Australia has comprehensive privacy laws that regulate how businesses, government agencies and other organisations handle the personal information of people. There are many privacy laws in Australia. Some of the important Australian privacy laws include:
1.The Privacy Act 1988 (Cth)
This law sets out the principles and requirements for handling personal information by private sector organisations (that have an annual turnover of more than $3 million), and Australian government agencies.
2.The Notifiable Data Breaches (NDB) scheme
This scheme requires organisations that are covered by the Privacy Act to notify individuals and the Office of the Australian information Commission (OAIC) if a data breach has occurred that is likely to result in some form of serious harm to the individuals.
3. The Australian Privacy Principles (APPs)
The APPs include 13 principles that govern the use, disclosure, collection and storage of personal information by organisations that are covered by the Privacy Act. Moreover, these principles include requirements such as obtaining consent for the collection and use of personal information.
It also includes requirements for ensuring that personal information and data is accurate and updated. The APPs also includes requirements for taking appropriate steps to secure personal information.
4. Other State and Territory Privacy Laws
While the Privacy Act is a Commonwealth enforced law, there are some privacy laws by certain state and territories in Australia. In other words, some states have their own privacy laws that are applicable for organisations that are not covered by the Privacy Act.
These state and territory-specific laws have similar principles that are outlined under the Privacy Act and the APPs. But there could be some changes in terms of the requirements and scope of the law.
For example, in New South Wales (NSW), the Privacy and Personal Information Protection Act 1998 (PPIP Act) protects the privacy rights of individuals in the state. Given below is the list of privacy laws that are in effect in other states of Australia:
- Australian Capital Territory (ACT): The Privacy Act 2014
- Victoria (VIC): Privacy and Data Protection Act 2014
- South Australia (SA): Freedom of Information Act 1991
- Western Australia (WA): Freedom of Information Act 1992
- Queensland (QLD): Information Privacy Act 2009
- Tasmania (TAS): Personal Information Protection Act 2004
- Northern Territory (NT): The Information Act 2002
Who Enforces Privacy Laws in Australia?
There are many organisations in Australia that are responsible for enforcement of these laws. For example, the Office of the Australian Information Commissioner (OAIC) is responsible for enforcing privacy laws in Australia and has powers to investigate complaints, conduct audits, and take enforcement action against organisations that breach privacy laws.
It is a federal government agency that is responsible for the enforcement of the Privacy Act 1988 and all privacy laws under this Act. Some other organisations that enforce these laws include Australian Communications and Media Authority, State and Territory Privacy Commissioners and the Australian Federal Police (AFP).
Author bio: –
John Bui is the Principal Solicitor of JB Solicitors – a law firm based in Sydney, Australia. John is a Nationally Accredited family law Mediator and Arbitrator with over 10 years’ experience in family law and commercial litigation.