Julie Brush, Contributing Editor
Law reforms in Australia will means greater work for companies – and considerably increased work for their lawyers – with changes to the privacy laws in the country.
Australia privacy law is about to change significantly with new changes designed to implement extensive changes, which will result in a significant increase in workload for companies and a growing demand for privacy lawyers from both corporations and law firms.
The government commissioned a privacy law review last year, which proposed 116 amendments to the Privacy Act, which has been in place for 36 years.
Proposed changes to the Privacy Act deal mainly with the clarity around the collection notices and consent requests so as to provide greater understanding among customers as to what they should or should not be doing.
Put simply, the proposed privacy law updates are changing the way businesses manage their customer’s data and requiring them to have a process to deal with new privacy concepts.
The changes will also see greater legislative definitions around ‘consent’ and what it means, making it voluntary, informed, current and unambiguous.
The government has pledged to implement 106 of these recommendations and is expected to draft legislation by August.
Under the new laws, the definition of personal information will be expanded, and companies will be required to obtain stronger consent from individuals for the collection and use of their data.
Additionally, a fair and reasonable test will be introduced for the collection and use of an individual’s data. Individuals will be granted new rights to object to the collection and use of their personal data and to request the erasure of their data.
The reforms will also provide more protection for de-identified data, among other changes to the privacy laws and how they are applied.
According to James North, head of technology, media, and telecommunications at Australian corporate firm Corrs Chambers Westgarth, these reforms will align Australia’s privacy regime more closely with the European Union’s General Data Protection Regulation (GDPR). He emphasized that the changes to the legislation are substantial and cover a wide range of areas.
Companies should also anticipate a more proactive regulator, as the Office of the Australian Information Commissioner is likely to be granted “dawn raid-style power” to search premises for evidence and will have increased authority to impose civil penalties, according to North.
The changes will certainly bring considerable extra legal work for Australian law firms and indeed for even non-lawyers who wish to specialize in the burgeoning area of privacy law.
The Australian changes follow the legal foundations set by other international privacy legislation, specifically Europe’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
Consumers around the world are demanding that companies take online privacy more seriously in exchange for their trust, and the need to ensure that online privacy in particular is regarded seriously is something governments are increasingly concerned to ensure is adhered to and enforced.
