Australia: Telecommunications, Media And Technology (TMT) Law Update – Volume 20

Last Updated: 25 July 2018
Article by Gordon Hughes and Andrew Sutherland

Key developments in the area of Technology, Media and Telecommunications over the past two months are summarised below.


Optus fined for misleading consumers

On 22 May 2018, the Federal Court of Australia imposed a pecuniary penalty of $1.5m on Optus Internet Pty Ltd arising out of misleading notifications provided to customers regarding their switch to the National Broadband Network: Australian Competition and Consumer Commission v Optus Internet Pty Ltd [2018] FCA 777. Over a period of 18 months, Optus had advised customers that their Optus Internet service would be disconnected on a specific date or within a specific period and that it would be necessary to acquire NBN based services from Optus Internet in order to continue receiving home telephone and/or internet. Following the commencement of proceedings by the Australian Competition and Consumer Commission, Optus admitted that its notifications contravened sections 18 and 29(1)(m) of the Australian Consumer Law on the basis that they were misleading or deceptive in relation to the supply of services. Specifically, it was conceded that customers had fixed term contracts which could not be cancelled before the end of the term, and there was no requirement for NBN services to be acquired through Optus as opposed to other retail service providers.

Online advertiser fined for unconscionable conduct

On 28 May 2018, the Federal Court of Australia imposed substantial penalties on an online advertising company and its sole director for unconscionable conduct in the conduct of its sales strategy: Australian Competition and Consumer Commission v ABG Pages Pty Ltd [2018] FCA 764. The respondent conceded that it had engaged in unconscionable conduct by misleading potential customers as to the number and nature of the businesses which advertised on its directory, for engaging in high-pressure sales tactics and by failing to explain to potential customers that the stated duration of the contract would automatically renew unless they gave written notice before a specified number of days prior to an unspecified renewal date. Rangiah J imposed pecuniary penalties totalling $300,000 on the company, $40,000 on the director and $25,000 jointly and severally on both respondents. Other orders included a 5 year injunction on the company and the director from making similar representations, a requirement for the company and the director to undergo a compliance program and a disqualification of the director from managing a corporation for 5 years.

Privacy Commissioner clarifies scope of APP 6.2

On 29 May 2018, the Office of the Australian Information Commissioner issued a statement regarding the right of a government department to release personal information in order to correct the record following public criticism by an individual. The Commissioner's decision related to the release by Centrelink of personal information about a journalist who had published an opinion piece criticising the Centrelink debt recovery system for seeking recovery of a debt which she did not owe. The Privacy Commissioner accepted Centrelink's contention that its disclosure n rebuttal fell within Australian Privacy Principle 6.2(a) on the basis that it was a secondary purpose which an individual in the complainant's position should have "reasonably expected". Citing the APP Guidelines which in turn reflected a previous determination by in L v Commonwealth Agency [2010] PrivCmrA14, the Commissioner concluded that "a person who complains publically about an agency in relation to their circumstances (for example, to the media) is considered to be reasonably likely to be aware that the agency may respond publically – and in a way that reveals personal information relevant to the issues they have raised". The decision has caused a degree of consternation amongst privacy advocates.

Domain companies fined for ACL breaches

On 14 June 2018, the Federal Court ordered that two domain companies pay combined penalties of $1.95 million for breaches of the Australian Consumer Law. The Court found that Domain Corp Pty Ltd and Domain Name Agency Pty Ltd had, over a period of approximately 18 months, sent out approximately 300,000 unsolicited notices to businesses which had the appearance of renewal invoices for an existing domain name. In fact, the notices involved the registration of a new domain name at a cost of between $249 –$275 each. The Court found that Australian businesses and organisations had paid approximately $2.3 million to the respondents during the period in question as a result of receiving the notices. The Court imposed 3 year injunctions against each domain company and a 5 year injunction against the sole director of both companies who was found to have been knowingly concerned with the corporations' conduct. The sole director was also disqualified from managing a corporation for 5 years and ordered to pay costs to the ACCC.

Apple US fined for misleading Australian consumers

On 18 June 2018, the Federal Court ordered Apple Inc. (Apple US) to pay $9 million in penalties for making false or misleading representations to customers with faulty iPhones and iPads about their rights under the Australian Consumer Law. Proceedings had been instituted by the ACCC following an investigation of complaints relating to "error 53" which disabled some iPhones and iPads after owners downloaded an update. Apple US advised its Australian customers that they were no longer eligible for a remedy if their device had been repaired by a third party. This statement contravened section 64 of the Australian Consumer Law which prohibits the exclusion of consumer guarantees. Of equal significance to overseas suppliers was the Court's declaration that Apple US, as a multi-national parent company, was responsible for the conduct of its Australian subsidiary.

