“Now is the last chance to have your say on the shape of privacy laws in Australia for the next 10 years – so use it wisely.” KWM Partner Cheng Lim
Australia’s privacy and data protection laws are set for an overhaul that will both strengthen and modernise the landscape. There is still a window to have your say on the proposals – but it is fast closing. Submissions to the Australian Government’s response on the Privacy Act Review Report are due on Friday March 31.
To share their insights on the proposals and help inform clients, KWM Partners Cheng Lim, Kirsten Bowe, Michael Swinson and Bryony Evans recently sat down to discuss the changes proposed in these reforms. This was part of our annual Sprint to the Finish series of professional development sessions – you can watch the session in full here. Below, we share snippets of their perspectives and critical advice on what organisations can do to anticipate the fast-approaching reforms.
We are watching the space closely and will share our insights as the situation develops.
“There is certainly a long road to travel on privacy reforms and it will be fascinating to see where we shape up in terms of the Privacy Act in the year to come.” KWM Partner Bryony Evans
Tell me in two minutes!
- Proposed changes were released by the Attorney General’s Department on February 16. Following two years of consultations and reviews, the Privacy Act Review Report made 116 proposals to strengthen and modernise privacy law. The report runs to 320 pages and key themes include the type of ‘personal information’ protected, exemptions for small business and journalists (among others), notice and consent, data security and direct marketing.
- The broad reaching changes will increase alignment with EU laws.The reforms will introduce a number of individual rights, and also include data processor distinctions and a broader definition of personal information that will increase alignment with the EU’s General Data Protection Regulation (GDPR). This will have broad reaching implications on organisations and individuals.
- High risk privacy activities will require greater scrutiny. While the principles-based approach of the Privacy Act will be retained, there are some reforms directed at specific activities that are considered high risk, including automatic decision making, use of biometric data and targeting. There will also be a requirement to undertake a Privacy Impact Assessment for any high risk privacy activity.
- Increased enforcement options. A raft of new proposals to increase enforcement powers and to enable direct right of access and even a statutory tort of privacy are proposed as part of the reports.
- Transparency is key. Transparency runs through the Report as a critical theme, in accounting for appropriate public scrutiny.
- Start preparing now. Don’t wait until the reforms are passed to start considering your organisation’s approach to privacy and personal information. Now is the time for organisations to start carefully considering data collection, use and storage and to review privacy policies and data retention and destruction processes and how they may interact with the likely reforms.
The report is admittedly long – but it is considered and covers critically important areas in the privacy sphere.
“There is so much food for thought in this report – it’s definitely worth the read. Particularly the summary of the 116 recommendations if nothing else and trying to assess their implications on your organisation.” KWM Partner Cheng Lim
Want to know more?
