Geer for hosting very successful and engaging events in Sydney and Melbourne with Jason R. Baron presenting ‘Presidential tweets, Self-destructing messages and the use of Shadow IT as the ‘new normal’: The need for Information Governance more than ever’. Jason’s keynote was followed by panel discussions facilitated by Susan Bennett, Co-founder InfoGovANZ – the Melbourne panel included Victorian Privacy and Data Protection Commissioner, Rachel Dixon and Paul Noonan, Technology Partner at Thomson Geer; and the Sydney panel included NSW Privacy Commissioner, Samantha Gavel and Simon Burns, Technology Partner at Gilbert + Tobin. Jason’s keynote, delivered in his distinctive and thoroughly entertaining style, addressed the rapidly changing information landscape and the impact it is having on individuals and organisations. His observations […]

Member only content (join now)

Trust & Information Insights – Sarah Auva’a

Cyber Risk Management and the Value of Cyber Insurance

The technology revolution has created unprecedented developments in the way that business is transacted, how information is obtained, how we communicate with each other and how data is sourced and stored. The reality of these developments has also lead to unparalleled increases in the ability of criminals to act in a digital environment rather than in the physical world and cyber crime has never been more financially rewarding. Cyber risk and cyber exposure exists for every business that uses technology and connects to any form of information systems and networks. Size of business, industry factors and reliance on technology for critical operations can increase cyber risk vulnerability, but no business is immune. Managers are faced with the challenge of protecting against cyber risk and implementing strategies and procedures to safeguard against the potential loss and damage suffered in a cyber event. Cyber risk management is a holistic approach to evaluating […]

Member only content (join now)

Cybersecurity & IG Insights – Dr Peter Chapman

OAIC Data Breach report: January – June 2020

The Office of the Australian Information Commissioner (OAIC) has released its Notifiable Data Breaches (NDB) Report for January to June 2020. Malicious or criminal attacks remain the leading cause of data breaches involving personal information in Australia. Commissioner Angelene Falk said, ‘this trend has significant implications for how organisations respond to suspected data breaches — particularly when systems may be inaccessible due to these attacks. It highlights the need for organisations to have a clear understanding of how and where personal information is stored on their network, and to consider additional measures such as network segmentation, robust access controls and encryption.’ In other findings: Health service providers continued to be the top reporting sector (115 notifications), followed by the finance and education sectors, and the insurance industry making the top 5 sectors for the first time. The number of notifications resulting from social engineering or impersonation has increased by 47%. Actions taken by […]

Member only content (join now)

Information Security Risk Management Practitioner Guide – OVIC

The Office of the Victorian Information Commissioner (OVIC) issues security guides to support the Victorian Protective Data Security Standards (VPDSS). This document provides organisations with guidance on security risk management fundamentals to enable them to undertake a Security Risk Profile Assessment (SRPA) as required under s89 of the Privacy and Data Protection Act 2014(PDP Act) and is designed to support practitioners and information security leads.

Member only content (join now)

Information Governance + COVID-19 Roundtable Report

To celebrate Information Awareness Month (IAM2020) and Privacy Awareness Week (PAW2020), we kicked off with an online panel discussion on the myriad of Information Governance issues arising from the COVID-19 pandemic. Our panellists included – Melanie Marks, Christopher Colwell, Sonya Sherman, Dr Peter Chapman, Matthew Golab and the discussion was facilitated by Susan Bennett. The importance of connectivity and of access to trusted information, the role of fit for purposes systems to capture records during a crisis and accountability for decisions made during the pandemic period were all highlighted. Discussion around the COVIDSafeApp emphasised that privacy by design and governance of data are key for user trust. A key focus of the discussion were increased information security and cybersecurity risks with the move to working from home. These include the risks of data leakage, data breach, shadow IT and cyber-crimes. In summary, the discussion emphasised that the myriad of information, records, […]

Member only content (join now)

Broken Trust – The Information Security Dangers of Insider Threats

The increasing awareness of external cyber-security threats has executives focused on how their organisation can be defended against the “enemy at the gates”. But are organisations just as much at risk from an “enemy within”? In this article Dr Peter Chapman, Director in the Ferrier Hodgson Forensic Technology and eDiscovery team and InfoGovANZ advisory board member, provides an opinion and case study on insider threat. The media provides us with constant reminders of the threat of cyber-criminals and other external attackers. Recent legislative and regulatory changes such as the European Union GDPR requirements and mandatory breach notification amendments to the Australian Privacy Act have only increased our awareness, specifically with regards to ensuring that personally identifiable information (PII) in the possession of the organisation is safeguarded. While PII data is undoubtedly a target of external attackers, and external threats must be guarded against, organisations may be overlooking significant insider […]

Member only content (join now)

Information Security & Information Governance – how they work together

Information (data) security, cybersecurity and IT security all usually refer to the protection of computer systems and information assets by suitable controls, such as policies, processes, procedures, organizational structures and software and hardware functions. The type and extent of controls depends on the scope and maturity of the business function (usually the Security Department) applying the controls, or, depends on the specialisation/focus of the team, such as Perimeter/Firewall or Identity Management. Each function tends to have a different perspective of information security, compared to other functions, due to their focused specialisation. A close parallel is the health profession. You see a GP doctor when unwell, and are referred to a specialist who knows much more than your GP about a particular field of expertise. I know that my GP would not want to perform open heart surgery at all. And equally, a heart specialist would not have up-to-date and practical […]

Member only content (join now)

Cyber Insurance: how it works and the benefits of Information Governance

As the number and size of cyber attacks on businesses continues to increase, the risk of experiencing a data breach is higher than ever. The resulting cost of these breaches can be significant – according to the Ponemon Institute’s 2017 Cost of Data Breach Study, these totalled $2.51 million per year across the organisations that were recruited for the research. As a result, an increasing number of organisations are choosing to invest in a cyber insurance policy, which allows them to claim cyber incident response expenses, regulatory fines, legal defence costs and business interruption losses. In other words, offset the cost of a potential data breach. This article outlines the benefits of cyber insurance and explains why, in today’s digital age, it is vital for organisations to invest in this class of insurance, in addition to understanding the information governance obligations that their insurance policy places on them. What […]

