Privacy Act Review Report

The long awaited report reviewing Australia’s Privacy Act 1988 has been released by the Australian Government, proposing significant changes including individual rights modelled on the GDPR, such as the right to request erasure, and notification of databreaches to Office of the Australian Information Commissioner within 72 hours. Attorney-General Dreyfus’ statement releasing the report says, ‘the Privacy Act has not kept pace with the changes in the digital world. The large-scale data breaches of 2022 were distressing for millions of Australians, with sensitive personal information being exposed to the risk of identity fraud and scams.’ In relation to security, destruction and notifiable databreaches the report states, ‘recent large-scale data breaches have highlighted the vast amount of personal information that is collected and retained by entities, and the need for entities to put in place stronger protections to prevent unauthorised access to Australians’ information. The best way to protect personal information is […]