Publications by Category

• Cross-Border Data Flows and International Regulation

• Governance

• Health

• Identity Management

• Privacy by Design

• Privacy Impact Assessments, Audits and Investigation Reports

• Privacy Policies and Notices

• Regulation and Reform

• Security and Privacy

• Technology and Privacy

• Trust

• Other Topics

• Archive

Regulation and Reform

• "IIS Partners submission on 2023-2030 Australian Cyber Security Strategy Legislative Reforms Consultation Paper", consultation submission prepared by IIS Partner Mike Trovato and Principal Consultant Natasha Roberts on the cyber security legislative reforms proposed by the Department of Home Affairs, 1 March 2024.

• "IIS Partners submission to Senate Digital ID Bill 2023", consultation submission prepared by IIS Partners Malcolm Crompton, Mike Trovato and Principal Consultant Natasha Roberts for the Senate Standing Committees on Economics on the Digital ID Bill that has been referred to the Senate Economics Legislation Committee, 23 January 2024.

• "IIS Partners submission to the Digital ID Bill 2023 Exposure Draft", consultation submission prepared by IIS Partners Malcolm Crompton, Mike Trovato and Nicole Stephensen and Principal Consultant Natasha Roberts for the Department of Finance on the Exposure Draft of the Identity Verification Services Bill 2023 and the Identity Verification Services (Consequential Amendments) Bill 2023 [Provisions], 7 October 2023.

• "Feedback to inform the Government response to the Privacy Act review", consultation submission prepared by IIS Partners Malcolm Crompton and Nicole Stephensen and Principal Consultant Natasha Roberts on the Government response to the Privacy Act Review Report, 29 March 2023.

• "2021 Independent review of the Privacy (Credit Reporting) Code", report co-written by IIS Partners following extensive stakeholder consultation in support of the Office of the Australian Information Commissioner’s review of the Privacy (Credit Reporting) Code 2014 (the CR Code), 20 September 2022.

• "Privacy Act Review - IIS Partners & Ground Up Consulting - Discussion Paper Submission", consultation submission prepared by IIS Partners Malcolm Crompton, Mike Trovato and Nicole Stephensen for the Attorney-General’s Department in response to the Privacy Act Review Discussion Paper, 10 January 2022.

• "IIS Partners Submission on Exposure Draft of the Trusted Digital Identity Bill", additional consultation submission prepared by IIS Leads Malcolm Crompton and Mike Trovato for the Digital Transformation Agency as part of its consultation on the Trusted Digital Identity Bill, 26 October 2021.

• "Consumer Data Right: Telecommunications sectoral assessment consultation submission", consultation submission prepared by Mike Trovato and Natasha Roberts on behalf of the Australian Information Security Association for the Treasury’s consultation into sectoral assessments for the Consumer Data Right, 19 August 2021.

• "DTA Digital Identity Legislation Submission", consultation submission prepared by IIS Leads Malcolm Crompton and Mike Trovato for the Digital Transformation Agency as part of its consultation on the development of Digital Identity Legislation, July 2021.

• "Good legislation to make COVIDSafe trustworthy", joint paper prepared by a group of leading Australian privacy experts, including Malcolm Crompton AM, on what additional protections lawmakers can introduce to ensure the success of the COVIDSafe app, May 2020.

• "Data and Privacy Masterclass", a webinar and PowerPoint presentation leading up to the NSW Data Sharing Summit for Privacy Awareness Week 2020, presented by Malcolm Crompton and Professor Lyria Bennett and hosted by the Australian Computer Society and the NSW Department of Customer Service, 29 April 2020.

• "High-level briefing on Consumer Data Right", paper prepared by Natasha Roberts, IIS Senior Consultant, 20 December 2019.

• "Our Privacy Act: 30 years and 25 years reflections", an interview with Malcolm Crompton for Privacy Unbound Edition 86, Sep-Oct 2018, published by the International Association of Privacy Professionals ANZ (iappANZ).

• "Privacy: APEC Cross Border Privacy Rules and Mandatory Data Breach Reporting", presented by Annelies Moens at LegalWise, Sydney, 14 March 2017.

• "Personal Information: Asset Or Liability? It's Up To You!", keynote presented by Malcolm Crompton at the 2016 Privacy Summit of the International Association of Privacy Professionals Australia New Zealand (iappANZ), Sydney, 14 November 2016.

• "Australian data transfer policies and impact on commerce", presented by Malcolm Crompton at the US-China Roundtable Workshop on International Data Protection Policy and Effects on Commerce, Beijing, 18 July 2016.

• "Rapporteur's closing remarks – Malcolm Crompton", presented at the International Conference of Data Protection and Privacy Commissioners, Mauritius, 16 October 2014.