Cabinet information exempt from GIPA Act disclosure

On 28 June 2018, the NSW Civil and Administrative Tribunal affirmed and applied the principle that, for the purposes of the Government Information (Public Access) Act 2009 (NSW), Cabinet material is to be considered differently to other information under the Act: Park vs Transport for NSW (No. 2) [2018] NSW CATAD 134. The proceedings related to a request for specific information on the Sydney Light Rail Project, in respect of which the respondent declined to release certain documents which it contended fell within the definition of "Cabinet information". The Tribunal declined to consider whether the public interest favoured disclosure or non-disclosure. Senior member McAteer followed the reasoning in D'Adam vs NSW Treasury [2014] NSWCATAD 68 who had observed that "a special and very different decision-making matrix" applied to Cabinet information, with the respondent only required to establish that there were reasonable grounds for asserting that the information constitutes "Cabinet or Executive Council information" and thereby establishing the presumption of an overriding public interest against disclosure. Where the respondent establishes on reasonable grounds that the documents fall within this category, the Tribunal is not required, and has no authority, to apply a public interest test.


Global Data Protection Regulation (GDPR) commences

On 25 May 2018, the European Union's General Data Protection Regulation ("GDPR") came into effect. Its primary objective is to harmonise data protection laws across the EU. In the process, existing EU data protection laws have been updated, and Australian organisations with European connections may in some circumstances be required to adjust their existing privacy practices in order to comply. To a certain extent, Australian businesses will met the GDPR requirements if they comply with the Australian Privacy Principles but there is nevertheless a gap in areas relating to accountability and governance, consent, mandatory data breach notification, the right of erasure, data portability and the right to object. For more detailed information, see the article on our website, Impact of the EU Global Data Protection Regulation in Australia.

New Credit Reporting Code released

On 27 June 2018, the Australian Information Commissioner approved the Privacy (Credit Reporting) Code 2014 (Version 2). The existing Code, Version 1.2, was repealed and replaced by the new Version 2, with effect from 1 July 2018. The Credit Reporting Code is a requirement of Part IIIB Division 3 of the Privacy Act 1988, and must set out how the provisions of Part IIIA are to be applied or complied with. The Code does not, however, encompass all aspects of Part IIIA and accordingly compliance with the Code alone will not achieve full compliance with the credit reporting requirements set out in the Privacy Act. The new Code essentially introduces only minor and technical variations to the previous Code, implementing recommendations and observations made in the Review of Privacy (Credit Reporting) Code 2014 (V1.2) Report dated 8 December 2017 which was commissioned from PricewaterhouseCoopers.

Revenge porn reforms in Western Australia

On 28 June 2018, the Criminal Law Amendment (Intimate Images) Bill 2018 WA was introduced by the Western Australian Attorney-General in the Legislative Assembly. The Bill seeks to amend the Criminal Code by introducing offences of distributing an intimate image and threatening to distribute an intimate image. An "intimate image" is broadly defined and extends to images in digital form, either online or on a hardware storage device and in any other technological format which may exist now or in the future. The new offence is punishable by a term of imprisonment of up to 3 years. A range of defences exist, including distribution for a "media activity purpose", whereby the image is distributed for a media activity purpose without the intention of causing harm to the person depicted and in the reasonable belief that the distribution is in the public interest.

Restrictions on misuse of national security information increased

On 29 June 2018, the National Security Legislation Amendment (Espionage and Foreign Interference) Act 2018 (Cth) came into effect. The legislation amends the Criminal Code Act 1995, the Crimes Act 1914, the Telecommunications (Interception and Access) Act 1979 and the Inspector-General of Intelligence and Security Act 1986. The legislation amends key offences dealing with threats to national security and gives particular focus to the mishandling of confidential information. The legislation strengthens existing espionage offences, reforms the Commonwealth's secrecy offences in order to more comprehensively criminalise the leaking of harmful information, and introduces a new "theft of trade secrets" offence with the objective of protecting Australia from economic espionage by foreign government principals. In relation to the mishandling of information specifically, the legislation amends part 5.2 of the Criminal Code to introduce comprehensive new espionage offences in Division 91, criminalising a broad range of dealings with information including possessing or receiving and targeting not only persons who disclose the information but also the actions of a foreign principal who receives the information. Division 91 also introduces a new offence of soliciting or procuring a person to engage in espionage and introduces a new preparation or planning offence to allow law enforcement agencies to intervene at an earlier stage than has previously been possible.

