The Office of the Australian Information Commissioner (OAIC) is the Commonwealth statutory authority responsible for privacy regulation and freedom-of-information oversight. Established in 2010, it administers the Privacy Act 1988, the Australian Privacy Principles, and the Notifiable Data Breaches scheme.
The OAIC's privacy functions include investigating complaints, conducting own-motion investigations, issuing determinations and enforceable undertakings, and (since 2022 amendments) seeking civil penalties of up to AU$50 million or 30 percent of adjusted turnover for serious or repeated interferences with privacy.
Operationally, the OAIC publishes substantial guidance — guidelines on each APP, NDB scheme decision-making, sector-specific notes for health and credit reporting, and frequently asked questions covering common compliance scenarios. The published guidance is the most useful single resource for AU privacy compliance and is regularly cited in audit reports.