With privacy concerns about how businesses are using the consumer data they collect on the increase, Australian supermarkets have been put to the test, with the Office of the Australian Information Commissioner (OAIC) conducting assessments of the loyalty programs of Coles and Woolworths.
The Australian Privacy Commissioner assessed the programs to see if the personal information they collect is handled transparently and in accordance with the Privacy Act 1988. At the international level, data protection authorities such as the OAIC have stated, through the Mauritius Resolution on Big Data, that they will closely monitor developments relating to big data.
The assessments examined areas such as the handling of personal information, including protections against data breaches, notification of the collection of personal information, and data analytic activities (including the number of people within the organisation which had access to identifiable data). The OAIC also looked specifically at what analytics were used for – for instance, targeted marketing, undertaking analysis for third parties, and to make broader business decisions such as store layout or where to locate new stores.
In this case, the Privacy Commissioner found that both the Coles and Woolworths each had privacy notices that were consistent with their practices, though it did make some recommendations for the retailers to improve compliance with the Australian Privacy Principles.
Such assessments certainly indicate a stronger focus on the use of big data by businesses, and follows on from the release in May of a draft ‘Guide to big data and the Australian Privacy Principles’ by the OAIC. Comments on the guide will close on 26 July 2016.