Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The Privacy Act 1988 establishes the Australian Privacy Principles (APPs) as the foundation of privacy regulation in Australia. These 13 principles guide how organizations must handle, use, and manage personal information. The APPs apply to most Australian Government agencies, private organizations earning over $3 million annually, and certain smaller businesses—collectively called APP entities. For organizations doing business in Australia, APP compliance goes beyond avoiding penalties.

By James Rees, MD, Razorthorn Security.

The cyber insurance industry continues to face challenges related to traditional cyber security risks, and more recently, data privacy risks. In many cases, traditional cyber insurance policies may cover legal fees or costs related to a data privacy infringement. Organizations not only get hit with class action lawsuits following incidents like breach of PII/PHI, but are seeing demand letters from law firms who are looking to protect their clients from any possible disclosure of their sensitive data.

Protecting individual privacy is paramount, given the proliferation of Personally Identifiable Information (PII) and other sensitive data collected by enterprises across all industries. One way to protect sensitive data is through PII masking e.g., consistently changing names or including only the last four digits of a credit card or Social Security Number.

Not all threats to your accounts and privacy happen online. They can happen right next to you. The stranger sitting next to you on the metro, coffee shop, or airport may not be some innocent stranger. Instead, they could be looking for an opportunity and the right moment to look over your shoulder and steal your passwords or personal information. Shoulder surfing attacks happen when someone watches you enter sensitive information, such as a PIN or password, into your device or account.

As AI continues to weave itself into the fabric of everyday business operations, it’s bringing real ethical questions to the forefront—especially around how data is used and protected. With innovation moving fast, tech leaders can’t afford to treat privacy and ethics as afterthoughts. It’s on us to build systems that respect people’s rights from the ground up and to make sure our use of AI reflects the values society expects us to uphold.

In this day and age, data privacy and data protection are top of mind, for very good reasons. Keeping data safe isn’t just a good business practice, it’s an imperative for businesses around the world, since many governments are requiring data privacy and protection as a part of doing business in their jurisdictions. At 11:11 Systems, our commitment to data privacy and protection isn’t just a part of what we provide, it’s part of what we do internally as a business.

On 7 February 2025, it was reported that the UK government had demanded that Apple allow access to encrypted user data worldwide. Under current security policies, only the account holder can access the stored data in Apple’s cloud services, meaning the technology organisation itself cannot view it.