Data Governance Australia releases draft Code for responsible data use

- June 22, 2017 2 MIN READ

As the average consumer’s use of technology grows, so too does the data they produce through various apps and services – with 2.5 quintillion bytes of data created every day, 90 percent of the data in the world has been created in the last two years alone.

What is done with that data, however, isn’t always obvious – consider the furore when the internet learned Unroll.me was selling its customer data to Uber, for example.

To give consumers confidence, Data Governance Australia (DGA) has released a Draft Code of Practice to set industry standards and benchmarks for the responsible collection, use, management and disclosure of data.

DGA believes that by promoting a culture of best practice, the Code will drive innovation by increasing consumer confidence and trust in the actions of DGA members.

Open for public consultation until July 21, the draft states member organisations must ensure all their interactions with data follow the Code principles of: no-harm; honesty and transparency; fairness; choice; accuracy and access; safety, security, and de-identification; stewardship; accountability; and enforcement.

The focus on security states that Code organisations must design and organise their security, including encryption, according to industry standards and in line with the nature of the data it holds and the harm that may result from a security breach.

They must also ensure that personal information is stored, shared, or disclosed in encrypted or de-identified form unless not commercially reasonable or technically feasible, or doing so would make the proposed use impractical.

Code Organisations must design and organise their security (including encryption) in accordance with recognised industry standards as appropriate to the nature of the data it holds and the harm that may result from a security breach.

The launch of the Code comes just under a year after the creation of DGA itself.

The association was launched last October with the aim of establishing best practice industry standards and benchmarks around data, and providing education, thought leadership, and advocacy services to help members better understand how data can be used responsibly.

Professor Graeme Samuel, chair of the DGA board, said, “Advances in data technology and capabilities have transformed the way that Australian businesses use, store and manage data over the last decade. Used effectively and managed responsibly, data can drive innovation, revenue growth and customer experience.

“However, in a world of almost infinite data storage and use, it is incumbent upon all sectors of industry to ensure that stringent self-regulation and best-practice is applied to retain consumer confidence and avoid heavy-handed federal regulation.”

The release of the Code also follows the handing down of the Productivity Commission’s report into Data Availability and Use last month.

The report stated that lack of trust among both “data custodians” and users in existing data processes and protections, and various barriers to sharing and releasing data are “choking the use and value of Australia’s data”, and as such the reforms proposed aim to move from “a system based on risk aversion and avoidance” to one based on transparency and confidence in data processes, “treating data as an asset and not a threat”.

Among the key reforms recommended is a new Data Sharing and Release Act, and a National Data Custodian to guide and monitor new access and use arrangements.

Image: Graeme Samuel.