The Privacy Commissioner recently handed down findings from a privacy investigation into web-scraping company, Property Lovers Pty Ltd.
Amongst other breaches, the Commissioner found that Property Lovers breached Australian Privacy Principle (APP) 1.3 by failing to have a clearly expressed and up to date privacy policy which contained the information required by APP 1.4.
The Commissioner stated:
“I am of the view that, during the relevant period, the respondent failed to include in its privacy policies:
a) information about the kinds of personal information that it collected
b) how it collected and held that personal information
c) the purpose for which it collected, used and disclosed that personal information
d) how an individual may access their personal information held by the respondent and seek the correction of such information; and
e) how an individual many complain about a breach of the APPs and how the respondent will deal with such complaints
as required by APP 1.4(a), 1.4(b), 1.4(c), 1.4(d) and 1.4(e).
In this case, the remedy contained specific steps including for Property Lovers to review and update their privacy policy. However, the range of fines introduced in December, will also now be used to penalise organisations which do not meet the compliance requirements of the federal Privacy Act.
Having a clearly expressed and up to date privacy policy provides the opportunity to demonstrate transparency regarding the handling of personal information for your market.
Further, the reforms legislated in December 2024 require organisations to be transparent with individuals where personal information (AI) is being used for automated decision making, which also requires updates to privacy policies.
We know people who aren’t excited by privacy policies but they’re in our DNA, and we are, so, if you’d like us to review and update your policy please contact us on 1300 264 946.