• "International Conference on the Amendment of Personal Information Protection Act", keynote presented by Malcolm Crompton at an event organised by The Software Alliance, Japan Electronics and Information Technology Industries Association (JEITA) and Japan Information Industry Association (JISA), Tokyo, 14 November 2014.

• "Directors Briefing: Privacy Governance: Risk and Opportunity for Directors", presented by Malcolm Crompton at the Company Directors hosted by Marsh Australia on behalf of the Australian Institute of Company Directors, Sydney, 25 June 2014.

• "Does the Internet need a Delete button?", presented by Malcolm Crompton at the Australian Internet Governance Forum, Melbourne, 17 October 2013.

• "Privacy around the world: Developments, challenges and responses", keynote presented by Annelies Moens at the Global Information Governance Summit, Kuala Lumpur, 29 May 2013.

• "Managing data, privacy and security under the new credit reporting regime", presented by Annelies Moens at Dun & Bradstreet Consumer Credit Conference 2012, Melbourne, 11 September 2012 and Sydney, 13 September 2012.

• "Enforcement of the PDPA: Reality Check for Data Abuser – the Australian Perspective", presented by Malcolm Crompton at the Personal Data Protection Roundtable and Workshop, Kuala Lumpur, 12-13 December 2011.

• "A Customer-Centric Approach to Privacy and Data Protection", presented by Malcolm Crompton at the Privacy and Data Protection Singapore 2011 Conference, Singapore, 11 November 2011.

• "Australia's Privacy Law Reform Process Has Been Revived, But Will The Debate Be Balanced?", World Data Protection Report, August 2011, Vol. 11, No. 8, BNA International Inc., London (an earlier version was published as a blog at http://www.openforum.com.au/blogs/malcolm-crompton).

• "Australia's changing privacy landscape", The Privacy Advisor, January-February 2011, Vol. 11, No. 1, the official newsletter of International Association of Privacy Professionals (IAPP), Portsmouth, New Hampshire. The complete issue of The Privacy Advisor is available to IAPP Members Only.

• "A brief to Senators and Members, Congress of the Philippines on a draft privacy law", presented by Malcolm Crompton at Batasan Pambansa, Quezon City, the Philippines, 18 February 2009.

• "Review of Australia's privacy laws – grist for privacy globally", World Data Protection Report, September 2008, Vol. 8, No. 9, pp. 3-7, BNA International Inc., London.

• "Major changes to Australia's privacy law on the horizon", Regulatory Review, September 2008, a publication of Deloitte Touche Tohmatsu, Sydney.

• "A Possible Way Forward: Some Themes and an Initial Proposal for a Privacy and Trust Framework", working paper prepared by Martin Abrams (CIPL), Malcolm Crompton and Christine Cowper for the Privacy and Trust Partnership seminar and workshop, The State Library of New South Wales, Sydney, 4 December 2007.

• ""Future Proofed" Regulatory Frameworks for Privacy", plenary speech presented by Malcolm Crompton at the Privacy Symposium, Cambridge, Massachusetts, 24 August 2007.

• "A New Approach to Trust and Privacy in the Information Age", white paper prepared by Malcolm Crompton, Christine Cowper and Martin Abrams (CIPL) for the Privacy and Trust Partnership conference convened at the Parliament House of NSW, Sydney, 4 July 2007.

• "How accountability via government oversight works today in Australia", paper prepared by Malcolm Crompton, Chris Jefferis and Christine Cowper for a privacy symposium organised by the Chinese Academy of Social Science, Beijing, 16 June 2007.

• "Privacy: Why Bother; what's happening in Asia", seminar presented by Malcolm Crompton at the Graduate Management Admission Council®, McLean, Virginia, 7 March 2007.

• "Overview of Asian Privacy Law Lessons Learned and Possible Ways Forward, paper prepared by Malcolm Crompton for a privacy symposium organised by the Chinese Academy of Social Science, Beijing, 17 June 2006.

• "Data Protection: The Next 21 years? The operating environment", paper prepared by Malcolm Crompton for a seminar hosted by the UK Information Commissioner, Manchester, 29 November 2005.

• "Australia: state of play in a changing environment", Data Protection Law & Policy, October 2005, Vol. 2, No. 10, Cecile Park Publishing Limited, London, U.K.

• "Are comparisons possible? A Framework for assessing the performance of data protection supervisors", presented by Malcolm Crompton at the 27th International Conference of Data Protection and Privacy Commissioners, Montreux, Switzerland, 15 September 2005. An accompanying paper was published in Jusletter, 3 October 2005.

• "Implementing a New Privacy Regime: Reflections from Australia", presented by Malcolm Crompton at the 2004 Data Protection Research and Policy Group Series Workshop, British Institute of International and Comparative Law, London, 27 September 2004.

• "Setting Public Policy", presented by Malcolm Crompton at the Conference Board Council of Chief Privacy Officer, Palo Alto, California, 8 June 2004.