Share this article on:
The privacy regulator has welcomed the strengthening of its powers to protect individuals and the opportunity to develop a new Children’s Online Privacy Code – but there is more to be done.
The Office of the Australian Information Commissioner (OAIC) has said it was pleased to see today’s reforms to the Privacy Act 1988, calling it an “important first step in strengthening Australia’s privacy framework”.
Under the reforms, the OAIC will be granted a raft of new powers.
Particularly important to the regulator, given ongoing concerns over children and their access to digital platforms, the OAIC will be required to develop a new Children’s Online Privacy Code to boost protections for young Australians online.
The OAIC has also gained a new mid-tier civil penalty that it can levy against cases of privacy interference and another low-level one for particular administrative breaches of the Privacy Act.
The reforms also provide a new statutory tort to address serious privacy invasions, which the OAIC said is an “important addition” to its regulatory ability to address a range of issues not quite covered by the existing privacy protection framework, such as emerging risks and issues such as doxxing.
Australian privacy commissioner Carly Kind said the new changes were “important initiatives that will have benefits for the Australian community”.
“The enhanced civil penalty regime will add significantly to our enforcement toolkit, providing the OAIC with greater discretion and flexibility to apply a risk-based approach to enforcement that is proportionate and also supportive of a growing digital economy,” Kind said in a statement.
“The statutory tort would also fill a gap in our privacy landscape by providing people with the ability to seek redress through the courts for serious invasions of privacy without being limited to the scope of the act.”
While Kind was pleased by the reforms, she added that she was looking forward to the second tranche of reforms, “including a new positive obligation that personal information handling is fair and reasonable”.
“The coverage of Australia’s privacy legislation lags behind the advancing skills of malicious cyber actors. Further reform of the Privacy Act is urgent to ensure all Australian organisations build the highest levels of security into their operations and the community’s personal information is protected to the maximum extent possible,” Kind said
Electronic Frontiers Australia’s chair, John Pane, also called on the government to accelerate the pace of reform.
“We are at risk of repeating the failure of the Morrison government in 2014 by not thoroughly modernising our privacy laws as the harms of poorly regulated technologies and business practices are becoming increasingly evident at a societal level across many demographic groups,” Pane said.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.