Privacy and Other LegislationAmendment Bill 2024 – Government moves the Second Reading and publishes Second Reading speech
October 8, 2024
The Government has published the Second Reading Speech and adjourned debate of the Bill. The Second Reading Speech is dated 12 September 2024 however the Daily Program lists the Speech as being moved today. It only recently appeared on the Bill’s homepage.
The Bill provides the Privacy Commissioner with more flexibility with enforcement, allowing for infringement notices and new civil penalties. The real issue there is getting the Commissioner to use those powers. The existing civil penalty provisions have only been used twice, and then only very recently and neither case has reached resolution.
The statutory tort for serious invasions of privacy is welcome however the exemption carve outs, for journalism, law enforcement and security limit its effectiveness. There is no consideration of whether the actions of the journalist is excessive and irresponsible in breaching a person’s privacy. In the UK there is a balancing between Article 8, a right to privacy, and Article 10 a freedom of expression as applies to the media.
There is specific provision for the development of a Children’s Privacy Code. According to the Attorney General that is designed to align the protections with those that exist overseas.
Doxxing will be criminalised.
There are other provisions which clarify the sharing of information when there are data breaches and during emergencies and regarding overseas data flows.
The amendments are conservative and modest but a move in the right direction. These changes will not make Australia’s Privacy Act the gold standard but if the further reforms proposed by the Attorney General’s Department are implemented then the level of protections will allow for a more effective regulation and protections.
The Second Reading provides:
Introduction
The digital economy has unleashed enormous benefits for Australians. But it has also increased the privacy risks we face through the collection and storage of enormous amounts of our personal data.
The Privacy Act 1988 represented the first time that a comprehensive, integrated set of legal rules protecting interests in privacy existed in Australia. On introducing it, Attorney-General Lionel Bowen told the parliament that ‘enormous developments in technology for the processing of information are providing new and, in some respects, undesirable opportunities for the greater use of personal information.’
In that respect, little has changed. Evolutions in technology and the way people use it continue to vex those who share information online, and those charged with regulating it. It is essential that Australians are protected by a legal framework that is flexible and agile enough to adapt to changes in the world around them.
The Privacy Act has not kept pace with the adoption of digital technologies. The vast data flows that underpin digital ecosystems have also created the conditions for significant harms—like major data breaches that have revealed the sensitive information of millions of Australians, exposing us to the risk of identity fraud and scams. Read the rest of this entry »