On Wednesday March 12, 2014 the Office of the Australian Information Commissioner (OAIC) began enforcing the Privacy Amendment Act 2012 (No. 197, 2012) which includes a set of new, harmonised privacy principles that will regulate the handling of personal information. These 13 new privacy principles are called the Australian Privacy Principles (APPs) and will apply to all Australian organisations with revenue greater than $3 million.
Specifically, Australian Privacy Principle 11 relates to the security of personal information stipulating that organisations must ‘take steps to destroy or de-identify personal information that is no longer required, subject to other record keeping requirements.’
Under the heading “Serious and repeated interferences with privacy” of The Privacy Act 1988.
“…an entity contravenes this subsection if:
- the entity does an act, or engages in a practice, that is a serious interference with the privacy of an individual; or
- the entity repeatedly does an act, or engages in a practice, that is an interference with the privacy of one or more individuals.”
Civil Penalty: 2,000 penalty units.
On 28 December 2012, the Crimes Legislation Amendment (Serious Drugs, Identity Crime and Other Measures) Act 2012 came into effect. Therefore the maximum penalty for ‘serious and repeated interferences with privacy’ is now:
- $1,700,000 for government agencies and private organisations
- $340,000 for individuals
What is Personal Information?
Personal information is defined as “information or an opinion (including information or an opinion forming part of a database), whether true or not, and whether recorded in a material form or not, about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion.”
Australian Privacy Principle 3 contains provisions relating to the collection of solicited and unsolicited personal information. Furthermore extra provisions deal with the protection of an individual’s sensitive information.
What else do I need to know?
The OAIC has produced a number of law reform resources to assist you with the new privacy laws, including a quick reference tool for the Australian Privacy Principles (APPs) and training slides for organisations and agencies.