Australian Attorney-General Christian Porter has announced appointing Angelene Falk as the nation's information commissioner and privacy commissioner for the next three years. Falk has been serving as interim commissioner since March, after stepping into it from her deputy role following former Information Commissioner and Privacy Commissioner Timothy Pilgrim's departure. According to Porter, Falk has previously focused particularly on "regulatory challenges and potential uses of data in a global environment", as well as promoting public access to government data. She also helped implement the Notifiable Data Breaches scheme, which came into effect in February this year. "Falk has extensive experience delivering the functions of independent regulators and a track record of working across Commonwealth and state agencies, business, and the community in law, policy, and education," Porter said on Friday.
After it was revealed over 311,127 Australians were caught up in the improper use of Facebook data by Cambridge Analytica, the Office of the Australian Information Commissioner (OAIC) has opened an official investigation into the social media giant. The investigation will consider whether Facebook has breached the Privacy Act 1988. In a statement on Thursday, acting Information and Privacy Commissioner Angelene Falk said given the global nature of the matter, the OAIC will confer with regulatory authorities internationally. "All organisations that are covered by the Privacy Act have obligations in relation to the personal information that they hold," she said. "This includes taking reasonable steps to ensure that personal information is held securely, and ensuring that customers are adequately notified about the collection and handling of their personal information."
The UK Information Commissioner's Office and Office of the Australian Information Commissioner (OAIC) announced on Thursday that the pair would be teaming up to conduct a joint investigation into Clearview AI. In April, OAIC asked questions of the company and issued a notice to produce under section 44 of the Australian Privacy Act. Two months prior, the face recognition company suffered a data breach that included its customer list, the number of accounts each customer has, and the number of searches those customers had made. "Security is Clearview's top priority," Clearview AI attorney Tor Ekeland said at the time. "Unfortunately, data breaches are part of life in the 21st century. Our servers were never accessed. We patched the flaw and continue to work to strengthen our security."
The Yahoo UK division has been fined £250,000 ($335,000) by the Information Commissioner's office due to the data breach that took place in 2014. The incident was reported two years later. The company said that the hackers who stole the personal information which included names unencrypted security questions were state-sponsored. The Information Commissioner's office said that the company failed to take the necessary measures in order to protect the data of its users. "The failings our investigation identified are not what we expect or will accept from a company processing significant volumes of personal data," wrote deputy commissioner of operations James Dipple-Johnstone in a blog.