Privacy Laws - what are they?
The Privacy Act 1988 (Cth) promotes and protects the privacy of individuals by regulating how Australian government agencies and large organisations (with an annual turnover exceeding $3 million) handle personal information.
Despite the significant changes to the distribution, accessibility and use of personal information by government agencies and corporations in the turn of the digital era, major privacy reforms have only been implemented in 2014. The immense quantity of data flow in digital ecosystems have created the conditions for recent major data breaches, and exposed Australians to a high risk of identity fraud and scams.
As highlighted in the Privacy Act Review Report by the Attorney-General’s Department, Australia’s existing privacy laws are quite disparate from leading privacy laws on the global scale. Accordingly, the Australian Government’s response to the Attorney General’s Department’s review of the Privacy Act 1988 (Cth) outlines a crucial set of proposals that are critical to ensuring Australia’s privacy framework is strengthened for the future. The Australian Information Commissioner and Privacy Commissioner, Angelene Falk, noted that “this is the most significant change to the Privacy Act in decades, and will require organisations to ensure that their practices are fair and reasonable”.
The proposed changes and their consequences for you
The consequence of the reforms to be implemented in the Privacy Act will be multifaceted, impacting consumers, business, government and the broader economy.
One of the fundamental developments is the ability for individuals to exercise new privacy rights and take direct action in the courts if their privacy is breached; greater autonomy is therefore provided to consumers, and a higher level of accountability for agencies and organisations who misuse the handling of sensitive information.
Additionally, potentially updated definitions for terms such as “personal information” and “consent” will increase the currently available protections for consumers against intrusive and manipulative data practices.
Along with changes to the definition of “consent”, the addition of a “fair and reasonable test” to assess whether a practice is substantively fair, ensures that companies with inappropriate data practices cannot claim that such practices are lawful simply because consumers provided consent.
Furthermore, the proposals include a greater range of enforcement powers to be provided to the OAIC, and expand the scope of orders able to be made by the Court in civil penalty proceedings.
Although issues with the protection and use of privacy information are inevitable in the digital age, the oncoming reforms to Australia’s privacy laws are an important start to the protection of individual’s personal information and accountability of companies and organisations that misuse such information.
If you or someone you know wish to discuss this issue further, then please do not hesitate to contact us on 02 8999 9809.