Privacy Commissioner plans hardline approach to new Act

Powered by SC Magazine
 

Talks tough on Privacy Act amendments.

The federal privacy commission has warned businesses it won’t take a “softly-softly” approach with new regulatory powers that will become available to it in March.

The powers, given to the regulator as part of the Privacy Amendment (Enhancing Privacy Protection) Bill 2012, for the first time expose businesses to court-backed financial and administrative penalties for serious lapses in privacy protection.

Financial penalties for companies can reach up to $1.1 million under the new laws. The commission has delayed the release of industry guidelines for new privacy principles associated with them.

The Act will offer one set of Australian Privacy Principles (APPs), replacing the current Information Privacy Principles (IPPs) for the public sector and NPPs for the private sector.

Privacy Commissioner Timothy Pilgrim today told attendees at a privacy summit in Sydney the regulator would take its traditional conciliatory approach to breaches but warned it shouldn’t been mistaken for a soft touch.

“The two sets of principles we have are fundamentally very similar to the ones that are coming into place. The private sector has been working with them for over 12 years, the government has been working with them for over 25 years, there’s a common theme so there shouldn’t be a big challenge in complying with them," he said.

“I also think that businesses have had a long lead in now of 15 months, which is quite long."

Pilgrim stressed, however, that the commission would always attempt conciliation with organisations first.

He also said he expected the commission to resort to written enforceable undertakings far more frequently than court orders.

Large businesses have traditionally recognised the value of complying with directions from the commission in recognition of the risk that failing to do so could damage their brands, Pilgrim said.

But the commission may need to take a firmer hand with some organisations.

“There will always be some difficult organisations and some intransigent organisations. These laws will reinforce the community’s view that privacy is a serious issue for them," Pilgrim said.

The Office of the Australian Information Commissioner recently conducted a survey to uncover community attitudes to privacy. Over 60 per cent of respondents indicated they would be prepared to withdraw their loyalty to retailers and other companies that failed to protect their privacy.

That today led Pilgrim to warn businesses the idea that “privacy is dead” was a myth.

He recommended businesses review their information security and ensure they had data breach plan in place before the new laws came into effect, March 12, 2014.

iTnews and Secure Computing intend to produce a guide to navigating the revised Privacy Act before the end of the year.

To that end, we will be holding a workshop in Sydney during early December to recommend how IT policies snd systems need be overhauled to comply with the amendments.

We welcome CSOs and privacy/InfoSec professionals interested in participating to register here.

CIOs and IT managers that wish to engage with this expert panel over a roundtable lunch late in the day to register here.

Click here if you cannot attend but would like a copy of the report/recommendations.

Copyright © iTnews.com.au . All rights reserved.


Privacy Commissioner plans hardline approach to new Act
Timothy Pilgrim, Privacy Commissioner.
 
 
 
Top Stories
The CISO’s dilemma: Do you trust your partner’s partner?
[Blog post] How far down the chain do you check?
 
Microsoft confirms Australian Azure launch
Available from next week.
 
NBN Co names first 140 FTTN sites
National trial extended.
 
 
Timothy Pilgrim, Privacy Commissioner.
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
In which area is your IT shop hiring the most staff?




   |   View results
IT security and risk
  25%
 
Sourcing and strategy
  12%
 
IT infrastructure (servers, storage, networking)
  23%
 
End user computing (desktops, mobiles, apps)
  14%
 
Software development
  27%
TOTAL VOTES: 280

Vote
Would your InfoSec team be prepared to share threat data with the Australian Government?

   |   View results
Yes
  61%
 
No
  39%
TOTAL VOTES: 100

Vote