Wednesday, March 12, 2014

Are you prepared for Australia's new privacy law?

Today Australia's new Privacy law comes into force, affecting Australian Government agencies, businesses with a turnover of more than $3 million or trading in personal information and all private health service providers.

As the first major change in Australian privacy law in 25 years, there's been numerous changes and updates to reflect the major changes in society over this period.

Since the last Privacy Act was introduced in the late 1980s we've seen the digitalisation of most records, the introduction of the world wide web, the rise of Web 2.0, the spread of mobile devices and the greatest increase in public expression by Australians in history.

The notion of privacy has also changed. I've always considered privacy as a transaction rather than an absolute - people trade aspects of their privacy in return for services, benefits or convenience. This has become far more widespread as an approach as organisations increasingly use personal information to shape peoples' experience of products and services, particularly online.

Generationally we've seen very different views of privacy take hold. Younger people are far more willing to share information that their elders consider 'private' and have new concerns around information that their elders share without a thought.

The new Privacy law (Privacy Amendment (Enhancing Privacy Protection) Act 2012) contains a number of stronger provisions on organisations to protect and communicate how they protect the privacy of individuals, as well as more ability for individuals to ask organisations what they know about them.

It also does a great deal to revalue personal privacy. Whereas Telstra was recently fined about $10,000 for accidentally releasing private information on about 12,000 people - valuing their privacy at 0.83c each, under the new law the penalties may be much higher - up to around $1.7 million.

If you're unfamiliar with the new privacy law, you're probably in the majority.

There's been little promotion of the change and limited information available for the public or organisations to test their current privacy approach.

There is a media release on the Office of the Australian Information Commissioner's (OAIC) site and the OAIC has done what it can - without a significant budget - to get the word out to those affected by the changes.

Unfortunately the changes haven't been promoted by any Ministers or the Prime Minister - the law was changed under the last government and the ownership may not be there.

However regardless of the promotion or not of the new law, it is now in effect. Every Australian has new rights and many organisations have new obligations they must meet in collecting, holding, sharing and protecting the private information of Australians.

To learn more about the new Australian Privacy law, visit the OAIC's guidance on the reforms at the following pages:

No comments:

Post a Comment