What we do

Our purpose is to promote and uphold privacy and information access rights. We do this by:

• making sure that Australian Government agencies and organisations with an annual turnover of more than $3 million, and some other organisations, follow the Privacy Act 1988 and other laws when handling personal information
• protecting the public’s right of access to documents under the Freedom of Information Act 1982 (FOI Act)
• carrying out strategic information management functions within the Australian Government under the Australian Information Commissioner Act 2010 (AIC Act).

We:

• conduct investigations
• handle complaints
• review decisions made under the FOI Act
• monitor agency administration
• advise the public, organisations and agencies.

OAIC Guiding Principles

The Commissioners have distilled their strategic intent in a clear set of guiding principles that outline the vision for the agency. These have been outlined in the agency’s 4 Pillars (4Ps). These principles articulate the OAIC’s strengths and the Commissioners’ expectation that will inform the activity of the agency. These principles support the agency to regulate in a risk-based and strategic manner.

Why we can do it

The Office of the Australian Information Commissioner (OAIC) was set up by the AIC Act.

We are headed by the Australian Information Commissioner, who has a range of powers and responsibilities under the AIC Act, and exercises powers under the FOI Act, the Privacy Act and other laws.

The OAIC is an independent statutory agency in the Attorney-General’s portfolio.

Our functions

Privacy

We are responsible for privacy functions that are conferred by the Privacy Act and other laws. Under the Privacy Act a person can make a complaint to us about the handling of their personal information by Australian, ACT and Norfolk Island government agencies and private sector organisations covered by the Privacy Act.

The OAIC also has the power to:

• commence a Commissioner initiated investigation (CII) into an act or practice that might breach the Privacy Act
• conduct a privacy assessment of whether an entity is maintaining and handling personal information in accordance with the Privacy Act.
• ask an entity to develop an enforceable code, and register codes that have been developed on the initiative of an entity
• direct an agency to give the OAIC a privacy impact assessment about a proposed activity or function
• recognise external dispute resolution schemes to handle particular privacy-related complaints.

We have a range of responsibilities under other laws, including laws relating to data matching, eHealth, spent convictions and tax file numbers. See the Privacy Act and other legislation for more information.

We give information and advice on privacy to individuals, businesses and agencies through our enquiries team and our website.

Freedom of information

Our FOI functions include the oversight of the operation of the FOI Act and review of decisions made by agencies and ministers under that Act. If you are dissatisfied with the result of an FOI request, you may ask us to review it.

You can also complain to us if you are unhappy with the way your request was handled by an agency. We may initiate an own motion investigation (OMI). See FOI reports for information about previous investigations.

We give information and advice on FOI to individuals and agencies, through our enquiries team and our website.

Information policy

We oversee government information policy functions. This function is conferred on the Information Commissioner by the AIC Act. The Information Commissioner reports to the Attorney-General on matters relating to Australian Government information management policy and practice, including FOI and privacy. See Information policy to find out more about our role.