Member only content (join now)

Privacy Developments in ANZ – Daimhin Warner

APAC Privacy Law Update: Cross Border Transfers

With a range of new regulations, tools and projects underway, Information Governance ANZ were pleased to host a virtual forum with updates on the latest data privacy developments across the Asia Pacific region. This interactive session was facilitated by Susan Bennett, Founder of InfoGovANZ and our special guests included: NZ Privacy Commissioner – John Edwards Senior Research Fellow, Asian Business Law Institute – Dr Clarisse Girot Director, Simply Privacy – Daimhin Warner New Zealand’s Privacy Act 2020 comes into force on 1 December 2020 and introduces new limitations on cross-border transfers. Commissioner Edwards spoke about the new legislation and provided a brief history of the Act since 1993. It applies across the economy (both public and private sector organisations), is based on the 1980 OECD data protection principles and is technology-neutral. He noted the Act has remained largely unamended during the intervening decades. New Zealand received an ‘adequacy ruling’ by […]

Member only content (join now)

OAIC Data Breach report: January – June 2020

Protecting Privacy by Minimizing Data

Posted with permission from Active Navigation, originally published on June 1. Ten years ago, there was no such thing as too much data. Notions about data being the “new oil” prompted organizations to horde every byte they could, hoping that they might be able to harness it down the road. Combined with the notion that “storage is cheap,” this belief has led many companies to exponentially increased their risk rather than their opportunity. New data privacy regulations in Europe and the United States impose a significant burden of care on organizations regarding their data collection processes. In fact, data minimization is a fundamental principle within the European Union’s General Data Protection Regulation (GDPR). Whether governed by the GDPR or state privacy regulations like the California Consumer Privacy Act (CCPA), businesses must now limit the personal data they collect and dispose of it once it is no longer needed for a […]

Member only content (join now)

P3 Project Privacy Podcast from Active Navigation

Looking for a new podcast about data privacy? Active Navigation has exactly what you need – the P3: Project Privacy Podcast aims to help you understand the evolving data privacy landscape. Episodes include: The ROI of Proper Data Management; Records Management in Highly Regulated Industries; High Stakes Records Management; The NIST Privacy Framework; Open Data During Times of Crisis. You can listen to the podcast anytime on the Active Navigation website.

Member only content (join now)

Information Security Risk Management Practitioner Guide – OVIC

OAIC Privacy Assessment tool

OAIC launched a new Privacy Impact Assessment Tool (DOCX), which helps you conduct a PIA, report its findings and respond to recommendations. Accompanying the Guide to undertaking privacy impact assessments, entities are encouraged to take a flexible approach and adapt this tool to suit the size, complexity and risk level of their project.

Member only content (join now)

Data Privacy in APAC – comparative review on cross-border transfers

In June, ABLI published an important comparative study on the laws and regulations relating to personal data transfers in Asia. We are heartened to see this comparative study widely disseminated and used in all national and supra-national forums where data transfer issues are discussed. The write-up of that study was supported by a comparative table of the various provisions relating to these transfers in 14 APAC jurisdictions, which we have made freely available for the benefit of all. We are pleased to announce that this table was updated on 20 November to take into account multiple recent developments that took place in the legal systems of several of those jurisdictions, including the release for comments of the draft Personal Data Protection Law of China, the entry into force of the new Privacy Act of New Zealand, the amendments made to the Personal Information Protection Act and the Network Act of […]

Member only content (join now)

COVID19 – Data and Privacy

COVID-19 has brought to the forefront the importance of real-time accurate data for scientists to analyze and model and for government leaders to make decisions on. InfoGovANZ has complied a series of COVID-19 curated articles and resources, updated monthly. June 2020 OVIC has released new guidance on how the exemptions in the Freedom of Information Act should be applied. OVIC has updated the FOI and COVID19 FAQs for agencies – read them here – to include questions about the new COVID-19 regulations including: what to do if your agency is completely shut down; and how to verify an applicant’s identity. Australian Information and Privacy Commissioner (OAIC) has updated it’s FOI FAQ with the latest COVID-19 relevant questions including how to make an FOI complaint during the COVID-19 outbreak. May 2020 Australian and New Zealand Information Access Commissioners join with their international counterparts in their clear call for documentation, preservation and […]

Member only content (join now)

Australia and New Zealand’s COVID-19 Contact Tracing Apps – Differences in Approach on the Road to Recovery

While Australia and New Zealand were able to flatten the COVID-19 curve, the approaches of each country have somewhat differed, both in relation to the level of restrictions imposed on citizens, as well as the type of contact tracing technology deployed. Australia and New Zealand stand alongside Germany, South Korea and Singapore as examples of countries that followed the advice of their scientists and moved into lockdown in a timely way to limit the spread of the COVID-19 virus. Australia, similar to other countries, experienced a doubling of COVID-19 positive people every two days as it went into lockdown. The containment of the coronavirus in Australia and New Zealand is a result of a multipronged strategy that includes prompt lockdowns restricting movement and requiring social distancing; quarantining of international travellers for 14 days; and a high rate of testing and contact tracing. The governments of both countries have developed their […]

Member only content (join now)

COVID19 – Contact Tracing publications

There have been a variety of perspectives on the COVIDSafe app released on 26 April 2020 and the CovidSafe Act enacted on 14 May 2020. Professor Peter Leonard from UNSW Business School in ‘Novel coronavirus spawns novel law-making in Australia‘, looks at the consultative process that resulted in data governance and data accountability in the CovidSafe Act to ensure that the data collected would be safe from other arms of government for other purposes. Visting Professor Roger Clarke at UNSW Law has looked at early user-experiences of the app and questioned the ability of the app to achieve its aim – read his two articles here and here. In ‘The COVIDsafe APP: A Case Study in Professional Responsibility‘, Professor Clark sets out the role and onus of IT professionals to be realistic about the app’s limitations. Professor Greenleaf and Dr Kemp from UNSW Law, in ‘Austalia’s COVIDSafe Experiment, Phase III: […]

Member only content (join now)

COVID19 – NZ COVID Tracer App

New Zealand’s Ministry of Health launched the NZ COVID Tracer app on 20 May 2020, in a move welcomed in a statement by the NZ Privacy Commissioner. You can read the privacy impact assessment here. Living in a world with COVID-19 means greater requirements to register your presence wherever you go. But what does that mean for your privacy? NZ Privacy Commissioner John Edwards speaks about good policy when it comes to protecting people’s privacy in any technical solution to contact tracing in this interview.