Ipso facto reforms

From 1 July 2018, amendments to the treatment of ipso facto clauses came into effect. Specifically, the Treasury Laws Amendment (2017 Enterprise Incentives No. 2) Act 2017 Cth introduced Parts 5.1, 5.2 and 5.3A into the Corporations Act. An "ipso facto clause" permits termination of a contract by one party if the other party is subject to an insolvency event, and the effect of the amendments is to introduce a stay period (the length of which varies depending upon the type of insolvency event) in order to provide a company with the opportunity to trade out of its difficulties. Pursuant to the same amending legislation, reforms were previously introduced on 11 September 2017 which provided directors with a "safe haven" against personal liability for insolvent trading under certain conditions. For more detail, see the article on our website, Australia's ipso facto reforms have serious consequences for IP Agreements.

Commonwealth government privacy code commences

On 1 July 2018, the Privacy (Australian Government Agencies – Governance) Code commenced. As previously reported, the Code, which was developed by the Australian Information Commissioner in accordance with section 26G of the Privacy Act, imposes obligations on Commonwealth government agencies which are additional to their existing obligations under the Australian Privacy Principles. The Code expands upon the manner in which public sector agencies must meet the requirements of APP 1. APP 1 implicitly promotes a "privacy by design" approach which ensures privacy compliance is included in the design of an entity's information systems and practices. Of particular significance, the Code requires each agency to have a privacy management plan, a designated privacy officer and a designated "privacy champion", the latter being a senior official within the agency with the role of promoting a culture of privacy and providing leadership on strategic privacy issues. The Code also requires agencies to conduct Privacy Impact Assessments for all high privacy risk assessments, and to include appropriate privacy training in any staff induction program.

New mandatory comprehensive credit reporting laws imminent

The National Consumer Credit Protection Amendment (Mandatory Comprehensive Credit Reporting) Bill 2018, supported by the Mandatory Comprehensive Credit Reporting Regulations, is currently before the Senate. The legislation seeks to amend the Credit Act to mandate a comprehensive credit reporting regime. Under this mandatory regime, Authorised Deposit-taking Institutions will be required to provide comprehensive credit information on open and active consumer credit accounts to certain credit reporting bodies. The legislation will also expand ASIC's powers to monitor compliance with the mandatory regime. Since March 2014, the Privacy Act has allowed credit providers and credit reporting agencies to use and disclose "comprehensive credit information" about a consumer (such as the number of credit accounts a person holds, the maximum amount of credit available to a person and an individual's repayment history) but such disclosure had not been mandated. Acting on recommendations from the Murray Inquiry and the Productivity Commission, the legislation has the objective of enabling credit providers to obtain a more comprehensive view of a consumer's financial situation so as to ensure responsible lending practices.


Draft legislation for data sharing released

On 5 July 2018, the Department of the Prime Minister and Cabinet released a consultation paper entitled New Australian Government and Data Sharing and Release Legislation. The consultation paper, which calls for responses by 1 August 2018, foreshadows the introduction of a Data Sharing and Release Bill. The Bill is a manifestation of the government's earlier response to recommendations by the Productivity Commission in May 2017, which we have previously reported upon, recommending the introduction of new procedures to facilitate the public disclosure of certain formation in the public interest whilst maintaining appropriate privacy, confidentiality and security safeguards. The proposed legislation contemplates the establishment of a National Data Commissioner and the introduction of a Consumer Data Right. The government had previously announced, in May 2018, the introduction of a Consumer Data Right, a form of data portability, to be applied to all major banks from 1 July 2019 with respect to data applicable to credit and debit cards and deposit and transaction accounts. The regime would be extended to mortgages by 1 February 2020, and all other banking products by 1 July 2020. Remaining banks would follow within 12 months, and the scheme would subsequently be rolled out to the energy and telecommunications sectors. The objective is to provide customers with improved access to their own data and an ability to insist that it be transmitted in usable form to potential competitor organisations for comparative purposes.


Revised data sharing rules for insurers

Effective from 1 July 2018, the Private Health Insurance (Data Provision) Rules 2018 revoke and remake the previous Private Health Insurance (Data Provision) Rules 2017. The rules are made pursuant to section 333-20 of the Private Health Insurance Act 2007 and clarify the obligation of private health insurers to disclose certain data about the treatment of insured patients in de-identified form to the Department of Health. In order to maintain the privacy of individuals, the Act makes it an offence for a person to disclose protected information to another person if that information was obtained in the course of performing a duty, function or power under the Act.

