Many of the reforms will commence almost immediately.
The Privacy and Other Legislation Amendment Bill 2024 means changes to the Privacy Act 1988 and 7 other Acts, to introduce a range of measures to protect the privacy of individuals with respect to their personal information, including:
- expanding the Information Commissioner’s powers,
- facilitating information sharing in emergency situations or following eligible data breaches,
- requiring the development of a Children’s Online Privacy Code,
- providing protections for overseas disclosures of personal information,
- introducing new civil penalties,
- increasing transparency about automated decisions which use personal information,
- introducing a statutory tort to provide redress for serious invasions of privacy,
- introducing criminal offences targeting the release of personal data using a carriage service in a manner that would be menacing or harassing (known as ‘doxxing’).
How will this impact you? Well, if your organisation needs to comply with the Australian Privacy Act, the size and type of your organisation, what personal information you collect, what your level of capability is around privacy and, how mature your privacy practice is, will all impact how the reforms impact you.
But, to keep this succinct, the first thing you can do is review your Privacy Policy.
- When was it last updated?
- Does it meet the requirements of the Australian Privacy Act?
- If your automated decision making uses personal information, your published Privacy Policy should state that.
Particularly, in view of the increased penalty tiers and current risks, if you don’t have time to address the above, we recommend you get support.
Reach out to us using our contact page for details on the ways we can help you to mitigate your privacy risk or call 1300 264 946.