Member only content (join now)

Privacy Awareness Week 2020

InfoGovANZ was a proud supporter of Privacy Awareness Week again this year. The theme was a timely and important reminder for all to Reboot your Privacy. There were a variety of events and activities across Australia as well as some important publications: The Australian and New Zealand Privacy Commissioners & IDCare’s Managing Director discussed the importance of in Privacy in a Pandemic in a webinar which you can download and watch here. Read the Reboot your Privacy Guide and protect your personal information online. Keep up to date with the latest COVID-19 (coronavirus) scams. What to do if you receive a data breach notification, and how to reduce your risk of harm.

Member only content (join now)

IAM2020 – Critical role of Information in our changing environment

IAM2020 was launched by Director-General of the National Archives of Australia, David Fricker with an engaging panel discussion with Information Commission NSW – Elizabeth Tydd, digital media expert on the role of information and impact of misinformation Dr Timothy Graham, and Kathryn Dan, Blue Shield Australia. The critical roles of data, access to information and the challenges of misinformation were highlighted in the current COVID-19 pandemic as well as the recent Australian bushfires. You can access the recording of the session here: IAM2020 Launch High Res Recording | IAM2020 Launch Low Res Recording

Member only content (join now)

Information Governance + COVID-19 Roundtable Report

Privacy Awareness Week 2020: 4th-10th May

As we shift even more of our day-to-day activity online during the COVID-19 pandemic, Privacy Awareness Week is an important reminder to Reboot your privacy. Check and update your privacy controls Consider the alternative when giving or asking for personal information Delete any data from old devices and securely destroy or deidentify personal information if it’s no longer needed for a legal purpose. Explore the PAW website to find out more on how to join in the conversation to promote privacy awareness, and sign up as a supporter.

Member only content (join now)

Australia Considers How to Approach Pandemic Contacts Tracing

COVID-19 has brought to the forefront the importance of real-time accurate data for scientists to analyse and model and for government leaders to make decisions on. A number of articles have highlighted the importance of data and privacy, including Australia Considers How to Approach Pandemic Contacts Tracing by Jeremy Kirk, Executive Editor for Security and Technology, Information Security Media Group.

Member only content (join now)

Video Conferencing – Privacy Policy Checks

Stay at home requirements during COVID-19 have led to a dramatic increase in video conferencing for both work and maintaining social connections with family and friends. The adoption of video conferencing tools over the last weeks has been impressive but it calls into question whether are most users aware of the data and privacy implications of using these tools. NYOB, an EU based not-for-profit with the mission of making privacy a reality, has carried out a review of the privacy policies of six video conferencing tools: Zoom, Webex Meetings (Cisco), Meeting (LogMeIn), Skype and Teams (both Microsoft) and Wire. Report on privacy policies of video conferencing services – 2020- NYOB

Member only content (join now)

COVID19 – EU, US & International Resources

Below is a collection of useful privacy and data protection resources from the EU, US and globally. Data Protection Authorities guidance on COVID-19 published by Data Protection Authorities (DPAs) collated by International Association of Privacy Professionals. These provide information and frequently asked questions on data processing and COVID-19 across a range of countries. Resources page on crucial privacy and data protection law issues arising from COVID-19 covering the EU & globally by Law, Science, Technology & Society of the Vrije Universiteit Brussel. The Initiative is of direct interest for LSTS researchers, most notably in the context of the Brussels Privacy Hub (BPH) work on data protection in humanitarian action as well as the work of ALTEP-DP project. US Privacy and Data Protection Resources related to COVID-19, together with other international resources has been compiled by the Future of Privacy Forum.

Member only content (join now)

COVID19 – Global Open Data Initiatives

Integrated information governance: InfoSec and RM working together for safer sharing

This article aims to generate discussion about strategies to improve information security – in particular to support people in appropriately handling sensitive information (recognising the human factor as one of the main weaknesses in security programs); leveraging existing systems and frameworks to enhance interoperability; and encouraging knowledge sharing between IG professionals across different domains. Please share your thoughts in the comments section below. SUMMARY Both national security and crisis management require highly sensitive information to be securely shared between applications, individuals, organisations and jurisdictions. Vulnerabilities could leave agencies exposed to greater risks during a period with a high threat of espionage. Automation can support people sharing sensitive documents, to reduce manual handling and human error. This could be achieved by enhancing existing capabilities and standards, drawing on frameworks from both information security and records management. Geopolitics and COVID-19 bring renewed focus to cybersecurity Cybersecurity is a priority for all organisations, […]

Member only content (join now)

Building trust in the public record – Public Release schedule

Building Trust in the Public Record Highlights

AI Transparency in Digital Government

NAA’s new policy: Building Trust in the Public Record

Is Your Data Estate an Unstructured Mess? How a Spring-Cleaning Project Can Reduce Your Organization’s Risk

Posted with permission from Active Navigation, originally published on June 10. In this special guest feature, Dean Gonsowski, Chief Revenue Officer at Active Navigation, InfoGovANZ’s Foundation Sponsor, focuses on what steps a company needs to follow to review, understand and clean-up their data to eliminate security risks. As a former litigator/GC/AGC, Dean has a proven track record of accelerating the rapid development of high growth, venture backed software companies (such as Relativity/kCura, Clearwell/Veritas, Recommind/Opentext).  He is a seasoned professional with the ability to build/manage teams, run P&Ls in executive leadership roles including Sales, Strategy, Business Development, Marketing and Professional Services. Dean has a JD from the University of San Diego School of Law and a BS from the University of California, Santa Barbara.   The volume and variety of data created in the past decade doesn’t show signs of slowing down – nor does the pace of hacking attempts. Unstructured data, also […]

Member only content (join now)

Release of the Palace Letters – National Archives of Australia

After 37 years we can view the correspondence between the Governer-General and the Palace in the lead up to the dismissal of the Whitlam Government. Watch National Archives of Australia Director-General David Fricker on the release of the Palace Letters – all 1,200 pages, here: https://bit.ly/300Kb0U Congratulations to Professor Jenny Hocking on the historic High Court win enabling the National Archives of Australia to release the records. The Palace Letters are now available to download as PDFs on the National Archives of Australia website.

