E-Discovery in Australia: Part 3 – Privacy Laws Updates and Revisions
E-Discovery in Australia: Part 2 – The Road to TAR Adoption in Australian Legal Market
December 6, 2022
Growing Importance of In-House Counsel in Japan
December 23, 2022
One consistent message that seems to resonate from legislature to legislature across the world is the recognition of the fact that data - especially personal data - is both a weapon and a vulnerability, and in the quickly-evolving digital landscape of today the task of safeguarding it effectively becomes more and more difficult. The Australian legislature seeks to update its current privacy laws, which are based on both the original 1988 Privacy Act, and its later update from 2000, to reflect the rapid technological advancements that took place in the early 21st century in data collection, data storage and data analysis.
Recent spate of data breaches driving change
As reported in this article published 10/24/22, Australia has confirmed an incoming legislative change will significantly strengthen its online privacy laws following a spate of data breaches in recent weeks — such as the Optus telco breach this Sept. “Unfortunately, significant privacy breaches in recent weeks have shown existing safeguards are inadequate. It’s not enough for a penalty for a major data breach to be seen as the cost of doing business,” said its attorney-general, Mark Dreyfus, in a statement. “We need better laws to regulate how companies manage the huge amount of data they collect, and bigger penalties to incentivize better behavior.” The changes will be made via an amendment to the country’s existing privacy laws, following a long process of consultation on reforms.
Bringing Australia privacy laws closer to EU standards
The primary aims of overhauling the legal framework are to introduce more clarity into what constitutes personal information, create a more effective consent system that puts more power in the hands of individuals using online systems, and create a clear and transparent penalty system that would significantly incentivize safeguarding customer data for various businesses dealing with it.
Some commentators note that one of the policy objectives behind the tightened regulations may be to bring Australia closer to securing an adequacy ruling from EU with respect to GDPR. Such a decision by the European Commission would streamline data transfer between Australia and EU and reduce barriers to trade and international business. Although only a handful of countries so far have been granted that elusive status, Japan and South Korea – two of top 5 Australia’s trading partners are among them. In light of that, Australia’s efforts to bring their data protection framework up to GDPR levels can further be lauded for helping standardize data protection regulations across the Asia-Pacific region.
Source:
- Government sets direction for privacy law reform in Australia
https://iapp.org/news/a/government-sets-direction-for-privacy-law-reform-in-australia/ - What will Australia’s privacy laws look like after an overhaul?
https://www.adma.com.au/resources/what-will-australia-s-privacy-laws-look-like-after-an-overhaul
オーストラリアは9月に発生したOptus通信事業者の情報漏えい事件を受け、オンラインプライバシー法を大幅に強化する法改正を行います。法改正には個人情報の定義をより明確にし、オンラインシステムを利用する個人にとってより効果的な同意システムを作ること、ならびに明確な罰則システムを作り、企業への顧客データの保護強化へつなげることが含まれます。規制強化の背景には、オーストラリアがGDPRに関してEUから適切な裁定を得る政策目的があるとの指摘もされています。
