Persevering Progress: Privacy Act ‘Accountability’ Reforms
Earlier this year, we provided an update on the privacy reform proposals related to ‘accountability’ obligations in the Australian Attorney-General’s Privacy Act Review Report 2022 (Privacy Review Report). Accountability obligations cover the different actions and controls that an entity must implement to comply, and demonstrate compliance with, the privacy regulatory framework.
Just as a recap, the Privacy Review Report recommended proposed accountability reforms addressing the following themes:
- Public-facing privacy notice requirements
- Internal organisational accountability measures
- Transparency and disclosure obligations
In September this year, the Australian Government responded to the Privacy Review Report (here). Earlier this month, we provided a high-level summary of the Government’s response which saw them agree and commit to act on 38 of the 116 proposals from the Privacy Review Report.
Clarifying the Accountability Proposals
This article aims to clarify the ‘accountability’ proposals that have received government endorsement, either through full agreement or in principle. Below, you’ll find a rundown of the Government’s responses to these ‘accountability’ proposals.
As you can observe from the table provided, the Government has fully agreed to only a limited number of ‘accountability’ reforms. The majority of the remaining ‘accountability’ reforms have received an initial ‘in-principle’ agreement, indicating the Government’s intention to conduct further consultations with relevant entities and perform additional analysis to strike the right balance between the privacy benefits for Australians and the impact on regulated entities.
What’s on the horizon?
Australia is making progress toward privacy reform, though the pace is undeniably slow. We foresee that, in early 2024, the Government will introduce draft legislative provisions for the proposals that have been ‘agreed’. These provisions will be followed by targeted consultations with relevant stakeholders before they are finalised. As for the proposals accepted as ‘agreed in-principle’, further consultations are in the pipeline, and we will keep you updated.
At this stage, if you haven’t already, it’s wise to begin crafting a foundational roadmap for a privacy compliance governance framework for your organisation. We offer a range of services to assist organisations prepare for and navigate the forthcoming privacy reforms. Whether you’re looking to kickstart a privacy compliance program or identify any existing gaps in your current privacy program, we can provide valuable support.