Opt-out period for My Health Record commences

From Monday 16 July 2018, a 3 month opt-out period for the Federal government's My Health Record system commenced. We have previously reported that the scheme, involving an electronic summary of an individual's health information which can be shared online between health care providers, was to be converted from an "opt-in" model to an "opt-out" model due to the disappointingly low level of optional participation since the inception of the scheme in 2012. On 15 October 2018, at the conclusion of the current 3 month opt-out period, a My Health Record will be created for any individual who has not opted-out by that time. The new arrangements have attracted adverse comment from the medical and security sectors which have expressed concerns about the privacy implications of security breaches.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

To print this article, all you need is to be registered on

Click to Login as an existing user or Register so you can print this article.

Some comments from our readers…
“The articles are extremely timely and highly applicable”
“I often find critical information not available elsewhere”
“As in-house counsel, Mondaq’s service is of great value”

Related Topics
Related Articles
Up-coming Events Search
Font Size:
Mondaq on Twitter
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).
Email Address
Company Name
Confirm Password
Mondaq Topics -- Select your Interests
 Law Performance
 Law Practice
 Media & IT
 Real Estate
 Wealth Mgt
Asia Pacific
European Union
Latin America
Middle East
United States
Worldwide Updates
Registration (you must scroll down to set your data preferences)

Mondaq Ltd requires you to register and provide information that personally identifies you, including your content preferences, for three primary purposes (full details of Mondaq’s use of your personal data can be found in our Privacy and Cookies Notice):

  • To allow you to personalize the Mondaq websites you are visiting to show content ("Content") relevant to your interests.
  • To enable features such as password reminder, news alerts, email a colleague, and linking from Mondaq (and its affiliate sites) to your website.
  • To produce demographic feedback for our content providers ("Contributors") who contribute Content for free for your use.

Mondaq hopes that our registered users will support us in maintaining our free to view business model by consenting to our use of your personal data as described below.

Mondaq has a "free to view" business model. Our services are paid for by Contributors in exchange for Mondaq providing them with access to information about who accesses their content. Once personal data is transferred to our Contributors they become a data controller of this personal data. They use it to measure the response that their articles are receiving, as a form of market research. They may also use it to provide Mondaq users with information about their products and services.

Details of each Contributor to which your personal data will be transferred is clearly stated within the Content that you access. For full details of how this Contributor will use your personal data, you should review the Contributor’s own Privacy Notice.

Please indicate your preference below:

Yes, I am happy to support Mondaq in maintaining its free to view business model by agreeing to allow Mondaq to share my personal data with Contributors whose Content I access
No, I do not want Mondaq to share my personal data with Contributors

Also please let us know whether you are happy to receive communications promoting products and services offered by Mondaq:

Yes, I am happy to received promotional communications from Mondaq
No, please do not send me promotional communications from Mondaq
Terms & Conditions (the Website) is owned and managed by Mondaq Ltd (Mondaq). Mondaq grants you a non-exclusive, revocable licence to access the Website and associated services, such as the Mondaq News Alerts (Services), subject to and in consideration of your compliance with the following terms and conditions of use (Terms). Your use of the Website and/or Services constitutes your agreement to the Terms. Mondaq may terminate your use of the Website and Services if you are in breach of these Terms or if Mondaq decides to terminate the licence granted hereunder for any reason whatsoever.

Use of

To Use you must be: eighteen (18) years old or over; legally capable of entering into binding contracts; and not in any way prohibited by the applicable law to enter into these Terms in the jurisdiction which you are currently located.

You may use the Website as an unregistered user, however, you are required to register as a user if you wish to read the full text of the Content or to receive the Services.

You may not modify, publish, transmit, transfer or sell, reproduce, create derivative works from, distribute, perform, link, display, or in any way exploit any of the Content, in whole or in part, except as expressly permitted in these Terms or with the prior written consent of Mondaq. You may not use electronic or other means to extract details or information from the Content. Nor shall you extract information about users or Contributors in order to offer them any services or products.

