Jurisdiction - Australia
Telecommunications, Media & Technology
Henry Davis York
Australia – Overhaul Of The Privacy Act Passed By Parliament.

8 December, 2012


Legal News & Analysis – Asia Pacific – Australia – TMT


Parliament passed the Privacy Amendment (Enhancing Privacy ProtectionBill 2012 on 29 November 2012. This is the biggest change to the Privacy Act 1998 in 20 years. 
The amendments are due to commence in March 2014. However, both private sector and public sector entities need to be prepared for when the changes commence. 
Individuals also need to be aware of the impending changes to how their personal information is dealt with, in particular, the comprehensive credit 
reporting provisions. 
With new civil penalty orders which include fines of up to $1.1 million for a privacy breach by a corporation, all organisations will need to be sufficiently prepared for their obligations under the amended Act. 
The APPs
The most significant change is that one set of privacy principles, the Australian Privacy Principles (APPs) will apply to both Australian Government Agencies and the private sector which are all referred to as APP entities. The APPs will replace the current public sector Information Privacy Principles and the private sector National Privacy Principles.
In our view, the single set of APPs will simplify compliance for public and 
private sector bodies. The reforms should also provide the general public with more certainty as to the protection of their personal information. 
Australian Privacy Commissioner’s powers
The Privacy Commissioner’s powers have been enhanced. The Commissioner has the power to investigate, guide, monitor, advise on and assess privacy matters, including potential breaches. He can also accept enforceable undertakings and seek civil penalties for serious privacy breaches. 
Timothy Pilgrim, the Privacy Commissioner, has said that while he will work with agencies and businesses to help them to comply with privacy he “will not shy away from using these powers in appropriate cases”.  
Direct marketing 
The amendments provide for greater protection for individuals. People have increased powers to opt out of direct marketing.  
Transfer of personal information overseas
Organisations also have more extensive responsibilities with regard to the transfer of personal information overseas. The organisation transferring the personal information must take reasonable steps to ensure that the overseas recipient does not breach the APPs (other than APP1). There are certain exceptions to this rule set out in the APPs.  
Credit reporting 
For the first time in Australia, there will be a comprehensive credit reporting system. According to the Government, this is likely to “lower levels of indebtedness through more accurate assessments” of an individual’s credit worthiness. Whether this occurs in practice is questionable. Concerns have already been raised that it may have the opposite effect and lead to some lenders offering more credit to individuals. 
Some organisations will be able to collect more information about a person’s creditworthiness, such as missed payments on loans or credit cards. 
Mr Pilgrim has warned that if a person misses a payment from as early as December 2012, it will be recorded on their credit record and could affect their ability to access credit in the future. 
In view of the extensive changes brought about by these amendments to 
the Privacy Act, everyone needs to be aware of their additional rights and obligations in respect of personal information. 










For further information, please contact:


Donna Short, Partner, Henry Davis York

[email protected]


Hazel McDwyer, Henry Davis York

[email protected]




Comments are closed.