Member only content (join now)

Digital Records and the GIPA Act – IPC NSW

The Information and Privacy Commissioner NSW has developed a fact sheet to provide guidance about the definition of record, in particular digital records under the GIPA Act and what it means for agencies. The fact sheet also outlines the importance of agencies maintaining good digital recordkeeping practices to ensure it is able to comply with its legislative obligations.

Member only content (join now)

IAM2020 – Critical role of Information in our changing environment

Information Governance + COVID-19 Roundtable Report

FOI and Building Trust

The theme of Building Trust was the focus of the FOI in WA conference recently. Trust was explored in two ways. Firstly, considering how Freedom of Information (FOI) can build public trust in government; and secondly, advice and inspiration to help practitioners trust themselves and the FOI process to meet the objects of the FOI Act (WA): to enable the public to participate more effectively in governing the State’ and to make the persons and bodies that are responsible for State and local government more accountable to the public. Emeritus Professor Geoff Gallop AC gave the keynote presentation. He discussed the role of openness as a foundation for democracy. This is based on the view that information held by government is a public resource which should be used for public benefit; and that the community has a right to be informed about government operations. FOI and information governance FOI is […]

Member only content (join now)

RIMPA Live Convention 2019

RIMPA Live 2019 was held at the Marvel Stadium in Melbourne, marking 50 years of RIMPA and its 35th Annual Conference. It was a conference filled with a keynotes, plenary sessions and roundtables over the three days of the conference. There were several keynotes including CTO and entrepreneur Gus Balbontin, Richard Foy, New Zealand’s Chief Archivist, information thought-leader Randy Kuhn Esq from the US and Kevin Sheedy AO, AFL Legend. The conference kicked off with David Moldrich Life FRIM outlining the history of the Australian recordkeeping profession and some of the key moments in the professions’ history such as the establishment of the Records Management Association of Australia (RMAA now RIMPA) and the development and implementation computer-aided records management systems and their successors the Electronic Document and Records Management System or EDRMS. David highlighted the contribution of the Australian recordkeeping profession to the state of recordkeeping around the world mainly […]

Member only content (join now)

Recordkeeping in Information Governance

Information Governance is by its very nature interdisciplinary. Of course it needs leaders, but great information governance leaders are those that enable a multi-disciplinary team approach to thrive. This is best done by allowing the distinct approaches to information brought by members of the team to exist in both cooperation and creative dissent. The organisational context and information culture determines exactly which skills are brought into the collective mix of information governance, but typically it includes compliance, risk, privacy, risk, security, recordkeeping, data management and analytics (and more in the American context, e-discovery). Each of these focus areas bring specific approaches to their patch of information governance – the trick is to get each to play to their strengths without drowning out or diminishing the important roles of others. Playing nicely across information disciplines is not a given, and fostering that capability is the skill of the information governance leader. […]

Member only content (join now)

LawFest 21: collaborating and networking in person again

In late March, 280 legal professionals from across Aotearoa gathered in person in Auckland for the premier legal innovation and technology event on the New Zealand calendar. Like so many events globally, LawFest had considerable disruption and challenges from the COVID-19 pandemic to run the event in person. However, in Aotearoa we have been fortunate to be able to bring together again the legal and technology community to celebrate, collaborate, network and learn about legal innovation – and all in person. The last year has reinforced why we need to innovate and leverage technology – LawFest 21 demonstrated how we can go about this! The event was once again a must for anyone interested in driving efficiency in their organisation. The key highlights The one-day event was a great opportunity to hear from leaders and change makers in the innovation space. The programme provided something for everyone, from those […]

Member only content (join now)

The Data Explosion & IG, Reducing eDiscovery Costs – Richard Kessler

As we put 2020 behind us and look forward to 2021, we reflected in an interactive virtual discussion forum on the key IG learnings from the past 12 months and the insights and actions we now need to be taking to make the most of the opportunities and challenges on the road to recovery in 2021. We’ve seen the different ways governments have responded to the COVID-19 pandemic and the results in managing the pandemic. Similarly, organisations have had to adapt to the changes and, in particular, to faster digital transformation. Robust governance of organisations and of information has never been so important. Increased cyber risks and the importance of access to real-time and accurate data for decision-making, both at the board level and throughout the organisation, are now critical issues. Our expert panel included InfoGovANZ Intenational Council member Richard P. Kessler, who is a pioneer and thought leader connecting […]

Member only content (join now)

Adapting to Technology – Andrew King

As we put 2020 behind us and look forward to 2021, we reflected in an interactive virtual discussion forum on the key IG learnings from the past 12 months and the insights and actions we now need to be taking to make the most of the opportunities and challenges on the road to recovery in 2021. We’ve seen the different ways governments have responded to the COVID-19 pandemic and the results in managing the pandemic. Similarly, organisations have had to adapt to the changes and, in particular, to faster digital transformation. Robust governance of organisations and of information has never been so important. Increased cyber risks and the importance of access to real-time and accurate data for decision-making, both at the board level and throughout the organisation, are now critical issues. Our expert panel included InfoGovANZ Advisory Board member Andrew King, founder and Strategic Advisor of E-Discovery Consulting, where he […]

Member only content (join now)

Legalweek NYC 2020 – The Down Under Perspective

Legalweek 2020 brought together thousands of legal professionals to discuss business, regulatory, technology and talent drivers impacting the industry. The week featured workshop boot camps, conferences, networking events and hundreds of technology exhibitors on the tradeshow floor. There are three main conferences: Legaltech (the world’s longest running legal technology trade show), LegalCIO, and Legal Business Strategy. Around the main conferences there are many other events, a few of these are highlighted below. The following week The Sedona Conference’s International Working Group 6 annual program focusing on cross-border discovery and data privacy was held at the New York Law School. AI and Privacy This year’s Legalweek in New York City was dominated by the themes of AI, new and developing technologies and privacy. The impact of privacy regulations, particularly the GDPR and the California Consumer Privacy Act (CCPA) is driving up compliance costs and also the cost of discovery in legal […]

