Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
2014 Privacy Update
Steve Brown, Etienne Lawyers
www.etiennelaw.com
What does the Privacy Act
Cover?
Privacy Act 1988 provides for the protections of an individual’s perso...
www.etiennelaw.com
Privacy Law Reform - outline
Privacy Amendment (Enhancing Privacy Protection)
Act 2012!
New Australian ...
www.etiennelaw.com
Australian Privacy Principles
13 new APPs to replace IPPs and NPPs!
Single set of principles which appl...
www.etiennelaw.com
APP 1 - Open and transparent management
of personal information
Businesses must have a clearly expresse...
www.etiennelaw.com
APP 2 - Anonymity and pseudonymity
Allows individuals to interact with agencies by not
identifying them...
www.etiennelaw.com
APP 3 - Collection of personal
and sensitive information
Outlines obligations relating to the collectio...
www.etiennelaw.com
APP 4 - Dealing with unsolicited
personal information
New principle for handling unsolicited personal
i...
www.etiennelaw.com
APP 5 - Notification of
collection
Outlines the matters a business must inform an individual about when ...
www.etiennelaw.com
APP 5 - Notification of
collection (cont)
Consequences of non-collection!
Complaint handling process!
Po...
www.etiennelaw.com
APP 6 - Use or disclosure
Deals with use and disclosure of personal information!
Different obligations a...
www.etiennelaw.com
APP 6 - Use or disclosure (cont)
New limited exceptions, to permit use or disclosure
for secondary purp...
www.etiennelaw.com
APP 7 - Direct marketing
Prohibits organisations from using or disclosing personal
information for dire...
www.etiennelaw.com
APP 8 - Cross border disclosure
Introduces an accountability approach for cross-border
disclosure!
Busi...
www.etiennelaw.com
APP 9 - Adoption, use or disclosure of
government related identifiers
Prohibits an organisation from ado...
www.etiennelaw.com
APP 10 - Quality
Requires agencies to take reasonable steps to ensure
personal information it collects,...
www.etiennelaw.com
APP 10 - Quality
Businesses should ensure that personal information
that it uses or discloses is also r...
www.etiennelaw.com
APP 11 - Security
Inclusion of ‘interference’!
a business must take reasonable steps to protect
persona...
www.etiennelaw.com
APP 11 - Security (cont)
New destruction requirements!
the business must take such steps as are reasona...
www.etiennelaw.com
APP 12 - Access
Businesses required to respond to requests for access
of personal information within 30...
www.etiennelaw.com
APP 12 - Access (cont)
Individual not to be charged!
Written reasons for the refusal and complaint
mech...
www.etiennelaw.com
APP 13 - Correction
Businesses required to take ‘reasonable steps’ to
correct personal information to e...
www.etiennelaw.com
APP 13 - Correction (cont)
Business to respond to request within 30 days!
Individual not to be charged!...
www.etiennelaw.com
Commissioner’s new powers
Perfomance assessments!
Code making powers!
Ability to make a determination t...
Steve Brown!
sbrown@etiennelaw.com
To avoid thousands of dollars in
legal fees and the possibility of a
gaol sentence call...
Upcoming SlideShare
Loading in …5
×

2014 Australian Privacy Laws Update

539 views

Published on

What does the Privacy Act cover? What are the new Australian Privacy Principles. A detailed overview of the 13 ne Australian Privacy Principles. What are the Privacy Commissioners new powers?

