The University of Melbourne’s covert surveillance tactics during a campus protest have been declared unlawful, following a ruling by Victoria’s deputy information commissioner that the institution broke the state’s privacy laws.
The decision condemns the university’s quiet use of digital tracking tools against students and staff involved in a pro-Palestine demonstration, raising serious concerns about the growing use of surveillance technologies in academic settings.
We obtained a copy of the decision for you here.
Prompted by media attention earlier this year, the investigation focused on how the university responded to a May protest held inside the Arts West building.
Rather than relying on open dialogue or standard disciplinary processes, university officials resorted to monitoring individuals through the campus Wi-Fi network, matching connection data with student ID photos and security camera recordings.
A total of 22 students were identified through this process, all without prior warning or a clear legal basis. Staff were surveilled as well, with the contents of ten employees’ email accounts examined to uncover involvement in the demonstration. Three of them later received formal warnings.
Although the commissioner’s office accepted that CCTV footage was used within legal boundaries, it found the use of Wi-Fi tracking in disciplinary investigations to be unjustified.
The monitoring of staff emails was also flagged for breaching expected privacy norms.
More: WiFi is exposing your location to Big Tech and data brokers. Here’s how to protect yourself.
Katerina Kapobassis, the university’s Chief Operating Officer, admitted that the institution “could have provided clearer active notice” to those being monitored.
However, she defended the actions as “reasonable and proportionate,” claiming safety concerns justified the surveillance. She also said that revised digital monitoring policies have since been introduced, along with updates to IT governance.
But the official findings painted a very different picture. The university’s privacy documents, Wi-Fi usage terms, and digital policy frameworks were all criticized for lacking transparency.
According to the report, users were effectively left unaware of how their location and communication data might be used against them.
The deputy commissioner concluded that the university’s hidden surveillance created a “significant breach of trust,” and confirmed that the institution’s handling of data will remain under review.
The report was welcomed by civil rights organizations and student-led groups, who pointed to a troubling pattern of surveillance creep within higher education.
