New Cyber Security Regulation for Australia
Draft new cyber security bills were released this month. The purpose of the new laws...
Draft new cyber security bills were released this month. The purpose of the new laws...
The January to June 2024 Data Breach Report from the Office of the Australian Information...
After nearly five years of discussion, the much-anticipated Privacy Act changes were introduced into Parliament...
The Australian Federal Government announced in September 2024 that it will release ten mandatory AI...
Employee records of current or former private sector employees are exempt from the Australian Privacy...
If you’re taking the CIPP/E or just interested in how European and EU data protection...
We’ve analysed two determinations from the Australian Information Commissioner relating to data breach reporting and...
What will the proposed changes to Australia’s Privacy Act mean for transparency? For Privacy Awareness Week...
Australia’s Digital ID Bill passed on Mar 28, 2024. Our new ID system is designed...
Privacy Impact Assessments are a powerful and often overlooked tool. They’re a compliance requirement, in...
Optus has lost a bid in the Australian federal court to keep secret a Deloitte...
In November 2023, the Office of the Australian Information Commissioner (OAIC) announced the commencement of...
Earlier this year, we provided an update on the privacy reform proposals related to ‘accountability’...
Will Australia be getting a Cyber Security Act any time soon? The cyber security regulatory...
Changes to the Privacy Act changes have been been flagged in the Australian Government’s response...
In July 2023, the Australian Federal Court ordered two subsidiaries of social media giant Meta...
Regulating AI has been on the agenda globally for some time, amid growing concern over...
After three years of limbo, personal data can flow from the EU to companies in...
In May, hundreds of AI experts warned that AI (if left unchecked) could pose an...
In Australia, privacy protections don't apply once you're dead. What do Kylie Minogue, John Lennon, Madge...
Sending unsolicited emails, or spam, can not only damage your organisation’s reputation but also land...
Dark patterns is a subject close to our heart. We’ve written about them before, including: Dark...
In February 2023, the Australian Attorney-General released its Privacy Act Review Report 2022 and we...
We’ll continue our deep dive into Australia’s Privacy Act Review report in this article. We...
On 8 December 2022, the Minister for Cyber Security, the Hon. Clare O’Neil MP, announced...
We’re continuing our deep dive into the Privacy Act Review Report. You can read our...
Organisations covered by the Australian Privacy Act must provide access to the personal information the...
When a potential hire sends you their CV, you will likely collect their personal information....
Can you record conversations in Australia? This is the most common question we get asked...
DNA testing – should we care? You may have seen The Lost King, a fascinating film...
Big data offers huge benefits: it improves human life with new medical and health solutions...
Australia’s regulation of electronic surveillance has been a mess for some time. When it announced...
The CPRA (California Privacy Rights Act) is set to change the face of privacy in...
With Optus and Medibank data breaches affecting over 10 million Australians, many have pointed to...
While million-dollar fines are commonplace in Europe, the $1.2million settlement following the Sephora Enforcement Action...
Email marketing can be exceptionally effective – but engaging in it is also rife with...
The Optus data breach has exposed how harmful a cyber incident can be. Many are...
Roe v Wade, the US Supreme Court case which protected the right to abortion for...
Key takeaways: Employee photos may be personal information for the purposes of the Privacy Act,...
Email marketing is remarkably effective. In its 2021 Email Marketing ROI Statistics report Barilliance cites the average return-on-investment...
One of the most common privacy questions is: are work email addresses considered personal information...
Small businesses[1] are largely exempt from the Australian Privacy Act 1988 (Cth) and this is...
The Office of the Australian Information Commissioner (OAIC) recently released its Notifiable Data Breaches Report: January...
Regulators around the globe have been targeting their enforcement efforts at companies that engage in...
Data mapping is one of the most critical steps in any privacy program. Maintaining a...
Australian federal law enforcement agencies can now alter online data and take over on-line accounts....
In early May 2022, the Australian Federal Court released its judgement in the long-running ASIC...
Ransomware in Australia is on the rise! As a result, regulators are paying more and...
Today, there’s no such thing as the ‘ideal background’ for a privacy professional. Privacy is...
In 2019, we reported on three (3) Australian data breach class actions. Nearly 2 years...
