ARTICLE
28 August 2025

Australian Privacy Law Reform Tranche 2: The Time For Conversation Is Over

KG
K&L Gates LLP

Contributor

K&L Gates LLP logo
At K&L Gates, we foster an inclusive and collaborative environment across our fully integrated global platform that enables us to diligently combine the knowledge and expertise of our lawyers and policy professionals to create teams that provide exceptional client solutions. With offices spanning across five continents, we represent leading global corporations in every major industry, capital markets participants, and ambitious middle-market and emerging growth companies. Our lawyers also serve public sector entities, educational institutions, philanthropic organizations, and individuals. We are leaders in legal issues related to industries critical to the economies of both the developed and developing worlds—including technology, manufacturing, financial services, health care, energy, and more.
Explore Firm Details
Tranche 2 of the Australian Privacy Act reforms is expected soon (perhaps imminently), following comments from the new attorney general in the media that suggested the time for conversation and for lobbying is ov
Australia Privacy
Cameron Abbott,Rob Pulham, and Stephanie Mayhew

Tranche 2 of the Australian Privacy Act reforms is expected soon (perhaps imminently), following comments from the new attorney general in the media that suggested the time for conversation and for lobbying is over. The attorney general noted in an interview last month on Sky News that the highly anticipated "second tranche" of Australian privacy law reform is coming, saying "Australians are sick and tired of their personal data being exploited" and "not being protected," and that "we will not have our privacy reforms dictated by multinational tech giants."

While the exact timing and elements that will be included in tranche 2 are not yet known, there is enough material in the recommendations from the Privacy Act Review Report and the Government's positive response to the vast majority of those recommendations, both released in 2023, for transformative privacy law changes to be brought into effect without further significant industry consultation. Indeed, the parliamentary drafting teams may have already provided a preview of some of those changes in their work to finalise tranche 1 of the reforms last year.

The comments have generated a flurry of activity and interest in affected industries and we have seen an uptick in organisations looking to ensure they have budgeted for further privacy and cyber security compliance uplifts through a combination of additional personnel, security infrastructure, and project teams.

How should you prepare?

  • Prepare a 'data inventory' so you understand the personal information your organisation collects and holds;
  • Ensure your privacy policies and practices are transparent and notified to individuals at the correct times;
  • Ensure sensitive information is deleted or destroyed once its purpose is fulfillfed; and
  • Ensure your organisation has an appropriate forward budget and resources to undertake the necessary privacy compliance uplift program when these changes become law.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Authors
Photo of Cameron Abbott
Cameron Abbott
Photo of Rob Pulham
Rob Pulham
Photo of Stephanie Mayhew
Stephanie Mayhew
See More Popular Content From

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More