Member only content (join now)

Social Media Perils in Litigation – InfoGovANZ

In this InfoGovANZ event, the implications and dangers of the widespread use of social media and apps were highlighted in their evidential value in investigations and litigation. The importance of technical and forensic expertise in the discovery process was demonstrated by reference to particular cases and technology tools by Brett Webber, Principal, ConsilAD and Matthew Golab, Director of Legal Informatics and R&D at Gilbert + Tobin. Susan Bennett, Executive Director InfoGovANZ and Principal, Sibenco Legal & Advisory discussed the duties of technology competence and confidentiality, which extends to cybersecurity to protect client information and the implications of a recent High Court decision. As Michael Tieu, posted on LinkedIn following the event, ‘[i]t was truly astounding to see how important it is to be wary of who, what, when and where you post on social media. Once the genie is out of the bottle, it’s nearly impossible to put it back […]

Member only content (join now)

How eDiscovery is managing the challenge of what constitutes Personal Information

The terms Personal Information or Personal Data have been increasing in usage for a while, and with the recent focus on the European GDPR, and the Australian NDB (Notifiable Data Breaches). This article considers these definitions from the perspective of document production in litigation and regulatory investigations – the process of eDiscovery. In eDiscovery we are used to redacting sensitive information – most typically legally privileged or commercially sensitive information. However, prior to the commencement of the Royal Commission into the Financial Services Industry (FSRC) the volume of documents requiring redaction was fairly modest in most matters. This certainly changed with the FSRC, as all documents that are tendered at a public hearing are required to have contact information and customer names redacted. This has resulted in significant efforts in reviewing all documents that are going to be tendered to ensure that the documents have been adequately redacted. What […]

Member only content (join now)

AI and the Law – the future is here

Artificial intelligence (AI) is already making significant inroads to the practice of law and producing efficiencies and cost savings. This article looks at how AI is being utilised in different parts of legal practice and the transformation of legal practice that is already underway in the delivery of legal services from litigation through to contract management and Chatbots. Litigation & eDiscovery The production of documents has traditionally been a very expensive part of the litigation process. The development of eDiscovery software tools to identify, retrieve, process, filter and search provides significant costs savings in the litigation process. These cost savings are even more significant with latest software tools and right expertise are utilised. The latest developments in the eDiscovery industry include the use of AI technology. Early forms of AI were built into the globally dominant eDiscovery platforms. For the past 10 years these platforms enabled document clustering and concept […]

Member only content (join now)

The Governance of Things – eDiscovery in Australia and New Zealand

eDiscovery is the production of relevant documents that parties to litigation or an inquiry are required to produce to either a Court, Royal Commission, Commission of Inquiry or to a government regulator. The eDiscovery industry is a global industry reflecting the enormous growth in information and the specialised technology which has developed to meet that challenge. While eDiscovery is a specialist area of legal technology the challenge of document production extends well beyond in-house legal departments and requires the assistance of IT departments and records management. Download Now

Member only content (join now)

The Governance of Things – Increasing Acceptance of Technology Assisted Review

In December 2016, the Supreme Court of Victoria endorsed the use of Technology Assisted Review (TAR) in the eDiscovery process in the case of McConnell Dowell Constructors v Santam. This was the first time TAR had been approved for use in litigation in an Australian Court. The use of technologies like TAR assists parties in litigation to meet the requirements ‘of a just, efficient and cost-effective resolution of the dispute’ by reducing the time and cost involved in large scale document production during the discovery process. Download Now

Member only content (join now)

The Data Explosion & IG, Reducing eDiscovery Costs – Richard Kessler

Unlocking Data Value – Ronke Ekwensi

Exposure Draft of the Data Availability and Transparency Bill

The draft Data Availability and Transparency Bill aims to modernise and streamline the sharing of government data between agencies and with the private and research sectors. Under the legislation, data will be shared for three purposes: government services delivery, informing government policy and programs, and research and development. The Consultation Paper contains a simplified summary of the legislative package. Submissions made by a group of multidisciplinary practitioners and academics highlight privacy and governance concerns. These include the override of Australia Privacy Principle (APP) 6 and the inherent conflict of National Data Commissioner whose mandate is to encourage data sharing with the enforcement of the regulation. The submission recommends that governance and assurance be regulated the Australian Information and Privacy Commissioner. You can read the submission here.

Member only content (join now)

Automated Decision Making Transparency under GIPA Act

The increasing adoption of technology requires the preservation, assurance and assertion of information access rights. To achieve these outcomes, government licensing and contractual arrangements should ensure accessibility and ‘explainability’ in the provision of government services and decision making. The issue of algorithmic transparency of a government agency’s contractor is currently before the NSW Civil and Administrative Tribunal. The Agency provided some information to the Applicant but decided that other information is not held by the Agency as it is held by the Contractor and remains its intellectual property. The GIPA Act provides a right to access information held in a record of an NSW Government agency and that right may also apply to information held by contractors providing services to the public. The NSW IPC has published guidance for agencies under section 121 of the GIPA Act, including a template clause for agencies to include in contracts with third parties […]

Member only content (join now)

Protecting Privacy by Minimizing Data

Is Your Data Estate an Unstructured Mess? How a Spring-Cleaning Project Can Reduce Your Organization’s Risk

COVID19 – Data and Privacy

COVID19 – EU, US & International Resources

Privacy-Preserving Data Sharing Frameworks

This is the third in a series of papers and develops a practical solution providing a framework for privacy preserving data sharing, addressing technical challenges as well as data sharing issues more broadly. It builds on the 2018 ACS Report, Privacy in Data Sharing: A Guide for Business and Government, expanding the concept of a Personal Information Factor and introducing a Utility Factor with worked examples. Download the report here

Member only content (join now)