In your use of the Website and/or Services you shall: comply with all applicable laws, regulations, directives and legislations which apply to your Use of the Website and/or Services in whatever country you are physically located including without limitation any and all consumer law, export control laws and regulations; provide to us true, correct and accurate information and promptly inform us in the event that any information that you have provided to us changes or becomes inaccurate; notify Mondaq immediately of any circumstances where you have reason to believe that any Intellectual Property Rights or any other rights of any third party may have been infringed; co-operate with reasonable security or other checks or requests for information made by Mondaq from time to time; and at all times be fully liable for the breach of any of these Terms by a third party using your login details to access the Website and/or Services

however, you shall not: do anything likely to impair, interfere with or damage or cause harm or distress to any persons, or the network; do anything that will infringe any Intellectual Property Rights or other rights of Mondaq or any third party; or use the Website, Services and/or Content otherwise than in accordance with these Terms; use any trade marks or service marks of Mondaq or the Contributors, or do anything which may be seen to take unfair advantage of the reputation and goodwill of Mondaq or the Contributors, or the Website, Services and/or Content.

Mondaq reserves the right, in its sole discretion, to take any action that it deems necessary and appropriate in the event it considers that there is a breach or threatened breach of the Terms.

Mondaq’s Rights and Obligations

Unless otherwise expressly set out to the contrary, nothing in these Terms shall serve to transfer from Mondaq to you, any Intellectual Property Rights owned by and/or licensed to Mondaq and all rights, title and interest in and to such Intellectual Property Rights will remain exclusively with Mondaq and/or its licensors.

Mondaq shall use its reasonable endeavours to make the Website and Services available to you at all times, but we cannot guarantee an uninterrupted and fault free service.

Mondaq reserves the right to make changes to the services and/or the Website or part thereof, from time to time, and we may add, remove, modify and/or vary any elements of features and functionalities of the Website or the services.

Mondaq also reserves the right from time to time to monitor your Use of the Website and/or services.


The Content is general information only. It is not intended to constitute legal advice or seek to be the complete and comprehensive statement of the law, nor is it intended to address your specific requirements or provide advice on which reliance should be placed. Mondaq and/or its Contributors and other suppliers make no representations about the suitability of the information contained in the Content for any purpose. All Content provided "as is" without warranty of any kind. Mondaq and/or its Contributors and other suppliers hereby exclude and disclaim all representations, warranties or guarantees with regard to the Content, including all implied warranties and conditions of merchantability, fitness for a particular purpose, title and non-infringement. To the maximum extent permitted by law, Mondaq expressly excludes all representations, warranties, obligations, and liabilities arising out of or in connection with all Content. In no event shall Mondaq and/or its respective suppliers be liable for any special, indirect or consequential damages or any damages whatsoever resulting from loss of use, data or profits, whether in an action of contract, negligence or other tortious action, arising out of or in connection with the use of the Content or performance of Mondaq’s Services.


Mondaq may alter or amend these Terms by amending them on the Website. By continuing to Use the Services and/or the Website after such amendment, you will be deemed to have accepted any amendment to these Terms.

These Terms shall be governed by and construed in accordance with the laws of England and Wales and you irrevocably submit to the exclusive jurisdiction of the courts of England and Wales to settle any dispute which may arise out of or in connection with these Terms. If you live outside the United Kingdom, English law shall apply only to the extent that English law shall not deprive you of any legal protection accorded in accordance with the law of the place where you are habitually resident ("Local Law"). In the event English law deprives you of any legal protection which is accorded to you under Local Law, then these terms shall be governed by Local Law and any dispute or claim arising out of or in connection with these Terms shall be subject to the non-exclusive jurisdiction of the courts where you are habitually resident.

You may print and keep a copy of these Terms, which form the entire agreement between you and Mondaq and supersede any other communications or advertising in respect of the Service and/or the Website.

No delay in exercising or non-exercise by you and/or Mondaq of any of its rights under or in connection with these Terms shall operate as a waiver or release of each of your or Mondaq’s right. Rather, any such waiver or release must be specifically granted in writing signed by the party granting it.

If any part of these Terms is held unenforceable, that part shall be enforced to the maximum extent permissible so as to give effect to the intent of the parties, and the Terms shall continue in full force and effect.

Mondaq shall not incur any liability to you on account of any loss or damage resulting from any delay or failure to perform all or any part of these Terms if such delay or failure is caused, in whole or in part, by events, occurrences, or causes beyond the control of Mondaq. Such events, occurrences or causes will include, without limitation, acts of God, strikes, lockouts, server and network failure, riots, acts of war, earthquakes, fire and explosions.

By clicking Register you state you have read and agree to our Terms and Conditions