Reading time: 6 minutes

Every five years Australians partake in a national survey known as the Census. The Census collects statistics from every household in the country and captures a snapshot of the nation. This year the Census has created controversy as the ABS decided to embrace the digital age and attempted to conduct the Census through an online survey.

The ABS has also opted to remove the anonymity factor in this year’s Census. They will be collecting names and addresses of survey participants, justifying the change as a way of providing better insights into key areas such as employment, transport, health and education. Trialling an online survey and shifting away from anonymity has concerned many Senators and Civil Liberty Advocates, who have asked, “what will the government do with this information? Is this a breach of Privacy law? And will my online survey data be safe?”

Is the Mandatory Collection and Retention of Data Secure?

The ABS has a privacy policy which clearly sets out how your personal information is handled, collected and used. The ABS is an Australian Government Agency, created by the Australian Bureau of Statistics Act 1975 (Cth) and required to comply with the Privacy Act 1988 (Cth) (Privacy Act). As such, they must handle your personal information following the Australian Privacy Principles (APPS).

The legislation that permits the ABS to collect statistical information and outlines its responsibilities in doing so is the Census and Statistics Act 1905 (Census Act). The Census Act must comply with APP 3 of the Privacy Act, which requires that a Commonwealth agency may only collect personal information that is reasonably necessary or directly related to one or more of its functions or activities. The ABS must follow the provisions of the Census Act (s19) and treat all information collected in a strictly confidential manner.

Data Breaches

Breaches of privacy are unpredictable, yet extremely common. The APPs set out four key steps to managing a breach. The ABS will also look to these steps should a breach of Census data occur:

  1. Contain the breach: Once notified of a breach, containment may involve closing or shutting down the compromised system to prevent further records from being misused.
  2. Determine the risk of the breach: It is important to assess the risk. What information has been compromised? Who is affected by this breach?
  3. Notify: Determine whether notification of the breach is required, whether to individuals or the relevant authority.
  4. Prevent future breaches: As a result of a direct breach, there should be a review of policies and procedure to staff and a security audit of data. It is important to learn from breaches and prevent them from recurring.

In the Event of a Breach, Must the ABS Notify Individuals?

It will depend on the nature of the privacy breach and seriousness of the harm caused to that individual. Providing notice to an individual can help reduce the harm caused by a privacy breach. Notice should also be given to the relevant authorities, whether this is the Office of the Australian Information Commissioner (OAIC), local police or other relevant regulatory bodies.

How Long Can Personal Information Be Kept Under the APPs?  

Under the APPs 4.3 and 11.2, APP entities are required to take reasonable steps to remove, destroy and de-identify information that is no longer used or relevant.

This Year’s Hack

In the lead up to the Census, the ABS and Federal Government was optimistic in the face of a sceptical general public. Despite reassurances that the data collected would be safe and protected, fears that the Census would be a target for hackers were realised on August 9th. As a precaution, the ABS shut down the Census site in response to these international “cyber attacks”.

Aren’t We a Generation of Data Over-Sharers Anyway?

The Small Business Minister, Michael McCormack has mentioned that the loss of anonymity in this year’s Census is “no worse than Facebook”. Facebook and other social media platforms are used daily by a majority of the population, storing private information and personal data on all of its users. Similarly, the ABS have said that your average Woolworths or Qantas loyalty card requires more information than the Census does. So if the Census is just like signing up to Facebook or for a supermarket loyalty card, why do we all care so much? It might be that we volunteer our personal information to social media or loyalty programs, whereas the census is compulsory.

You shouldn’t limit your privacy concerns to the Census because you are putting yourself at risk when volunteering your personal information online. The general rule of thumb for data sharing is, if it’s free, your personal information may be the payment. For instance, the information you provide to Facebook will be used to sell to advertisers who can in turn target you with relevant advertising material.

At work, your data may also be at risk. Larger companies can afford top IT security, but it is important to keep in mind that the information you share to startup apps may not be as secure.

It’s important to be acutely aware of the risks, and the methods you can use to protect yourself online. Use discretion when volunteering your personal data, check that the site or app is secure and read their privacy policy to see if they adhere to APPs.  

What if I Don’t Complete My Census?

According to the Census Act, the penalty for failing to complete a Census form and not returning it can be up to $180 a day. However, due to the cyber attack and shut down of the Census website, Australians have until Sept 18, 2016 to return their hard copy forms and until Sept 23, 2016 to fill in their online survey.

Who Must Fill in the Census?

You are expected to participate in the Census of the household you reside in on the night of the Census, which in 2016 was August 9th. Exemptions include foreign diplomats and their families only.

Key Takeaways

The failure of this year’s Census due to cyber attacks from overseas hackers has not only proven people’s privacy concerns but revamped the discussion of privacy and data breaches in the digital age. Many countries hold surveys similar to our Census to understand their population better, and will also be facing the same dilemma the ABS has struggled with – whether the efficiency and resourcefulness of digital collection of information outweigh the risk of privacy breaches. Paper beats rock, does it also beat a computer?

While it’s not exactly surprising that the Australian National Census was attractive to hackers because of the sheer size of the operation, it can be easy to forget that cyber attacks are a legitimate risk if you are doing business online.


If you need assistance regarding a breach of your personal privacy or company’s confidential information or have questions about Australian Privacy Law, get in touch with our IT lawyers on 1300 544 755.


New Kid on the Blockchain: Understanding the Proposed Laws for Crypto, NFT and Blockchain Projects

Wednesday 25 May | 10:00 - 10:45am

If you operate in the crypto space, ensure you understand the Federal Government’s proposed licensing and regulation changes. Register today for our free webinar.
Register Now

How to Expand Your Business Into a Franchise

Thursday 26 May | 11:00 - 11:45am

Drive rapid growth in your business by turning it into a franchise. To learn how, join our free webinar. Register today.
Register Now

Day in Court: What Happens When Your Business Goes to Court

Thursday 2 June | 11:00 - 11:45am

If your business is going to court, then you need to understand the process. Our free webinar will explain.
Register Now

How to Manage a Construction Dispute

Thursday 9 June | 11:00 - 11:45am

Protect your construction firm from disputes. To understand how, join our free webinar.
Register Now

Startup Financing: Venture Debt 101

Thursday 23 June | 11:00 - 11:45am

Learn how venture debt can help take your startup to the next level. Register for our free webinar today.
Register Now

About LegalVision: LegalVision is a commercial law firm that provides businesses with affordable and ongoing legal assistance through our industry-first membership.

By becoming a member, you'll have an experienced legal team ready to answer your questions, draft and review your contracts, and resolve your disputes. All the legal assistance your business needs, for a low monthly fee.

Learn more about our membership

Need Legal Help? Submit an Enquiry

If you would like to get in touch with our team and learn more about how our membership can help your business, fill out the form below.

Our Awards

  • 2020 Innovation Award 2020 Excellence in Technology & Innovation Finalist – Australasian Law Awards
  • 2020 Employer of Choice Award 2020 Employer of Choice Winner – Australasian Lawyer
  • 2020 Financial Times Award 2021 Fastest Growing Law Firm - Financial Times APAC 500
  • 2020 AFR Fast 100 List - Australian Financial Review
  • 2021 Law Firm of the Year Award 2021 Law Firm of the Year - Australasian Law Awards
  • 2019 Most Innovative Firm - Australasian Lawyer