Infonomics – valuing information assets

Infonomics is the discipline of valuing Information Assets and it is based on the idea that information is an enterprise asset that should be counted and managed. This article explains why Infonomics is becoming increasingly important. Information Assets (data, information, published content and knowledge) are arguably an organisation’s most vital and strategic resource. Providing the right data to the right people at the right time is critical to every business activity, every business process and every business decision. Information Assets are the only ones that cannot be replaced if lost or destroyed. They are foundational to all high-profile business solutions and technology enablement: to analytics, artificial intelligence and machine learning; cyber-security; cloud computing; Blockchain and the Internet Of Things; and almost any form of innovation and disruption. Unlike other physical or even financial assets that can only be used once then are used-up, any Information Assets can be used […]

Member only content (join now)

Identity Conference 2019 – Identity as taonga: now and in the future

He taonga te tuakiri: āianei, haere ake nei New Zealand’s Identity Conference 2019 was the fourth in a series of conferences that began in 2008. The conference was held at the Museum of New Zealand Te Papa Tongarewa, Wellington, on 26 and 27 August 2019. The conference purpose or ‘big idea is to look at the identity-related problems of today and the solutions of tomorrow’. Carol Feurriegel recounts some of the highlights from the conference. “Identity is a complex and sensitive area. It reflects our sense of self and it is also at the heart of relationships between people and organisations. Our Identity is our taonga” to quote Professor Steve Warburton, in his keynote address as Chair of the Identity Conference 2019 on Monday 26thAugust. It is fitting that the premier event that takes a multi-disciplinary perspective on Identity is held at Te Papa Tongawera, Museum of New Zealand in Wellington. “Taonga” means ‘treasure’ in […]

Member only content (join now)

Data as a Strategic National Resource: The Importance of Governance and Data Protection

As we rapidly move toward a technology-driven, globally interconnected world, the exponential growth in data collected by business and government enables significant value to be derived from this resource. In December 2015, the Australian Government released its Australian Government Public Data Policy Statementas part of the National Innovation and Science Agenda, recognising data as ‘a strategic national resource that holds considerable value for growing the economy, improving service delivery and transforming policy outcomes’. While there is the potential to derive enormous value from data, there is a fundamental requirement that data be secured, meaning both government and business must protect citizens’ and consumers’ personal information. Key to achieving the benefits of data optimisation and mitigating the inherent risks is governance. Good governance enables organisations to control data by securing, protecting, managing and optimising the value of data. Supporting the Australian Government’s digital transformation is the Digital Continuity Policy 2020, which applies […]

Member only content (join now)

Putting People and their Data at the Centre – investing in the social wellbeing of Aotearoa

Jacinda Ardern’s announcement of her intention to deliver New Zealand’s first ‘Wellbeing Budget’ at the World Economic Forum in Davos in January caused headlines as the world’s youngest female head of state outlined an approach to economic measurement that put people’s needs at the centre of the government investment agenda. Ardern said “politics needed to be more altruistic and more long term” to address the deep-rooted inequalities in New Zealand’s current economic outlook and to address the challenges emerging from issues such as climate change and automation. World leaders and economic institutions have been watching the ‘little country at the bottom of the world’ with great interest, as they embark on this experiment that could change the way governments develop social strategy and assess the effectiveness of their social policies. For many years institutions like the OECD have been encouraging economies to look beyond just economic measures of success and […]

Member only content (join now)

Are You Prepared for a Data Breach Crisis?

Your company is entrusted with sensitive, personal data – that of your employees, customers, investors, and others. These individuals trust that you are protecting their privacy and managing that information to their expected standards. This trust is critical to the long-term success of your company. The question is: when a data breach happens, are you prepared? A data breach involving personal information can put affected individuals at risk of personal and economic harm and, consequently, severely damage an organisation’s reputation. This year, more than one million Australians had their private data lost or stolen in just ONE data breach, and 242 data breaches were reported in just a three-month period. It’s never been more important for senior business leaders to have experience in managing crisis situations and to understand what external factors will impact that crisis and how to be prepared to manage the risks in your business. But first, […]

Member only content (join now)

Privacy in Data Sharing: A Guide for Business and Government

This paper describes a framework for privacy-preserving data sharing, addressing technical challenges as well as some data sharing issues more broadly. The paper builds on the 2017 ACS paper, Data Sharing Frameworks 1, expanding the concept of a Personal Information Factor and introducing a Data Safety Factor with recommendations for threshold settings. Read the paper here

Member only content (join now)

Data Sharing Frameworks

Member only content (join now)

Australians deserve tech that protects their rights

New regulations for Artificial Intelligence in the EU

The European Commission has just announced a package of proposed regulations to make sure that AI systems used in the EU are safe, transparent, ethical, unbiased and under human control. They are categorised by risk with checks imposed on any ‘high-risk’ technology and also include a ban on most surveillance including live facial scanning, as well as AI systems to filter school, job or credit scoring. AI applications used in critical infrastructure migration and law enforcement would also be subject to strict safeguards. The proposed regulation is one of the broadest of its kind to be introduced by a Western government, and part of the EU’s expansion of its role as a global tech enforcer. Regulators could fine a company up to €30million or 6% of annual world-wide revenue for the most severe violations. Read more about the EU’s approach to AI in Excellence and trust in artificial intelligence | European Commission (europa.eu) and New rules for […]

Member only content (join now)

Ethics & Implementing AI Responsibly – Aurelie Jacquet

Using artificial intelligence to make decisions: Addressing the problem of algorithmic bias

This technical paper is a collaborative partnership between the Australian Human Rights Commission, Gradient Institute, Consumer Policy Research Centre, CHOICE and CSIRO’s Data61. We explore how the problem of algorithmic bias can arise in decision making that uses artificial intelligence (AI). This problem can produce unfair, and potentially unlawful, decisions. We demonstrate how the risk of algorithmic bias can be identified, and steps that can be taken to address or mitigate this problem. AI is increasingly used by government and businesses to make decisions that affect people’s rights, including in the provision of goods and services, as well as other important decision making such as recruitment, social security and policing. Where algorithmic bias arises in these decision-making processes, it can lead to error. Especially in high-stakes decision making, errors can cause real harm. The harm can be particularly serious if a person is unfairly disadvantaged on the basis of their […]

Member only content (join now)

