On November 17, the Office of the Australian Information Commissioner ("OAIC") issued the Privacy Regulatory Action Policy to explain the OAIC's approach to taking regulatory action. The policy details the OAIC's powers of investigation and the factors that the OAIC may take into account when considering enforcement actions in response to privacy breaches. The OAIC is expected to release a Guide to Privacy Regulatory Action to provide further detail on the Information Commissioner's regulatory powers.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.