$50m Penalties, More Regulatory Powers and Expanded Global Reach – Part One of Australia’s Privacy Act Reforms

On Wednesday 26 October 2022, Australia’s Attorney-General Mark Dreyfus introduced the Privacy Legislation Amendment (Enforcement and Other Measures) Bill 2022 (Cth) (Bill) into Federal Parliament. The Bill includes amendments to the Privacy Act 1988 (Cth) (Privacy Act), including: Maximum penalties of $50 million and more for serious or repeated interferences with privacy; Enhanced powers (including … Read more

Journey to global privacy harmonisation: Australia joins the Global Cross-Border Privacy Rules Forum certification system

On 17 August 2022, the Australian Government announced that Australia joined the Global Cross-Border Privacy Rules (Global CBPR) Forum.[1] The Forum, launched in April 2022, establishes a certification system to help companies in participating jurisdictions demonstrate compliance with internationally-recognised privacy standards, with the aim of fostering interoperability and international data flows.[2] Read more

Future of Consumer APAC: Confronting complexity in cybersecurity trends for the consumer sector

Cameron Whittfield and Peggy Chow discuss the latest cybersecurity trends for consumer-facing companies including external threats which may include working with third parties and complex supply chains through to the malicious targeting of companies with ransomware, current affairs and social engineering, the cryptocurrency marketplace and geopolitical factors. They emphasise the importance of internal stakeholders speaking … Read more

Future of Consumer APAC: Data privacy in targeted advertising – Current regulatory challenges and future directions

Peggy Chow (Of Counsel, Singapore) and Kaman Tsoi (Special Counsel, Melbourne) discuss the latest regulatory trends and future directions including the use of third party tracing cookies, the overlap between privacy and competition, proposed new laws on targeted advertising and cookies in the EU, the US, Japan and Australia, facial recognition and less privacy intrusive … Read more

Online Privacy Code: More Transparency and Minimum Standards for Online Platforms in Australia

 G20 nation moves to modernised privacy code for online platforms, including binding rules. The proposed scope – and stakes for industry players – is substantial. On 25 October 2021, the Australian Attorney-General’s department released, for public consultation, an exposure draft bill introducing amendments to the Privacy Act 1988 (Cth) (the Privacy Legislation Amendment (Enhancing Online Privacy and … Read more

Online Privacy Bill and Privacy Act Discussion Paper: Stricter Enforcement, Online Privacy Code and the Impact for Organisations Handling Personal Information

Two recent publications by the Australian Attorney-General’s Department mark significant steps forward on the long road to reform of Australian privacy legislation: An Online Privacy Bill Exposure Draft introducing amendments to the Privacy Act 1988 (Cth) (“Online Privacy Bill”), which will strengthen penalties and enforcement measures and introduce a binding privacy code for online platforms. … Read more

Submissions Sought for Australia’s Privacy Act Review

The Australian Government has published an issues paper outlining and seeking feedback on the Privacy Act 1988 (the “Act“) and other Australian laws protecting personal information, with submissions on a series of 68 questions due by 29 November 2020 (the “Issues Paper“). It will then prepare and release a discussion paper including possible options for reform early next year. … Read more

Proposed reform of data management practices all in the name of productivity

The Federal Government has released the Australian Productivity Commission’s (Commission) final report on data availability, management and use (Report). 1 The Report sets out an ambitious proposal to fundamentally reform the way that data is managed in Australia. The lengthy Report is the product of a 12 month inquiry that involved 335 submissions from a broad … Read more

New mandatory data breach reporting law passed

The Federal Government has today passed the Privacy Amendment (Notifiable Data Breaches) Act 2016 to amend the Privacy Act 1988 to include mandatory notification of eligible data breaches. This was the government’s third attempt at legislating data breach notification as a result of recommendations from the Australian Law Reform Commission in 2008. The rules are aimed … Read more