To link to this article, copy this persistent link:

(Mar 21, 2014) On March 12, 2014, substantial amendments to the Privacy Act 1988 (Cth) that resulted from a bill passed in 2012 came into effect in Australia. (Privacy Act 1988 (Cth); Privacy Amendment (Enhancing Privacy Protection) Act 2012, both COMLAW.) The reforms arose from a major review of privacy law conducted by the Australian Law Reform Commission (ALRC), which was completed in 2008 and resulted in 295 recommendations to the federal government. (See Kelly Buchanan, Australia: Federal Government to Reform Privacy Laws, GLOBAL LEGAL MONITOR (Oct. 22, 2009); Privacy Law and Practice, ARLC (last modified July 30, 2012).)

The Privacy Act now includes a single set of privacy principles, called the Australian Privacy Principles or APPs, that apply to the handling of personal information by government agencies and some private sector organizations. Previously, the Act contained two sets of principles that applied to the two different types of entities. The new principles contain some key developments, including in relation to the disclosure of information for direct marketing purposes, as well as cross-border information disclosure. (Privacy Law Reform, Office of the Australian Information Commissioner (last visited Mar. 14, 2014).)

Other significant changes include enhancements to the powers of the Office of the Australian Information Commissioner (OAIC) and changes to credit reporting laws. For example, the law will now allow the OAIC to accept enforceable undertakings from entities. This means that where an entity promises to take a specific action or to refrain from taking specified action in order to comply with the Privacy Act, the OAIC can enforce the terms of the undertaking in court if the entity does not comply. (Applying Privacy Law, OAIC (last visited Mar. 14, 2014).) It will also be able to seek injunctions to prevent conduct that would constitute a breach of the Act and apply to the courts for civil penalty awards against organizations in cases of serious or repeated breaches of privacy. (Id.)

Under the Act, entities can develop their own privacy codes and seek approval of these from the OAIC. The provisions related to developing and registering such codes have been substantially changed as a result of the reforms. (Privacy Codes, OAIC (last visited Mar. 14, 2014).) In addition, small business operators can choose to opt-in and be treated as an organization for the purposes of the Act and therefore be subject to the APPs. The OAIC keeps a register of organizations that opt-in. (Privacy Registers, OAIC (last visited Mar. 14, 2014).)

Following the passage of the amendment legislation in 2012, the ALRC published an issues paper on the prevention of and remedies for serious invasions of privacy in the digital era. A final report on this subject is expected to be provided to the Attorney-General by June 2014. (Serious Invasions of Privacy, ALRC (last visited Mar. 14, 2014).)

Author: Kelly Buchanan More by this author
Topic: Right of privacy More on this topic
Jurisdiction: Australia More about this jurisdiction

Search Legal News
Find legal news by topic, country, keyword, date, or author.

Global Legal Monitor RSS
Get the Global Legal Monitor delivered to your inbox. Sign up for RSS service.

The Global Legal Monitor is an online publication from the Law Library of Congress covering legal news and developments worldwide. It is updated frequently and draws on information from the Global Legal Information Network, official national legal publications, and reliable press sources. You can find previous news by searching the GLM.

Last updated: 03/21/2014