Highlights from OVIC’s 2020-21 Annual Report
Here are the highlights from the Office of the Victorian Information Commissioner (OVIC) (2020-21 Annual Report, focusing on Freedom Of Information (FOI), Privacy and Data Security.
Privacy and data security
- 86 privacy complaints were made to OVIC (down 19% from previous year)
- 69% of which were finalised by OVIC
- 31% were referred to VCAT
- 159 data breach notifications were made to OVIC (up 66%)
- 373 security incident notifications were made to OVIC
- 73% involved soft copies (information format)
- 82% impacted confidentiality (security attribute)
- 74% compromised personal information (type of information)
Freedom of Information
A record 42,249 FOI requests were made to Victorian agencies (127 in total)
- 607 OVIC reviews, taking an average of 118 days to finalise
- 739 OVIC complaints, taking an average of 61 days to finalise
- The top 30 agencies received 84% of all requests
Common matters / exemptions raised:
- s 25A(5) – where a request can be refused because it is apparent from the nature of the request that all of the documents sought are exempt
- s 25A(1) – where a request can be refused because the work involved in processing it would substantially and unreasonably divert the resources of the agency from its other operations
- s 38 – documents to which secrecy provision of enactments apply (including as a response to the treatment of confidential information under the Local Government Act 2020)
- s 33 - documents affecting personal privacy
- s 30 - internal working documents
- s 31 - law enforcement documents
- s 35 - documents containing materials obtained in confidence
OVIC was notified of 68 VCAT review applications (up 19.3%), 48% of which were by agencies.
However, separate data provided to OVIC by agencies indicated that there were 190 VCAT review applications. This suggests that agencies are not notifying OVIC of all VCAT applications as required by s 50(3F) and (3FA) of the FOI Act. The data also indicated that VCAT made 32 decisions, of which the agency decision was confirmed in 26 of them, varied in five and overturned in only one.
Need assistance with your FOI, privacy or data security issues?
Contact our FOI & Privacy team
By Melanie Olynyk, Katy Zhu & Maryam Popal
Recent articles

New point of law: What can be considered as a protected document?
By Patrick Ibbotson, Susanne Rakoczy
A look at Environment Protection Authority v Sydney Water Corporation [2023] NSWLEC 119.

Society of University Lawyers Conference 2023
Maddocks is a proud platinum sponsor of the Society of University Lawyers Conference 2023.

Implementation of Universities Accord Interim Recommendations passed
On 19 October 2023 the Senate passed a slightly amended version of the Higher Education Support Amendment

Preparing for mandatory data breach notification under NSW privacy laws: Five key actions
By Ooma Khurana & Radhika Bhatia
This is the second instalment in our For Your Information campaign
Partner
Melbourne