Privacy reforms give commissioner teeth

Powered by SC Magazine
 

Companies face financial penalties.

Organisations could face financial penalties for serious or repeated breaches of user privacy under proposed amendments to the Privacy Act set to be introduced into Parliament this month.

The amendments would also give the Privacy Commissioner Timothy Pilgrim increased powers to investigate and conduct regular privacy assessments of private sector companies.

They would allow the commissioner to proactively investigate companies without an initial complaint, while providing for companies to submit a court-enforceable undertaking vowing to change information collection and security methods in the event of a privacy breach.

The Office of the Australian Information Commissioner, which encompasses the Privacy Commissioner, undertook 59 'own-motion' investigations in the past financial year; those instigated by third-party complaints but before the company involved notified the office of a potential breach.

That figure had fallen in the current financial year as organisations more proactively notified the government agency of potential breaches.

Pilgrim welcomed the changes, which would also see the Federal Government replace the current set of National Privacy Principles with a new set of 13 principles covering collection, use and security of personal information.

"The proposed new powers will allow me to resolve major privacy investigations more effectively and ensure that privacy continues to be valued as an important human right in Australia," he said in a statement.

He said the new powers also sent a "strong message" to government and businesses of significant consequences should a user's personal information be incorrectly stored or distributed.

"These additional powers will provide added strength to the enforcement of privacy laws, reinforce the significance of privacy compliance, and give organisations an even greater incentive to take their privacy responsibilities seriously," he said.

The Government is yet to release the full proposed amendments or further details on the changes.

A spokesman for the Attorney-General's Department would not clarify the type or amount of financial penalties likely to be imposed.

Plans to introduce the amendments coincide with the Government initiative Privacy Awareness Week, which also saw the introduction of stronger data breach notification guidelines for companies.

The new privacy reforms will not introduce mandatory data breach notification, however, a matter the Government has indicated could be considered once the current reforms are passed through Parliament.

Copyright © iTnews.com.au . All rights reserved.


Privacy reforms give commissioner teeth
 
 
 
Top Stories
Turnbull introduces data retention legislation
Still no definition of metadata to be stored.
 
Images: the next frontier in data analytics?
Barclay’s global data chief says we’re still at the starting line.
 
Crime Commission prepares core systems overhaul
Will replace 30 year-old national criminal database.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
In which area is your IT shop hiring the most staff?




   |   View results
IT security and risk
  27%
 
Sourcing and strategy
  12%
 
IT infrastructure (servers, storage, networking)
  21%
 
End user computing (desktops, mobiles, apps)
  14%
 
Software development
  26%
TOTAL VOTES: 414

Vote
Would your InfoSec team be prepared to share threat data with the Australian Government?

   |   View results
Yes
  55%
 
No
  45%
TOTAL VOTES: 194

Vote