The Federal Privacy Act 1988 (Cth) was updated effective as of 12 March 2013, pursuant to the Privacy Amendment (Enhancing Privacy Protection) Act 2012 (Cth). These changes are important and require careful review and amendment to your organisation's privacy protocols, in order to comply with the changes.

The Statutory changes will impact the way in which your organisation deals with personal information.

Vatandoust is able to review your organisation's internal and the external protocols and to update your privacy policy to ensure that your business is able to meet the Privacy Commissioner's deadline of 12 March 2014 for legislative compliance.

For further information click here to review our privacy and data protection services.

SPECIFIC CHANGES

Australian Privacy Principles (APPs)

The Privacy Amendment Act includes a set of new, harmonised, privacy principles that will regulate the handling of personal information by both Australian government agencies and businesses. These new principles are called the Australian Privacy Principles (APPs). They will replace the existing Information Privacy Principles (IPPs) that currently apply to Australian government agencies and the National Privacy Principles (NPPs) that currently apply to businesses.

Under the changes, there will be 13 new APPs. A number of the APPs are significantly different from the existing principles, including APP 7 on the use and disclosure of personal information for direct marketing, and APP 8 on cross-border disclosure of personal information.

Enhanced powers for the Australian Information Commissioner

The Australian Information Commissioner (the Information Commissioner) will also have enhanced powers, which will generally be exercised by the Privacy Commissioner, including the ability to:

  • accept enforceable undertakings
  • seek civil penalties in the case of serious or repeated breaches of privacy
  • conduct assessments of privacy performance for both Australian government agencies and businesses.

Changes to credit reporting laws

Changes to credit reporting laws include:

  • the introduction of more comprehensive credit reporting, which will allow the reporting of information about an individual's current credit commitments and their repayment history information over the previous two years
  • a simplified and enhanced correction and complaints process
  • a prohibition on the reporting of credit related information about children
  • a prohibition on the reporting of defaults of less than $150
  • the introduction of specific rules to deal with pre-screening of credit offers
  • the introduction of specific provisions that allow an individual to freeze access to their credit related personal information in cases of suspected identity theft or fraud
  • the introduction of civil penalties for breaches of certain credit reporting provisions.

For a more detailed explanation of the credit changes see: Privacy business resource 3: Credit reporting - what has changed

Codes

The Privacy Amendment Act introduces new laws on information privacy codes (APP codes) and the credit reporting code (the CR code), including powers for the Information Commissioner or the Privacy Commissioner to develop and register binding codes that are in the public interest.

Watch the YouTube video of Australian Privacy Commissioner, Timothy Pilgrim speaking about the changes to the Privacy Act.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.