Published in: Law, Technology, News & Politics
  • Be the first to comment

  • Be the first to like this

2014 Australian Privacy Laws Update

  1. 1. 2014 Privacy Update Steve Brown, Etienne Lawyers
  2. 2. www.etiennelaw.com What does the Privacy Act Cover? Privacy Act 1988 provides for the protections of an individual’s personal information! Privacy Act contains provisions that deal with?! personal information! sensitive information (such as health information)! tax file numbers! credit information
  3. 3. www.etiennelaw.com Privacy Law Reform - outline Privacy Amendment (Enhancing Privacy Protection) Act 2012! New Australian Privacy Principles (or APPs)! Enhanced powers of the Commissioner! How to prepare for the changes
  4. 4. www.etiennelaw.com Australian Privacy Principles 13 new APPs to replace IPPs and NPPs! Single set of principles which apply to both public and private sectors! Government agencies and private sector organisations are referred to as ‘APP entities’! Structured to reflect the information life cycle - collection, use and disclosure, quality and security, access and correction! Permitted general situation
  5. 5. www.etiennelaw.com APP 1 - Open and transparent management of personal information Businesses must have a clearly expressed and up to date privacy policy! Businesses must take reasonable steps to implement processes that will ensure that the business complies with the APPs
  6. 6. www.etiennelaw.com APP 2 - Anonymity and pseudonymity Allows individuals to interact with agencies by not identifying themselves! Permits the individual to use a pseudonym! Exceptions apply, such as where it is impracticable for the business to deal with an unidentified individual
  7. 7. www.etiennelaw.com APP 3 - Collection of personal and sensitive information Outlines obligations relating to the collection of personal and sensitive information! Collection must be ‘reasonably necessary’ for, or ‘directly related’ to, one or more of a businesses functions or activities! Higher standards for collection of sensitive information. Some exceptions apply
  8. 8. www.etiennelaw.com APP 4 - Dealing with unsolicited personal information New principle for handling unsolicited personal information! Establish if the information could have been collected under APP 3! Destroy or de-identify the information if it could not have been collected under APP 3
  9. 9. www.etiennelaw.com APP 5 - Notification of collection Outlines the matters a business must inform an individual about when the business collects their personal information. These matters include:! Information about a businesses APP policy! Who the business is and how to contact it! The purpose(s) of the collection! Any collections from third parties
  10. 10. www.etiennelaw.com APP 5 - Notification of collection (cont) Consequences of non-collection! Complaint handling process! Potential overseas disclosure
  11. 11. www.etiennelaw.com APP 6 - Use or disclosure Deals with use and disclosure of personal information! Different obligations apply to the use or disclosure of sensitive information.
  12. 12. www.etiennelaw.com APP 6 - Use or disclosure (cont) New limited exceptions, to permit use or disclosure for secondary purpose:! Locate a missing person! Establish, exercise or defend a legal equitable claim! Confidential alternative dispute resolution
  13. 13. www.etiennelaw.com APP 7 - Direct marketing Prohibits organisations from using or disclosing personal information for direct marketing purposes, except in specified circumstances! Contracted service providers for Commonwealth contracts are permitted to us or disclose personal information for the purpose of direct marketing if certain conditions are met
  14. 14. www.etiennelaw.com APP 8 - Cross border disclosure Introduces an accountability approach for cross-border disclosure! Businesses must take reasonable steps to ensure overseas recipients do not breach APPs! Businesses may be accountable for a breach of Apps by overseas recipients! Exceptions apply
  15. 15. www.etiennelaw.com APP 9 - Adoption, use or disclosure of government related identifiers Prohibits an organisation from adopting, or using a government related identifier! Generally replicates the exceptions under National Privacy Principle 7, with some additions! A business may be required to comply with APP 9 under s7A
  16. 16. www.etiennelaw.com APP 10 - Quality Requires agencies to take reasonable steps to ensure personal information it collects, uses or discloses is:! Accurate! Up to date! Complete
  17. 17. www.etiennelaw.com APP 10 - Quality Businesses should ensure that personal information that it uses or discloses is also relevant for the purpose of the use or disclosure
  18. 18. www.etiennelaw.com APP 11 - Security Inclusion of ‘interference’! a business must take reasonable steps to protect personal information it holds from misuse, interference and loss, and from unauthorised access, modification or disclosure
  19. 19. www.etiennelaw.com APP 11 - Security (cont) New destruction requirements! the business must take such steps as are reasonable in the circumstances to destroy the information or to ensure the information is de-identified! Some exceptions eg information contained in a Commonwealth record
  20. 20. www.etiennelaw.com APP 12 - Access Businesses required to respond to requests for access of personal information within 30 days! Exceptions apply - Freedom of Information Act 1982 or other legislation! Access should be provided in the requested manner (where reasonable and practicable)
  21. 21. www.etiennelaw.com APP 12 - Access (cont) Individual not to be charged! Written reasons for the refusal and complaint mechanism
  22. 22. www.etiennelaw.com APP 13 - Correction Businesses required to take ‘reasonable steps’ to correct personal information to ensure it is accurate, up to date, complete, relevant and not misleading, if:! business satisfied it needs to be corrected, or! individual requests correction
  23. 23. www.etiennelaw.com APP 13 - Correction (cont) Business to respond to request within 30 days! Individual not to be charged! Statement required if business refuses to correct and individual request statement! Written reasons for refusal and complaint mechanism
  24. 24. www.etiennelaw.com Commissioner’s new powers Perfomance assessments! Code making powers! Ability to make a determination to resolve OMIs! Enforceable penalty orders! Ability to direct Privacy Impact Assessment to be conducted
  25. 25. Steve Brown! sbrown@etiennelaw.com To avoid thousands of dollars in legal fees and the possibility of a gaol sentence call 1300 882 032 etienne LAWYERS in association with Davis King & Co

×