cipa

A spotlight on Australia Privacy Reform

Australia has undergone a major overhaul of its privacy laws to strengthen protections for the digital age. Tranche 1 reforms to the Privacy Act includes a new statutory tort for serious privacy invasions, increased penalties and enforcement powers, new tiered civil penalty regimes, and a criminal offence targeting 'doxxing'.

By end of next year, social media service providers, relevant electronic services or designated internet services with an Australian end-user must comply with stronger children's privacy protections through the OAIC's Children's Online Privacy Code and APP entities must disclose automated decision-making. While tranche 2 implementation timing remains unclear, organisations should prepare for potential changes including the "fair and reasonable" test, removal of small business exemptions, and new controller/processor distinctions. Separately, Australia's Social Media Minimum Age Act will also be enforced by 11 December 2025.

Australia is transforming ‘future proofing’ its cyber security landscape with an ambitious 7-year strategy to establish the nation as a cyber security leader by 2030. The Cyber Security Act 2024 reshapes organisational approaches to cyber threats through mandatory ransomware payment reporting to the Australian Signal Directorate and security standards for IoT and smart devices operating in Australia. Adequate cyber-security protections also remains an enforcement priority for the key regulators including OAIC and ASIC.

Our top-ranked Cyber, Privacy & Data Protection experts stay ahead of these developments and has deep experience assisting organisations navigate these complex reforms.

No Image

Privacy Unpacked Podcast

Your Podcast Guide to Navigating the Complex World of Data Protection

tune in here

Global Cookie Review

Our Global Cookie Review provides a global overview of the legal and regulatory landscape relating to the use of cookies and similar technologies.

Access the latest edition here

GDPR Guide

The GDPR, as the European Union's cornerstone data protection law, applies to almost all organisations doing business in or with the EU, or individuals in the EU.

view the guide here

What's on TwoBirds TV?

More Videos
No Image