The next phase of Privacy legislation is being considered in the Australian Parliament. As with all Privacy reform to date, it is aimed at protecting the personal information of Australians when using the Internet.
The problem that all Governments face is that there is no way of legislating cross-border, that is, for and in other countries. In addition, with the nature of the Internet, it is sometimes difficult to work out where the website is actually based or website business is being operated.
As a result, the Australian Government has been moving toward legislation which makes the local business owner, any local hosting site and anyone who is marketing directly to the Australian consumer, irrespective of location, responsible for their actions. In particular, this means that website businesses who either market to Australians, are hosted in Australia or are located in Australia are subject to and must ensure they comply with the increasingly stringent Australian Privacy laws.
In the end, it is the online business itself who is responsible for any breach of the Australian legislation by any of its ‘service providers’.
Complying with Australian Privacy laws gets more onerous …
The new proposed Privacy laws are encouraging businesses to disclose data and Privacy breaches to the Commonwealth Privacy Commissioner. Penalties are being considered for any failure to notify, including organisations that had knowledge of a breach but did nothing. This means that businesses who were not directly involved in a personal data breach, but had knowledge of the breach, may be given a penalty for lack of notification – even if the breach was not their fault!
The need for Privacy reform and stricter laws may well be needed in order to keep up with our more connected world, with its new online habits and online business practices.
Consumer protection and Privacy concerns are at the forefront, and will continue to be going forward. New powers are being given to various Government bodies, including the Privacy Commissioner, ASIC, ACCC, etc.