Privacy Law Reform

On Wednesday March 12, 2014 the Office of the Australian Information Commissioner (OAIC) began enforcing the Privacy Amendment Act 2012 (No. 197, 2012) which includes a set of new, harmonised privacy principles that will regulate the handling of personal information. These 13 new privacy principles are called the Australian Privacy Principles (APPs) and will apply to all Australian organisations with revenue greater than $3 million.

Specifically, Australian Privacy Principle 11 relates to the security of personal information stipulating that organisations must ‘take steps to destroy or de-identify personal information that is no longer required, subject to other record keeping requirements.’

Important Information

The OAIC have recently released this resource about ‘De-identification of Data and Information‘.

Learn More

Under the heading “Serious and repeated interferences with privacy” of The Privacy Act 1988.

“…an entity contravenes this subsection if:

  1. the entity does an act, or engages in a practice, that is a serious interference with the privacy of an individual; or
  2. the entity repeatedly does an act, or engages in a practice, that is an interference with the privacy of one or more individuals.”

Civil Penalty: 2,000 penalty units.

On 28 December 2012, the Crimes Legislation Amendment (Serious Drugs, Identity Crime and Other Measures) Act 2012 came into effect. Therefore the maximum penalty for ‘serious and repeated interferences with privacy’ is now:

  • $1,700,000 for government agencies and private organisations
  • $340,000 for individuals

What is Personal Information?

Personal information is defined as “information or an opinion (including information or an opinion forming part of a database), whether true or not, and whether recorded in a material form or not, about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion.”

Australian Privacy Principle 3 contains provisions relating to the collection of solicited and unsolicited personal information. Furthermore extra provisions deal with the protection of an individual’s sensitive information.

What else do I need to know?

The OAIC has produced a number of law reform resources to assist you with the new privacy laws, including a quick reference tool for the Australian Privacy Principles (APPs) and training slides for organisations and agencies.


Let us keep you up to date with data security and privacy issues that affect your organisation.


Stay in the know and keep up-to-date with important privacy information by following us on our social platforms!

Pin It on Pinterest

Share This

Get in touch

Please use this form to send us a quick message or question, and we'll be in touch shortly :)

Get the latest Data Destruction News straight to your inbox. You'll receive a maximum of 5 emails per month mostly summarising news stories listed on our blog.