Businesses face threat of substantial fines under new Australian privacy legislation

To celebrate the countdown to Christmas, the Corporate Insurance team will be publishing a prediction for 2014 each day.

2014 will bring a new dawn for privacy regulation in Australia. Businesses need to consider their processes and procedures to ensure compliance with the new regime.

The Privacy Amendment (Enhancing Privacy Protection) Act 2012 is designed to increase the protection granted to personal information and the reforms change how it can be collected, handled and used by Australian government agencies and businesses. It introduces 13 new Australian Privacy Principles (APPs) which will consolidate and reform the existing regimes. However, a number of principles are significantly different, including those dealing with the use and disclosure of personal information for direct marketing purposes; the cross-border disclosure of personal information; and the processes for dealing with unsolicited information.

The Office of the Australian Information Commissioner (OAIC) is being given a range of increased powers, including the power to order enforceable undertakings; civil penalties; and monetary fines for breaches (of up to AUS$1.3million).While OAIC's draft guidelines have yet to be finalised, it remains to be seen how the revised principle based regime will operate in practice.