Our website uses cookies so we can analyse our site usage and give you the best experience. Click "Accept" if you’re happy with this, or click "More" for information about cookies on our site, how to opt out, and how to disable cookies altogether.

More Accept ×

We respect your Do Not Track preference.

Close ×

opc header logo

Print | Email this page

Shaming and blaming Charles Mabbett
15 November 2017 at 10:43

Should a business use social media to shame scam artists, shoplifters or bad debtors? When someone feels ripped off, this appears a natural course of action but it can be risky. Is if you believe you have evidence that a crime has been committed, contact Police.

, ,

Read More

Confirming a requester’s identity Charles Mabbett
17 October 2017 at 16:55

Updated by our Guidance team in March 2025.

,

Read More

Scammer then complains of privacy breach Charles Mabbett
29 September 2017 at 16:01

There’s a general expectation that if you make a complaint to our Office, you haven't brought the breach of privacy upon yourself through your actions. In this case, our complainant was a man who had ripped off a business. He had scammed the business out of several hundred dollars worth of goods but became upset when the business named and shamed him on its Facebook page.

, ,

Read More

A guide for health professionals disclosing information to Police Richard Stephen
7 July 2017 at 11:32

Reviewed May 2025 (previously titled ‘Can I tell the cops? A guide for health professionals.’

, , ,

Read More

Should agencies leave no stone unturned? Charles Mabbett
10 May 2017 at 09:31

Organisations sometimes get it wrong when they respond to a person’s request for their personal information. Information is sometimes lost, displaced or accidentally deleted. A recent privacy case dealt with by the Human Rights Review Tribunal considers when an organisation can call it quits when it comes to searching for personal information in responding to an access request.

, ,

Read More

How to make information available – some tips for agencies Lynley Cahill
4 April 2017 at 14:32

We live in an age where agencies collect and hold a lot of information about us. When we then request access to that information, this places demands on the time and resources of agencies to meet their obligations under the Privacy Act. Agencies sometimes feel a bit overwhelmed when responding to requests for personal information -  especially where a high volume of information is held.

Read More

Hager and Westpac - A bit more context, information and clarification Sam Grover
22 March 2017 at 09:50

There has been a significant amount of media coverage about our investigation into Westpac bank disclosing journalist Nicky Hager’s bank account information to Police in 2014. In the course of that reporting, some misconceptions have emerged. Because of the interest in the case, and the potential implications for future practice, we have noted some points of clarification and context below.

, ,

Read More

What to do in a phishing attack Neil Sanson,
20 March 2017 at 14:42

A recent data breach involved a deliberate email phishing attack on an organisation. The email looked like it came from the chief executive and requested a copy of the membership list (names and email addresses).
Read More
Back to top