Skip to content

Data and Privacy Protection

Data and Privacy Protection – Melbourne

Australian laws relating to privacy have been subject to significant reforms under the Privacy Amendment (Enhancing Privacy Protection) Act 2012, which was introduced on March 12, 2014.

This legislation has resulted in a complete overhaul of the credit reporting regime with the introduction of positive reporting and a single, nationally binding set of regulations in the Australian Privacy Principles (APPs), which applies to both government entities and private sector organisations.

The introduction of the Act has resulted in increased powers for the Privacy Commission, including the power to issue fines of up to $1.7 million for significant breaches of privacy and the power to obtain enforceable undertakings from companies and businesses. As a result of these changes, it is vital that businesses implement policies and procedures that reflect the requirements of these new laws, and that staff and management receive appropriate training regarding privacy and data protection.

The APPs address the management of personal information, collection of personal information as well as cross-border disclosure of personal information.

Before an APP entity discloses personal information to an overseas recipient, the entity must take reasonable steps to ensure that the overseas recipient does not breach the APPs in relation to the information. An APP entity that discloses personal information to an overseas recipient is accountable for any acts or practices of the overseas recipient in relation to the information that would breach the APPs.

The framework generally requires an APP entity to ensure that an overseas recipient will handle an individual’s personal information in accordance with the APPs, and makes the APP entity accountable if the overseas recipient mishandles the information. This reflects a central object of the Privacy Act, of facilitating the free flow of information across national borders while ensuring that the privacy of individuals is respected.

If you require advice on your legal position in relation to Data and Privacy Protection as well as cross border disclosure, don’t hesitate to contact us on +61 3 9832 0608 or email at