AI Transparency in Digital Government Highlights

To celebrate Right to Know 2020, Information Governance ANZ were delighted to host a timely discussion on the right to access information and the use of algorithms in government decision-making. This interactive forum was facilitated by Susan Bennett, Founder of InfoGovANZ and our special guests included: NSW Information Commissioner – Elizabeth Tydd Victorian Information Commissioner – Sven Bluemmel Senior Research Fellow, University of Cambridge – Dr Jat Singh The increasing adoption of technology across society, including in government, requires the preservation, assurance and assertion of information access rights. The right of access to government information also extends to information held by contractors that provide services to the public on behalf of government. Applying and challenging these rights becomes more complex in the new world of automated decision-making. Legal frameworks, licensing and contracts must evolve to ensure information governance is applied to the design and use of algorithms, so that rights and […]

Member only content (join now)

Principles of Explainable AI

The US National Institute of Technology and Standards (NIST) has released a draft paper of 4 principles of explainable AI, which is one of several properties that characterise trust in AI systems. Other properties may include resiliency, reliability, bias and accountability. Usually, these terms are defined as a part or set of principles or pillars. This draft paper sets out there are 4 principles encompassing the core concepts of explainable AI as follows: Explanation: Systems deliver accompanying evidence or reason(s) for all outputs. Meaningful: Systems provide explanations that are understandable to individual users. Explanation Accuracy: The explanation correctly reflects the system’s process for generating the output. Knowledge Limits: The system only operates under conditions for which it was designed or when the system reaches a sufficient confidence in its output.

Member only content (join now)

AI Transparency in Digital Government

EU/US data transfers under Privacy Shield invalidated

On 16 July 2020, the European Court of Justice invalidated its previous Decision (2016/1250) and the EU-US Privacy Shield, which enabled certified companies to transfer personal data between the EU and the US. The case was brought by Max Schrems (the founder of NYOB) an Austrian resident, who had lodged a complaint with the Irish privacy regulator that the transfer of his Facebook data from Facebook’s servers in Ireland to the US did not provide sufficient protection against access by the US public authorities. The Court found that, based on the use and access by US public authorities and surveillance programmes, interfered with the fundamental right of persons whose data is transferred to the US. However, the Court also determined that the Commission Decision 2010/87 on standard contractual clauses for the transfer of personal data to processors established in third countries is valid. Read more Court of Justice of the […]

Member only content (join now)

EDPS Opinion on the EU Commission’s White Paper on AI – the European approach to excellence and trust

As a part of a wider package of strategic documents, the European Commission published a White Paper on “Artificial Intelligence: A European approach to excellence and trust”, which we brought you in our April newsletter and is available here. This Opinion presents the EDPS views on the White Paper as a whole, as well as on certain specific aspects, such as the proposed risk-based approach, the enforcement of AI regulation or the specific requirements for the remote biometric identification (including facial recognition). The EDPS recommendations in this opinion aim at clarifying and, where necessary, further developing the safeguards and controls with respect to protection of personal data. Read the EDPS Opinion here.

Member only content (join now)

The impact of the GDPR on Automated-Decision Making

Addressing the relation between the EU General Data Protection Regulation (GDPR) and artificial intelligence (AI) this report considers challenges and opportunities for individuals and society, and the ways in which risks can be countered and opportunities enabled through law and technology. The study led by Professor Sartor for the Future of Science and Technology (STOA), within the Secretariat of the European Parliament, discusses the tensions and proximities between AI and data protection principles, such as purpose limitation and data minimisation. The report makes a thorough analysis of automated decision-making, considering the extent to which it is admissible, the safeguard measures to be adopted, and whether data subjects have a right to individual explanations. The study then considers the extent to which the GDPR provides for a preventive risk-based approach, focused on data protection by design and by default. Read the report here.

Member only content (join now)

NZ – Algorithm Charter for Aotearoa New Zealand

On 29 July 2020, more than New Zealand 20 Government agencies signed the Aotearoa Algorithm Charter, committing to be transparent about when they use algorithms and how those algorithms operate. This makes New Zealand the first country to develop standards governing the use of algorithms by the public sector, after Statistics Minister James Shaw made his annoucements. The charter, which has already been signed by 21 ministries and agencies, requires signatories to be transparent about when they use algorithms and how those algorithms function. “Most New Zealanders recognise the important role algorithms play in supporting government decision-making and policy delivery, however they also want to know that these systems are being used safely and responsibly. The Charter will give people that confidence,” Shaw said. The Algorithm Charter for Aotearoa New Zealand is an evolving piece of work that needs to respond to emerging technologies and also be fit-for-purpose for government […]

Member only content (join now)

AI Standards: From Principles to Implementation

With the proliferation of AI principles worldwide1, industry is faced with a new challenge: how to implement these AI principles? Since 2017, the international committee responsible for the standardization of AI (SC 42) has been tackling this challenge: it is developing standards covering both technical and organisational specifications to enable responsible and trustworthy AI. Forty-four countries are currently involved in the work of SC 42, and Australia plays an active role in the development of the AI international standards, as it has formed standards committee IT-043 to be Australia’s voice at SC 42. When it comes to AI, it is essential to provide for interoperability and global governance, and this is why AI international standards have the buy in from key governments (such as China, the US and the EU). Australia has also identified AI standards as an important national priority. In March this year, Standards Australia released its Artificial […]

Member only content (join now)

UK – AI and its impact on Public Standards

On 10 February 2020, the UK’s Committee on Standards in Public Life published its report on AI and its impact on Public Standards to ensure that high standards of conduct are upheld as technologically assisted decision making is adopted more widely across the public sector. The report makes clears that on issues of transparency and data bias in particular, there is an urgent need for guidance and regulation. The report also emphasises that public bodies must comply with the law surrounding data-drive technology and implement clear, risk-based governance for their use of AI.

Member only content (join now)

US – Draft Guidance for AI regulation

On 7 January 2020 the White House’s Office of Science and Technology Policy (OSTP) released a draft Guidance for Regulation of AI for Federal Agencies to consider for the use of AI including: public trust, public participation, fairness, scientific integrity, risk assessment, benefits and costs, flexibility, fairness, transparency, safety and security, and interagency co-ordination. In contrast to the position taken by the Europeans, the US government position is that it does want AI to be highly regulated, with the OSTP draft Guidance stating, ‘Federal agencies must avoid regulatory or non-regulatory actions that needlessly hamper AI innovation and growth’. On 24 February 2020, the Department of Defense adopted 5 Principles for AI: Responsible, Equitable, Traceable, Reliable and Governable. Secretary Esper stated, ‘AI technology will change much about the battlefield of the future, but nothing will change America’s steadfast commitment to responsible and lawful behaviour’.

