Management of Data Centres in Australia - Key Legal Issues Part 1

Cross-border data flows and the extra-territorial application of data privacy laws: Some thoughts from Down Under

In Part 1 of this article series, we consider some of the cross-border compliance and enforcement risks which can arise when cloud data centres are used to hold and process personal information. We do so through the lens of Australia’s privacy laws.

Cross-border data flows and extra-territorial application of foreign laws

For organisations that operate or deliver services in multiple jurisdictions, cloud data centres are appealing as data can be readily collected and processed across each of an organisation’s operating or service delivery locations. Notwithstanding the efficiency of cloud data solutions, there are cross-jurisdictional and organisational complexities that must be considered, especially if the data being collected and processed includes personal information. By way of example, recent legal developments in Australia have the potential to bring the acts and practices of many more foreign organisations within the scope of Australia’s privacy laws, even if those organisations do not have an Australian office and do not generate revenue in Australia.

An Australian perspective

In Australia, the collection, use, disclosure and security of personal information is governed by the Australian Privacy Principles (APPs) which are set out in Schedule 1 to the Privacy Act 1988 (Cth)…

Full article available on Disputes +

Latest insights

More Insights
Orange notepad with pencil

Intellectual Property in E-Cigarettes and Vapes in the UAE

Jun 13 2024

Read More
Suspension bridge over water at sunset

Setting the scene: Hong Kong Privacy Commissioner publishes first comprehensive AI-specific guidance

Jun 13 2024

Read More
Baggage carousel

Travel businesses and trade marks

Jun 13 2024

Read More