ADMA CEO Andrea Martens has written to the Attorney General, the Hon Christian Porter, to urge the Federal Government to do more to gain European Commission recognition of Australia’s privacy laws.
“Australia has had private sector privacy laws for two decades. These are some of the strongest and most effective privacy laws in the world,” said Ms Martens. “Our principles-based system of privacy law may not mirror, in every aspect, Europe’s General Data Protection Regulation, but it certainly compares favourably with countries such as New Zealand and Uruguay which have been recognised as adequate by the Commission. ADMA is concerned that its members could be locked out of business opportunities in Europe and other overseas markets unless the Government acts to gain recognition of the adequacy of our privacy laws.”
The European Commission has the power to determine, on the basis of article 45 of Regulation (EU) 2016/679 whether a country outside the EU offers an adequate level of data protection. So far it has recognised Andorra, Argentina, Canada (commercial organisations), Faroe Islands, Guernsey, Israel, Isle of Man, Japan, Jersey, New Zealand, Switzerland, Uruguay and the United States of America (limited to the Privacy Shield framework) as providing adequate protection.
Adequacy talks are ongoing with South Korea, however there is no mention on the European Commission web site of any negotiations with Australia.
New** Public Sector Data Sharing and Release Legislation
Members interested in learning more about the Government’s plans for sharing public sector data can join a webinar on the reforms.
The Federal Government has established the Office of the National Data Commissioner to authorise the sharing of public sector data to deliver public benefits while ensuring privacy and security are preserved. The Government’s intention is to provide greater access to data for accredited researchers, scientists and innovators to help make Australia’s economy, environment and society healthier into the future.
Interim National Data Commissioner, Deborah Anton and Assistant Secretary, Dr Phillip Gould will be hosting a live webinar on Tuesday 3 December 2019, from 10:00 – 11:30am (AEDT). The webinar will feed back the results of recent consultations, provide a short presentation on the Data Sharing &Release reforms and include a Q&A segment. To register for the webinar, please click this link: Webinar: Tuesday 3 December
Privacy Commissioner’s Annual Report Reveals Surge in Compulsory Data Breach Notifications
The Office of the Australian Information Commissioner’s annual report shows privacy complaints rose last financial year by 12 percent and there were 950 notifications under the Notifiable Data Breaches scheme. The seven fold increase in notifications comes after it became mandatory for organisations to report serious breaches. The health and finance sectors featured prominently in these statistics as sources of both complaints and data breaches.
The finding that 34 percent of breaches are due to human error demonstrates the need for data literacy training.
Draft Guidelines for Consumer Data Right
The Office of the Australian Information Commissioner (OAIC) is seeking feedback on the draft Privacy Safeguard Guidelines for the Consumer Data Right (CDR) until Wednesday 20 November 2019.
The CDR will start in February 2020 for the four major banks (accounts and mortgages), giving individual and business consumers greater ability to use their data to compare and switch between products and services. The telecommunications and energy sectors will follow.
The OAIC will regulate and enforce the privacy aspects of the scheme, and has released draft Guidelines to help industry understand their obligations to ensure that consumers can transfer their data with their consent, safely and securely. The guidelines are primarily aimed at organisations who will be handling CDR data.
First ACCC Prosecution following Digital Platforms Inquiry
The ACCC has instituted proceedings in the Federal Court against Google alleging they engaged in misleading conduct and made false or misleading representations to consumers about the personal location data Google collects, keeps and uses. The case comes on the heels of the competition regulator’s Digital Platform Inquiry.
“We are taking court action against Google because we allege that as a result of these on-screen representations, Google has collected, kept and used highly sensitive and valuable personal information about consumers’ location without them making an informed choice,” ACCC Chair Rod Sims said.
Google has said it will defend the matter.
ACCC will not object to Postal Rate Increase
The ACCC has decided not to object to Australia Post’s draft proposal to increase the prices of ordinary letter services delivered to its regular timetable, including the basic postage rate (BPR) from $1.00 to $1.10.
“We are satisfied that the proposed price increases are unlikely to result in Australia Post recovering more than its cost of providing monopoly letter services, given the forecast decline in letter volumes,” ACCC Commissioner Cristina Cifuentes said.
Under the Competition and Consumer Act 2010 the ACCC is responsible for assessing proposed price increases by Australia Post for its ordinary letter services delivered to its regular timetable.
Australia Post currently intends to implement the increases in January 2020.
ADMA was part of a coalition of business voices opposing the increase. In a joint submission to the ACCC, we argued that the rate increase was not justified in the current low inflation economy.
Privacy and marketing compliance courses
Mark these dates to attend ADMA’s Privacy and Marketing Compliance Course:
Melbourne: Thursday 7 May
Sydney: Thursday 12 May