Member only content (join now)

Singapore City, Singapore - July 17, 2015: Marina Bay is a bay near Central Area in the southern part of Singapore, and lies to the east of the Downtown Core. The area surrounding the bay itself, also called Marina Bay

Singapore – Model AI Governance Framework

The Singaporean Privacy Data Protection Commission (PDPC) released the second edition of the Model AI Governance Framework in January 2020. The Guiding Principles includes that decisions made by AI should be explainable, transparent and fair and that AI systems should be human-centric. Along with the framework is a Compendium of Use Cases, demonstrating how local and international organisations, across different sectors and sizes, implemented or aligned their AI governance practices with all sections of the Model Framework. There is also an Implementation and Self-Assessment Guide for Organisations (ISAGO), which is a collaboration with the World Economic Forum’s Centre for the Fourth Industrial Revolution.

Member only content (join now)

Automated Speech Recognition

Closer to the Machine: Technical, social and legal aspects of AI

OVIC has collaborated with experts in AI including Professor Toby Walsh (UNSW and CSIRO’s Data61), Professor Richard Nock (Australian National University and CSIRO’s Data61), Dr Jake Goldenfein (Cornell Tech, Cornell University) and others to produce an e-book on AI. You can download the e-book Closer to the Machine from OVIC here

Member only content (join now)

NIST plan for AI Standards Development

NIST has released a plan for prioritising federal agency engagement in the development of standards for AI. The plan recommends the federal government bolster AI standards-related knowledge, leadership and coordination among agencies that develop or use AI; promote focused research on the trustworthiness of AI systems; support and expand public-private partnerships; and engage with international parties. Read more here

Member only content (join now)

50 Principles for Responsible AI

Roger has followed up the Guidelines with ‘Principles and Business Processes for Responsible AI’ with a view to protecting the organisation’s own interests and also those of its stakeholders and society as a whole. He presents a set of 50 Principles for Responsible AI, arising from a consolidation of proposals put forward by a diverse collection of 30 organisations. To apply those Principles, he recommends adapted forms of the established techniques of risk assessment and risk management. Read the article

Member only content (join now)

Principles and Business Processes for Responsible AI

The promise of data analytics brings with it considerable risks. Canberra-based consultant and researcher Roger Clarke recently published a set of Guidelines, whose purpose is to intercept ill-advised uses of data and analytical tools, prevent harm to important values, and assist organisations to extract the achievable benefits from data, rather than dreaming dangerous dreams. Read the article

Member only content (join now)

COVID19 – Data and Privacy

Australia and New Zealand’s COVID-19 Contact Tracing Apps – Differences in Approach on the Road to Recovery

COVID19 – Contact Tracing publications

COVID19 – NZ COVID Tracer App

Information Governance + COVID-19 Roundtable Report

Australia Considers How to Approach Pandemic Contacts Tracing

Video Conferencing – Privacy Policy Checks

COVID19 – EU, US & International Resources

COVID19 – ANZ Legislation Update

In Australia, COVID-19 was declared a ‘human biosecurity emergency’ under the Biosecurity Act 2015 (C’th) on 21 March 2020. Dominic Villa SC has set up a useful collection of Australian legal resources relating to the coronavirus pandemic. Collating together the various statutory instruments that have been enacted by the Commonwealth and State Governments to deal with COVID-19, such as the Public Health (COVID-19 Restrictions on Gathering and Movement) Order 2020 (NSW) and similar orders in other states. In New Zealand, COVID-19 Response (Urgent Measures) Legislation Act 2020 is an omnibus Act to put in place for the necessary arrangements in order to implement COVID-19 Alert Level 4, or where arrangements are essential to respond effectively to COVID-19. The Law Society has published a COVID-19 Information page for legal practitioners, listing relevant NZ resources.

Member only content (join now)

COVID19 – Global Open Data Initiatives

Ameritas Leverages Technology for Improved Information Governance

This latest case study from the Information Governance Initiative demonstrates how Ameritas, an insurer, began with a pilot project to tackle a clearly identified business problem which they addressed using data analysis, indexing, searching, tracking and reporting tools from Active Navigation. Read the article now

Roadmap to Reducing Your Biggest Information Risk

In this white paper, sponsored by IGANZ supporter Active Navigation, Russel Stalters, CEO of Clear Path Solutions, outlines a roadmap for reducing your organisation’s biggest information risk. Read the article

Making IG Real: Six Stories from the Front Lines of Information Governance Success

Over a typical business cycle, a large organisation produces staggering volumes of data. This will include essential records, valuable business intelligence, and knowledge uniquely relevant to the business. But frequently 50% or more of the content is utterly useless – it is dead weight, consuming storage capacity and obscuring the […]

Information Governance at Work: Pandora Media

With the help of the file analysis and governance experts, the Pandora GRC team discovered that at least 60% of its unstructured data had no value and there was no business or legal reason to continue to spend precious resources on protecting and storing it. So they took control, realising significant […]

Information Governance Case Study – Les Schwab

Looking at one organization’s experience with IG, can provide valuable lessons and practical insights that will help all IG professionals mature their IG programs. This case study details a common but complex IG problem: managing the relationships among key IG players. Read the article now

IGANZ Industry Report 2021

Member only content (join now)

IGANZ Industry Report 2019

Member only content (join now)

IGANZ Industry Report 2017

Member only content (join now)

Governance of Things - Keeping Our Members Up To Date

Each month we send to our members The Governance of Things newsletter with feature articles, latest news and developments, and upcoming events. You can explore past editions of the Governance of Things below.

Member only content (join now)

Featured Articles

Information Governance

Cyber & Info Security

Privacy

Records Management

eDiscovery

Data & Infonomics

AI & Ethics

COVID-19

IG Case Studies

IGANZ Industry Report 2021

IGANZ Industry Report 2019

IGANZ Industry Report 2017

Governance of Things - Keeping Our Members Up To Date

Footer