NSW Information Commissioner and NSW Privacy Commissioner release a joint regulatory advice to agencies seeking investment by the Digital Restart Fund
The NSW Information Commissioner and NSW Privacy Commissioner today jointly issued advice regarding the Digital Restart Fund: assessing information access and privacy impacts.
This expert regulatory advice responds to the rapid deployment of digital services and ensures that citizens’ rights are preserved.
With the widespread increase in digital service delivery by government, the Information and Privacy Commission (IPC) has reviewed diverse digital projects from a range of agencies involving both government and non-government providers. These projects can contribute to better more effective outcomes through digital service delivery. They can also impact access information and privacy rights.
Under section 10 of the Digital Restart Fund Act 2020 (DRF Act), before approving funding under the Digital Restart Fund (DRF) for a project, the Minister must obtain and have regard to advice from the Information Commissioner and the Privacy Commissioner. This advice is required at each stage of a project, prior to funding being released.
NSW Information Commissioner and NSW Open Data Advocate, Elizabeth Tydd said: “This advice sets out some of the commonly identified risks to information access and privacy rights across projects seeking funding from the DRF and suggests mitigation strategies to preserve those rights.
Sharing this knowledge with agencies in an accessible manner will help to build the capacity of NSW public sector agencies and ensure that information access and privacy rights are preserved.”
NSW Privacy Commissioner, Samantha Gavel, said, “Every digital project will, in some way, involve the creation or use of government information. A significant proportion of DRF projects will also involve the collection and use of personal information.
The IPC’s approach to provision of advice provides practical guidance to ensure that legal rights are preserved.”
The IPC has reviewed projects which can be broadly grouped in the following categories:
- the integration of government transactions, information and services into a single portal for citizens to access, for example Service NSW’s digital platforms
- drones and smart technology
- single notification services, which ensure that citizens only need to provide the NSW Government with certain personal information once, in order to notify several agencies of a life event or to access a broad range of services
- data analytics to inform decision-making and service delivery, which can involve the use of automation and machine learning systems, linkage of data from multiple agencies (and non-government entities) and the use of third-party analytics solutions
- projects aimed at uplifting cyber security maturity.
Ms Tydd said, “This advice seeks to raise the level of understanding of the impact of technology on rights and empower agencies to understand and implement rights preserving features from the outset. More broadly the advice contributes to just and legal outcomes by promoting accessibility and digital inclusion.
When engaging non-government providers, contractual requirements should promote the preservation of rights and recognise that government remains accountable to citizens.”
The NSW government has allocated $1.6 billion over three years to invest in digital transformation projects through the DRF.
Digital Restart Fund: assessing information access and privacy impacts is now available on the IPC website.
For further information, please contact:
IPC media team on 0435 961 691 or email firstname.lastname@example.org
About the Information and Privacy Commission:
The Information and Privacy Commission NSW (IPC) is an independent statutory authority that administers New South Wales’ legislation dealing with privacy and access to government information. The IPC supports the Information Commissioner and the Privacy Commissioner in fulfilling their legislative responsibilities and functions and to ensure individuals and agencies can access consistent information, guidance and coordinated training about information access and privacy matters.
About the NSW Information Commissioner
The NSW Information Commissioner’s statutory role includes promoting public awareness and understanding of the Government Information (Public Access) Act 2009 (GIPA Act); providing information, advice, assistance and training to agencies and the public; dealing with complaints about agencies; investigating agencies’ systems, policies and practices; and reporting on compliance with the GIPA Act.
The Government Information (Information Commissioner) Act 2009 (GIIC Act) establishes the procedures for appointing the Information Commissioner and sets out the Commissioner's powers and functions. It outlines the method for people to complain about the conduct of agencies when undertaking their duties under the GIPA Act, and the way in which the Information Commissioner may deal with the complaint. The GIIC Act also enables the Information Commissioner to investigate and report on how agencies carry out their functions under the GIPA Act.
About the NSW Privacy Commissioner
Samantha Gavel was appointed as NSW Privacy Commissioner on 4 September 2017. Her role is to promote public awareness and understanding of privacy rights in NSW, as well as provide information, support, advice and assistance to agencies and the general public.
For further information about the IPC visit our website at www.ipc.nsw.gov.au
Please note since June 2021, the IPC media team email address has changed. Please send all media enquiries to email@example.com. All emails sent to the old CCA Digital address will be forwarded to the new address until switch over completion in December 2021.