Attorney-General Mark Dreyfus pledges sweeping data privacy reforms

By Cameron Abbott, Rob Pulham and Hugo Chow

Newly sworn-in Attorney-General Mark Dreyfus has announced that there is a range of “sweeping reforms” that are needed to be made to Australia’s privacy laws, and that he is committed to making these changes during the government’s first term in parliament.

Mr Dreyfus’ department is currently reviewing the feedback it has received from its discussion paper around the current review of the Privacy Act 1988 (Cth) (Privacy Act). Mr Dreyfus said that “Everyone agrees that the Commonwealth Privacy Act is out of date and in need of reform for the digital age”, and that he is hoping to bring a final report of reform proposals into the public domain in the coming months.

Privacy practitioners have for years been anticipating some level of reform as the winds of change have been blowing, but it has not been easy to predict what may change, or when. Proposed changes include strengthening individuals’ privacy rights, including creating a direct cause of action or statutory right for breaches of privacy laws; introducing specific codes for certain industries; and increasing maximum penalties which are significantly out of step with international jurisdictions and with other key Australian business laws.

However such changes are not likely to be welcomed by all, even if “everyone agrees” the Privacy Act is out of date and in need of reform, with business groups opposed to areas of proposed reform such as allowing individuals to bring claims directly against companies.

It is a fascinating precursor to what may become hotly contested reforms with significant impact on how businesses engage with their customers. It may be hard to tell but privacy nerds are on the edge of our seats as the reforms, much talked about, move a step closer to taking shape. There’s never been a better time to start paying attention.

Copyright © 2022, K&L Gates LLP. All Rights Reserved.