CONSEQUENCES OF FAILING TO COMPLY WITH CURF UNDERTAKING
Where a person is found to have breached the CURF Undertaking the ABS may:
- immediately suspend their access to all CURFs, disable their Remote Access Data Laboratory (RADL) access and require that they surrender all microdata in their possession to their organisation's Contact Officer or to the ABS, pending investigation of the breach, and
- inform the organisation's Contact and Responsible Officers that an investigation is underway.
Following the investigation and depending on the nature of the breach the ABS may require the development and implementation of strategies to:
- restrict or overcome the consequences of the breach, and
- ensure no repetition of the breach.
Depending on the success of these strategies and the severity of the breach, the ABS may:
- reactivate the suspended access, or
- extend suspension temporarily or permanently, or
- where justified, suspend or terminate access for the organisation as a whole.
Where justified by the nature of the breach, the ABS may also invoke Subsection 19 (3) of the Census and Statistics Act 1905 which provides that a person who fails to comply with an undertaking given by that person in respect of a CURF is guilty of an indictable offence, punishable on conviction by a fine of 120 penalty units ($21,600) or imprisonment for two years, or both.
While ABS must treat breaches of the Undertaking very seriously we would much rather help users and their organisations avoid the possibility of a breach. If at any time, you are unsure about your organisation's compliance with the CURF Undertaking please contact firstname.lastname@example.org
or call 02 6252 7714.