Scribd
Upload
383 views12 pages

Privacy Law: Review of The Act & Implications For Marketers

The document summarizes key aspects of Australia's proposed changes to privacy law, including implications for marketers. It discusses the review process, expanded definition of personal information, new rules around anonymity, prohibitions on direct marketing using third party data, fines and enforcement, and implications for cross-border data transfers. Marketers are encouraged to get involved in discussions and prepare for compliance.

Uploaded by

Datalicious Pty Ltd
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
383 views12 pages

Privacy Law: Review of The Act & Implications For Marketers

The document summarizes key aspects of Australia's proposed changes to privacy law, including implications for marketers. It discusses the review process, expanded definition of personal information, new rules around anonymity, prohibitions on direct marketing using third party data, fines and enforcement, and implications for cross-border data transfers. Marketers are encouraged to get involved in discussions and prepare for compliance.

Uploaded by

Datalicious Pty Ltd
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 12

PRIVACY LAW

REVIEW OF THE ACT & IMPLICATIONS FOR MARKETERS

JODIE SANGSTER CEO - ADMA

THE REVIEW
WHY REVIEW? Required by original Act AND needs to be updated PROCESS? Six year review! Multiple consultations. Last minute changes SCOPE?: All provisions are being reviewed WHY NOW? Elections? INTERNATIONAL CONTEXT? Worldwide focus on privacy issues - Europe - USA

IMPORTANT CHANGES
Definition of personal information Anonymity & pseudonymity Prohibition on direct marketing: Use of third party data Transborder data transfers Fines

PERSONAL INFORMATION
DEFINITION: Information or an opinion about an identifiable individual, or an individual that is reasonably identifiable: Whether the information is true or not Whether the information is recorded in a material Its about form or not
me

DIFFERENCES: Potential to extend the scope IMPLICATIONS: Future issues with regard to application

ANONYMITY & PSEUDONYMITY


REQUIREMENT Individuals must have the option of not identifying themselves, or of using a pseudonym, when dealing with an organisation in relation to a particular matter Unless It is impractical for the organisation to deal with individuals who have not identified themselves IMPLICATIONS Currently unclear but Privacy Commissioner has provided his view

PROHIBITION ON DIRECT MARKETING


If an organisation holds personal information about an individual, the organisation must not use or disclose the information for the purpose of direct marketing

PROHIBITION ON DIRECT MARKETING


If an organisation holds personal information about an individual, the organisation must not use or disclose the information for the purpose of direct marketing
UNLESS The information has been collected from the individual; AND The individual would expect the organisation to use or disclose the information for the purpose; AND The organisation provides a simple means by which the individual may request not to receive DM communications; AND The individual has not made such a request to the organisation

USING THIRD PARTY DATA FOR MARKETING


An organisation may use or disclose personal information for direct marketing if the organisation has collected information from a third party: The individual has consented to the use or disclosure (or gaining consent is impracticable); AND The organisation provides a simple means to opt-out; AND In each communication the organisation provides a prominent opt-out statement; AND The organisation draws the individuals attention to the fact they can make such a request; AND The individual has not made such a request

CROSS BORDER DISCLOSURE


Before an organisation can disclose personal information to an entity overseas: The organisation must take steps that are reasonable in the circumstances to ensure the overseas recipient does not breach the Australian Privacy Act. Or The recipient is subject to a law that has same standards as the Australian legislation Or Individuals have actively consented to the disclosure

FINES & ENFORCEMENT


New powers to apply sanctions, obtain enforceable undertakings and penalties where the APC commences an own motion investigation New ability to take organisations to court and seek civil penalties of $1.1m per contravention No maximum limit. We want further assurance that organisations that have done everything they reasonably could be expected to do will not be penalised

NEXT STEPS
Continual engagement with Canberra Inform your compliance officer GET INVOLVED! ADMA Compliance Hub www.admadialogue.com.au ADMA Privacy Taskforce Contact [email protected] Weekly newsletter - www.adma.com.au/opt-in/

THANK YOU!

JODIE SANGSTER CEO ADMA [email protected]

You might also like