A standalone Privacy Commissioner is to be appointed at the Office of the Australian Information Commissioner (OAIC) for the first time since 2016, with the recruitment process already underway.
Announced by Attorney-General Mark Dreyfus, the move restores the OAIC to a three-Commissioner model, the Australian Information Commissioner (as Agency head), a Privacy Commissioner and a Freedom of Information (FOI) Commissioner.
The standalone role of Privacy Commissioner was last held by Timothy Pilgrim, who was the first to take on the duel responsibilities of Privacy Commissioner and Australian Information Commissioner in September 2016.
Mr Dreyfus said that in light of the 2022 data breaches, the appointment of a standalone Privacy Commissioner would deal with “growing threats” to data security.
“Australians rightly expect their privacy regulator to have the resources and powers to meet the ongoing challenges of the digital age and protect their personal information,” Mr Dreyfus said.
“The large-scale data breaches of 2022 were distressing for millions of Australians, with sensitive personal information being exposed to the risk of identity fraud and scams,” he said.
“The Australian people rightly expect greater protections, transparency and control over their personal information and the appointment of the standalone Privacy Commissioner restores the Office of the Australian Information Commissioner to the three-Commissioner model Parliament originally intended.
The duel appointment of Australian Information Commissioner and Privacy Commissioner is currently held by Angelene Falk, who is to remain Information Commissioner and head of the OAIC
Ms Falk welcomed the announcement, saying it would bolster the OAIC to carry out its important statutory functions.