Australia has a patchwork of state laws that cover listening devices and the surveillance of...
Organisations are getting used to the extraterritorial scope of privacy laws enacted in other countries,...
Canada appears to be looking to update and strengthen its digital privacy with the introduction...
Queensland is updating its Information Privacy and Right to Information Framework, with a consultation paper...
The American Data Privacy and Protection Act (ADPPA) is making its way through the US...
On 30 June 2022, the Cyberspace Administration of China (CAC) released a template agreement for...
The Australian Competition and Consumer Commission (ACCC) has proposed a “three-pronged approach” to ensure Australia...
Thailand enacted its comprehensive privacy law on 28 May 2019. After giving covered organisations three...
Dark patterns regulation has emerged as a focus in both the US and EU over...
Laws banning dark patterns, hidden advertising, and manipulated consumer reviews became effective in the EU...
Privacy breaches and enforcement in Europe, the US, and Australia garner much media attention in...
The New SCCs require organisations to undertake a transfer impact assessment before completing a transfer...
Under Australian law, organisations are required to notify the Office of the Australian Information Commissioner...
When the GDPR introduced hefty new fines and more stream lined enforcement, many privacy advocates...
China’s privacy law, the Personal Information Protection Law (PIPL), came into effect on November 1,...
Late last month, in our coverage of the largest GDPR fines in 2021, we outlined...
EU privacy regulators last year levied fines totalling more than €1 billion for GDPR breaches,...
Privacy 108 has submitted its response to the Privacy Act Review Discussion Paper. You can...
The Privacy Act Discussion Paper, the latest stage in the comprehensive review of Australia's Privacy ...
On December 15, 2021, the United States and Australia signed an agreement to make it...
Many Australian organisations have suffered the double whammy of being caught by the extra territorial...
In October 2021, the Australian Attorney-General's Department issued a discussion paper seeking further submissions on...
In mid-October 2021, Australia’s new Ransomware Action Plan was released by the Department of Home...
Earlier this year, we published a post about Australia’s First Cyber Security Case – ASIC...
How are Cookie laws changing in APAC? We recently covered the move away from the use...
The world of on-line cookies is changing with regulators making their use more difficult, browsers...
Another piece is added to the jigsaw of China’s privacy and security laws. The Personal...
On 13 July 2021, the Australian Government through the Department of Home Affairs (DHA) opened consultation...
There is no doubt that ransomware attacks are amongst the most serious cyber threats to...
China has released a new Data Security Law that adds to the existing web of...
Concerns around bias, discrimination and unfairness dog the use of Artificial Intelligence, not without justification...
Privacy impact assessments are an underutilised tool that organisations can use to enhance data protection...
On 4 June, the European Commission (EC) published its finalised version of the new Standard...
The ACCC has successfully argued that Google engaged in misleading and deceptive conduct in a world-first enforcement proceeding....
Global privacy law is undergoing massive change. Different countries are trying to keep up with...
Our earlier article about Flight Centre’s 2017 privacy breach and OAIC investigation received quite a bit of...
In November 2020, the OAIC released its report into Healthscope’s security and privacy processes. According...
The safety of digital files in transit was recently thrown into the spotlight by the Accellion...
Brisbane based Cryptoloc's innovative encryption process may be the supplementary measure your business needs to...
The OAIC 2020 Highlights Infographic gives us plenty of information about the direction of privacy...
ASIC's action against RI Advice Group might be Australia's first cyber security case. On 21 August...
The age-old idiom “less is more” is gaining traction in the privacy sphere. Data minimisation...
The EU Commission’s draft opinion favours recognising UK as an adequate jurisdiction for data transfers,...
In January, WhatsApp users received a popup outlining that they’d need to agree to the new terms...
In November 2020, the Australian Federal Government commenced its latest review of the Privacy Act...
Are employers responsible for their employees' data breaches? A recent decision in the UK might allay...
On 26 June 2020, the NZ Parliament passed a bill reforming the nation's privacy law,...
How does Australia’s COVIDSafe App stack up from a privacy perspective? Introduction For most, the exit strategy...
Given the uncertainty about the right to sue for breach of privacy in Australia, introduction...
Test, track and trace is becoming the universal strategy to support a move out of...