The Notifiable Data Breaches Scheme applies to entities (APP Entities) that are required to protect personal information pursuant to the Australian Privacy Act 1988 (Cth) (Act). The Act provides that where an eligible data breach (EDB) occurs, APP Entities in control of that information must notify the Office of the Australian Information Commissioner (OAIC) and the individuals who are affected by the EDB. [Read more…]
Privacy Law
Need a reseller agreement?
May 21, 2019 by
A reseller agreement (Reseller Agreement) is a contract that entitles one party (Reseller) to sell, market, distribute, or lease a product or service of another (Supplier). Resellers Agreements are also known as distribution, supply or distributor agreements. Often the Supplier is also the manufacturer of the goods but they may be the importer, a developer of the service or a licensee of software or training programs. [Read more…]
Privacy Awareness Week 2019 – 12-18 May 2019
May 14, 2019 by
During Privacy Awareness week 2019 Australian businesses are reminded they are entrusted with certain responsibilities pursuant to the Privacy Act 1988 (Cth) (Privacy Act). In particular the way they collect, store and disclose the personal information of their customers. [Read more…]
Abhorrent violent material prohibited
April 12, 2019 by
The Australian Parliament has promptly passed the Criminal Code Amendment (Sharing of Abhorrent Violent Material) Act 2019 (Cth) (Act) according to the Explanatory Memorandum in response to the events of the March 2019 mass shooting in Christchurch, New Zealand. The Act creates various new sections of the Criminal Code Act 1995 (Cth)(Criminal Code) and in particular section 474.33 and 474.34 creates (2) new offences in relation to “internet service providers, content service providers and hosting service providers” (Service Providers) as follows: [Read more…]
De-encryption laws to make tech giants cooperate with law enforcement
July 20, 2018 by
Updated 4 October 2018 – see De-encryption De-encryption Bill currently before Joint Committee
According to the ABC website, in the next few weeks Cyber Security Minister Angus Taylor is poised to present new legislation which once passed will require technology companies and multinationals to assist law enforcement to access encrypted data of “suspected criminals and terrorists”. Currently, the bill is not yet before parliament but should appear on its website once officially announced.
In February, the government has indicated its plans to tackle criminal use of encryption with the Honourable Peter Dutton MP stating in an address to the National Press Club:
“Law enforcement access to encrypted communications should be on the same basis as telephone and other intercepts,
in which companies provide vital and willing assistance in response to court orders.” [Read more…]
EU General Data Protection Regulations (GDPR) – How to comply
May 25, 2018 by
If you are an Australian entity and want to inquire about compliance with the GDPR click here.
Similar to the Australian Privacy Principles (APP) as set out in the Australian Privacy Act 1988 (Cth) (Privacy Act), the General Data Protection Regulation (GDPR) ‘lays down rules relating to the protection of natural persons and the processing of their personal data.’ The GDPR came into force on 24 May 2016 and became binding on all European Union (EU) member states on 25 May 2018. [Read more…]
What is a data breach response plan and how do I get one?
March 27, 2018 by
On 23 February 2018 the notifiable data breach scheme (Scheme) was enacted, through legislation amending the Privacy Act 1988 (Cth) (Privacy Act), making it mandatory for certain (eligible) entities to notify affected individuals about eligible data breaches. In talking to clients in this area, there appears to be some confusion about what an eligible organisation has to do to prepare for this. [Read more…]
The Meaning of Personal Information
April 27, 2017 by
In the recent case of The Privacy Commissioner v Telstra Corporation Limited [2017] FCAFA 4, the question was raised as to whether the words “personal information” had any bearing on what information an individual could request from an organisation under the Privacy Act 1988 (Cth) (Act). [Read more…]
The increasing burden of data security
August 25, 2015 by
The consequences for an Australian business victim for a breach of cyber security are forecast to exponentially increase. In February 2015 the Parliamentary Joint Committee on Intelligence and Security (Committee) recommended the introduction of mandatory data breach notification scheme (Scheme) by the end of 2015.[1] Whilst the details of the incoming Scheme are currently scant, it is understood that the enacting legislation will have bi-partisan support in federal parliament. [Read more…]
Revenge porn – legal options
August 14, 2015 by
Revenge porn (Revenge Porn) refers to sexually explicit media that is distributed without the consent of the individual(s) involved.[1] An act of Revenge Porn therefore involves the recording of video or still images of a person that is usually engaged in sexual acts (Revenge Content) and publishing or threatening to publish it. A persons participation may be consensual or non-consensual with the photographer subsequently uploading the Revenge Content to revenge porn websites with links to social media websites with the intent of humiliating the person depicted.
The ubiquity of devices with picture and video capability coupled with social media that has created numerous opportunities for the recording and distribution of Revenge Content. [Read more…]
