ABSTRACT
In October 2021, the Australian federal government released draft legislation (the Online Privacy Bill) to amend the Privacy Act 1988 (Cth) (Privacy Act), including both a framework for an ‘Online Privacy Code’ (OP Code) to impose higher levels of regulation on online platforms, and more general strengthening of the Act’s enforcement provisions. It also released a Discussion Paper with 70 proposals for a more extensive review of the Act. When these are both completed, they could become the most extensive changes to the Act since 2000.
The OP Code will apply to online organisations (OP organisations) that fall into one of four categories: social media networks; personal data brokers; other large online platforms; and other classes of organisations determined by the Attorney-General. There can only be one OP Code. It will impose higher standards for OP organisations than would otherwise apply. The Information Commissioner’s full range of investigatory and enforcement powers can be used to enforce the Code. This paper discusses numerous weaknesses in the proposals that will impede development of a code, making it questionable whether it is preferable to more general reforms to the Act.
The OP Bill will also strengthen the Information Commissioner’s (OAIC’s) enforcement functions in seven ways, but there are also six proposed reforms to enforcement powers in the Discussion Paper, so the result is confusing. All of these are discussed. The paper questions whether these changes will in themselves make much difference to the overall credibility of the enforcement of the Privacy Act while the core problem, a lack of enforcement actions, persists.
Greenleaf, Graham and Kemp, Katharine, Australia’s Online Privacy Bill targets social media giants (February 6, 2022). (2021) 174 Privacy Laws and Business International Report 1, 5-9.
First posted 2022-02-11 17:00:22
Leave a Reply