Our website uses cookies so we can analyse our site usage and give you the best experience. Click "Accept" if you’re happy with this, or click "More" for information about cookies on our site, how to opt out, and how to disable cookies altogether.
We respect your Do Not Track preference.
Employer’s failure to secure employee’s personal information results in $7000 pay-out
A man discovered he was the victim of credit card fraud and a large debt had accumulated against his name.
Not knowing how the identity fraud had occurred, he began investigating.
He spent a significant amount of time working with Police as well as contacting third party agencies directly to find out what happened.
Eventually he discovered copies of his personal information, including a driver’s licence, had been stolen from his ex-employer.
His ex-employer had kept employee personal information in a locked cabinet which was accessible by several staff, including maintenance workers. The workplace had no policies and procedures in place to ensure the security of the information.
Principle 5 of the Privacy Act requires that agencies that hold personal information should ensure the information is protected by security safeguards reasonable to protect against loss, access, modification or other misuse.
Finding the ex-employer in breach of Principle 5, we facilitated a settlement conference for the parties which resulted in the man receiving a $7,000 settlement.
Business posts images of delivery driver online after one-star review
A delivery driver complained to our Office after a business shamed him online for leaving them a bad review.
The delivery driver had arrived to collect an order from the business.
He claims he waited for an extended time for his pickup order to be ready.
The business said the driver did not have the correct equipment required for pick up - and that had accounted for the delay.
Following the experience, the delivery driver left a one-star review of the business on Google.
In response, the business posted a CCTV photo of the driver and his partner from when they had visited their premises online and shamed him for leaving a one-star rating. More than 50 people responded to the post before it was deleted, with some leaving abusive comments.
Principle 11 of the Privacy Act requires agencies to not disclose personal information to others unless an exception applies. We found the respondent had breached Principle 11 by making the disclosure.
Our Office worked with the parties to resolve the dispute. Following our involvement, the business agreed to pay $500 to the delivery driver.
Back