The new Australian Privacy Principles (APPs) launched on 12th March 2014, represent a substantial overhaul of the existing framework and organisations should urgently review their current privacy policies, says Dudley Kneller, partner of Madgwicks Lawyers.
There are a number of core elements that have been amended and Madgwicks have launched a privacy app to help organisations identify potential areas of risk or exposure.
However, according to an Australian Financial Review article published on March 11th 2014, its seems some 75% of companies are not ready for privacy changes that start on Wednesday, according to a survey by Senetas Corporation. The new privacy laws move away from their current objectives - to educate and raise awareness of privacy obligations – and more towards an era of enforcement in line with the European Union’s approach.
Presently, most organisations think it is sufficient to simply have a privacy policy on their website. Now they must be able to demonstrate that they documented practical policies, procedures and technology to back up their claims. Organisations must be able to show they are taking all reasonable steps to be compliant.
There are four big areas to watch out for:
The Office of the Australian Information Commissioner (OAIC) has a substantially bigger stick with which to punish offenders, with the maximum fines stretching to $1.7million for organisations and 340,000 for individuals. They also have a range of civil remedies such as obtaining injunctions against offending parties.
Kneller thinks that in most cases the threat to damage of reputation will be an even stronger incentive for most organisations.
To learn more about data protection and complying with privacy laws, refer to our blog on dealing with the data sovereignty dilemma.