Federal government to pay 1,300 seeking asylum after personal data leak
In what’s being described as an Australia-first, the federal government has been ordered to pay compensation to almost 1,300 people seeking asylum after leaking highly sensitive personal information.
The Australian government has been instructed to pay compensation to those people who were being held in immigration detention and had their personal information published in February 2014.
It’s been determined that during this time, the Department of Home Affairs accidentally published a report on its website, which provided access to a spreadsheet that included names, dates of birth, citizenship status, location, boat arrival details and period of immigration detention of those people affected.
In 2015, a representative complaint was made to the Office of the Australian Information Commissioner (OAIC), resulting in a decision being made by the Australian Information Commissioner and Privacy Commissioner that compensation should be paid for the mass privacy breach.
Commenting on the compensation payments, Slater and Gordon and the Refugee Advice and Casework Service (RACS), who led the matter on a pro bono basis, described the ruling as “unprecedented” and the first of its kind to occur in Australian history.
“This is the most significant use of the representative complaint powers in the Privacy Act to date, and appears likely to result in the largest compensation figure ever to be determined for a privacy claim in Australia,” said Slater and Gordon senior associate Ebony Birchall.
“It is an important reflection of the fact that privacy breaches are not trivial or consequence-free mistakes, and that increasingly, individuals who suffer loss as a result of a breach should expect to be able to obtain redress.
“Organisations holding personal or sensitive data need to take their obligations seriously, and the presence of meaningful consequences and compensation rights following breaches is a significant development.”
RACS Centre director and principal solicitor Sarah Dale added: “We are pleased to see it publicly recognised that the Department of Home Affairs breached the fundamental right to privacy of thousands of people seeking asylum in Australia.”
“We also acknowledge, however, that no decision or result such as this will alleviate the distress caused to people who have already experienced so much pain.
“This breach meant that any person searching the internet could access the personal information surrounding thousands of people applying for protection in Australia. This includes authorities and indeed even the perpetrators of the persecution, in the countries from which they fled.
“For men, women and children already terrified of being returned to a country where they feared for their lives, this data breach caused huge anxiety, at a time when it was already at its peak.”