Jurisdiction - Australia
News
Australia – Online TMT News.

15 April, 2014

 

Legal News & Analysis – Asia Pacific – Australia – TMT

 

Reforms Requiring Notifications Of Privacy Breaches Before Parliament

 
Legislative reforms have been tabled in Parliament which would create a number of new requirements on companies to notify customers of data breaches. The Privacy Amendment (Privacy Alerts) Bill 2014 has been tabled by the Opposition and mirrors a similar bill which lapsed with the change of government in 2013, and hence its future passage is uncertain. If enacted, however, the legislation would amend the Privacy Act 1988 (Cth) by introducing a requirement for organisations or agencies to issue a notification to affected individuals if they detect a privacy breach. The proposed law will impose a mandatory notification requirement for “serious data breaches” on both private sector organisation and government agencies.

 
Under the proposal, the Office of the Australian Information Commission (OAIC) and the affected individual must be notified if there is unauthorised access to, or disclosure of, personal information which will pose a “real risk of serious harm” to the affected individuals. These notifications must include the appropriate responses individuals should take and identify the personal information that was accessed. Further, in certain circumstances the agency or organisation will be required to notify the individuals involved or publish public notices about the breach. The Australian Information Commissioner may also have the power to compel offenders to publish public notices or to notify the affected individuals. The Bill would allow the Commissioner to exempt organisations from the notification requirement under certain circumstances.

 

  • A link to the Bill can be found here.

 
Penalty Imposed For Posting Misleading Claims On Social Media

 
Businesses should understand the legal implications of using social media, in particular the importance of verifying the truth of comments before posting them. In Madden v Seafolly Pty Ltd [2014] FCAFC 30, swimwear company Seafolly sued Leah Madden, a swimwear designer who traded under the name White Sands, for engaging in misleading and deceptive conduct and making false allegations in Facebook posts where she had alleged that Seafolly had copied a number of her designs. Madden countersued Seafolly for defamation and misleading and deceptive conduct for a number of press releases the company had issued which claimed that Madden sought to maliciously injure Seafolly by posting the comments.

 
The Court found that Madden had engaged in misleading and deceptive conduct as she had failed to undertake steps to confirm her suspicions before posting the comments. Even though Madden posted some of the comments on her own personal Facebook page, these were still found to be “in trade or commerce” as many of those who had made comments in reply were members of the fashion industry, and Madden had made comments both in her own name and that of her business. The Court awarded Seafolly AUD 20,000 in damages, taking into account that this had been a “serious attack on a commercial competitor” that had attracted significant media attention. Madden failed in her defamation claim, but was successful in her misleading and deceptive conduct claim in relation to Seafolly’s response. The case was returned to the trial judge to determine damages in relation to this claim.

 

  • A link to the decision can be found here.

 
Optus Warned After Overcharging Customers Almost AUD 9m

 
Optus has been formally warned by the Australian Communications and Media Authority (ACMA) for inaccurately billing 237,500 customers. Between 23 November 2008 and 30 September 2012, an IT error caused Optus to inaccurately charge some customers for use of two ancillary messaging options for post-paid services, SurePage and SpinVox. Optus then reported these errors to ACMA.

 
ACMA found that Optus had contravened provisions of the Telecommunications Consumer Protections Code 2012 (TCP Code) by failing to show billing accuracy and failing to identify and fix the cause of the problem in a timely manner. The decision to formally warn Optus took into account the fact that Optus had self-reported the issue, that the company appeared to be otherwise compliant with relevant parts of the TCP Code and that it had preemptively implemented a compensation program for affected customers.

 

  • A link to ACMA’s media release and report can be found here.

 
Court Discusses When Two Articles Can Be Considered A Single Publication In Defamation Claims

 
The Federal Court has ruled that two articles could not be considered a single publication for the purpose of defending a defamation suit: Cripps v Vakras [2014] VSC 110. The first plaintiff, Robert Cripps, sued the defendant, Demetrios Vakras, for defamation in respect of three articles which the defendant wrote and posted on his website about his experience exhibiting artwork in the Guilford Lane Gallery (the second plaintiff), of which Cripps was the director. One of these articles contained critical statements about Cripps, and hyperlinks to a separate article which contained one paragraph that had been added after the initial article had been written, which made reference to Cripps but was primarily concerned with a different person.

 
Vakras argued that the first and second articles should be considered a single document for the purpose of supporting a defence of fair comment and honest opinion. Cripps had applied for an order striking out this defence. However, the plaintiffs had only sued on the basis of the first article. The Court found that the two articles were separate publications as they were written and posted at different times, referred to different subject matter, were self-contained publications, the first article contained seven hyperlinks to other articles and Vakras only sought to rely on a small portion of the second article. An order striking out this portion of the defence was granted.

 

  • A link to the decision can be found here.

 

ALRC Proposes A “Right To Be Deleted”

 
The Australian Law Reform Commission (ALRC) has issued a number of proposals on how privacy protections could be strengthened in Australia. The proposals are contained in a Discussion Paper entitled Serious Invasions of Privacy in the Digital Era, published on 31 March 2014. These proposals address the fact that personal information is more easily accessible in the digital era, and that significant harm can result from a serious invasion of privacy.

 
Among its proposed reforms, it was suggested that a new Australian Privacy Principle should be introduced that gave individuals the power through a “simple mechanism” to compel organisations to delete or de-identify information that they had legitimately collected from individuals. The ALRC also invited feedback on whether or not a regulator, such as the OAIC or ACMA, should be able to enact notices on behalf of an aggrieved individual for their personal information to be taken down from a website where its continued publication is a serious breach of privacy. The ALRC is inviting feedback on the proposed reforms until 12 May 2014.

 

  • A link to the ALRC’s report can be found here.

 
Praise For Commonwealth And State Moves To investigate GST Loopholes On Online Overseas Purchases

 
The National Retail Association (NRA) has praised indications made by Federal and State Treasurers that they would investigate the exemption enjoyed by overseas retailers from paying GST on sales valued under AUD 1000. NRA Chief Executive Trevor Evans stated that this would even the “playing field” for Australian retailers, and allow them to compete with international retailers such as Amazon.com.

 

  • A link to the NRA media release can be found here.

 
EU Votes To Protect Net Neutrality

 
The European Parliament has voted to enact telecommunications reform legislation within the European Union (EU). These reforms emphasise the principle of “net neutrality”. Mobile roaming fees will be banned within the EU by December 2015. Additionally, telecommunications operators cannot promote some internet services above others for economic reasons through practices such as slowing down or blocking services, such as the recent practice of blocking the free calling service Skype. Providers can still offer certain specialised services at a higher quality such as video on demand and “cloud” data storage services if they are not provided to “the detriment of the availability or quality of internet access services” offered to other companies or service suppliers.

 

  • A link to the European Parliament press release can be found here.

 

Ashurst Logo

 

For further information, please contact:

 

Gordon Hughes, Partner, Ashurst
[email protected]

 

Ashurst TMT Practice Profile in Australia

 

Comments are closed.