With data privacy becoming an increasingly popular topic over the last few years, we want to take a look at the latest Office of the Australian Information Commissioner’s (OAIC) 2020 Australian Community Attitudes to Privacy Survey (ACAPS). The ACAPS is a study designed to give a longitudinal picture of Australians’ views on data privacy.
Since the previous study conducted in 2017, the 2020 survey results show that individuals are becoming increasingly aware of data privacy and the need to influence how organisations store and use data. This is certainly something we presumed was the case, and this is now confirmed by the study.
Key takeaways:
- Most Australians (85%) know the reasons why they should protect their personal information, but 49% are not sure how to approach it.
- Theft and fraud were identified as their biggest privacy risk. This increased from 19% in the 2017 survey to 76% in the 2020 survey.
- Coming in as the second largest identified risk, 61% of Australians identified data security or data breaches. This is up from 17% in the 2017 survey.
- 84% of Australian believe they should have the right to ask a business to delete personal information, and 64% believe they should have the right to request deletion of personal data that a government agency holds about them.
This research relates specifically to customer attitudes, but as we can see with the uptake of data deletion requests, there is a strong underlying message here for those managing and running SAP® environments in the enterprise. If we take a look at the 2017 survey results, we see that personal data removal and deletion wasn’t even a topic at the time. It is interesting to see that an area not even discussed in the previous survey ranked so highly just three years later.
In the 2020 report, Angelene Falk, Australian Information Commissioner and Privacy Commissioner, highlights the value of the survey results as consideration to the review of the Australian Privacy Act 1988. Falk further states, “The Australian Government has also committed to a new system of fines and penalties for interference with privacy.”
The change in attitude towards data privacy in Australia is being noticed. It is unclear to what extent the shift in attitude will eventually affect real change to the Australian Privacy Act and associated penalties. That said, these changing feelings will bring increased attention to data protection and reporting on future data breaches.
This is reminiscent of our colleagues’ recent experiences with GDPR awareness and compliance in Europe. The movement for personal data rights during the implementation of GDPR in 2018 cemented data scrambling, disclosure and retention, as both a legal requirement and best practice for personal data within SAP production systems. Since then, the typical requirements from our clients include:
- Reducing the footprint of personally identifiable information (PII) across the SAP estate:
- Only copy what you need to testing environments with Client Sync™ and Object Sync™
- Scramble PII in test systems with Data Secure™
- Manage and reduce PII held in production systems:
- Redact data no longer legally required in production with Data Privacy Suite.
Where will privacy legislation in Australia be in three years’ time? We are at the start of a fascinating journey, which is familiar to the EPI-USE Labs’ team, and for which our solutions are already primed. To help you on your security journey, download this SAP security checklist for useful tips on how you can secure your SAP systems. We have provided key points on the top five critical challenges faced by many businesses.
This article is sponsored by EPI-USE Labs
