Virtual Libraries

Tax Library

Food Law Library

Intellectual Property Library

Superannuation Law

Corporations Law

International Law

Legislation

Court Resources

Government Bodies

Copyright © Baldwins
1998-2006

New Privacy Laws Will Impact On Many Businesses

September 2001

Many businesses are not aware that as from 21 December 2001, Australian businesses are not able to use, collect or disclose personal information about their clients, suppliers or competitors except in certain circumstances. (Businesses with a turnover of less than $3 million have until December 2002 to comply unless they are in the business of providing a health service, trading in personal information, or contracting with the Commonwealth Government. Related companies can transfer personal information between themselves as long as it is stored and used in accordance with the new privacy laws.) The new laws give effect to international obligations initiated by the European Union and accepted by Australia’s legislators.

New Privacy Procedures

Unless businesses have developed their own approved privacy code, they must only collect information that is necessary for their legitimate business activities. Unless it is “unreasonable and impractical” to do so, businesses must collect any personal information directly from the individual concerned. Clearly, this reduces the possibility of businesses being able to sell or buy information about current or prospective clients or suppliers.

The new laws require that people are to be informed if their personal information is to be collected and stored, and they must be told why the information is to be collected. Although personal information may be used to establish contact (eg. for direct marketing purposes), an individual must be given the opportunity to opt out of being approached on future occasions.

Many businesses will need to change their procedures for handling information about customers and other database information of the business.

Tough Penalties for Privacy Breaches

Substantial penalties will be imposed on businesses or individuals who breach the privacy provisions. For example, companies or individuals who do not comply with requirements may be forced to compensate those affected by the breach, correct, delete or alter personal records, and may be fined up to $30,000 (individuals) or $150,000 (companies) for each offence. Compliance with the new laws is therefore essential, but business owners and managers should recognise the commercial advantages of protecting the privacy of their customers. A recent survey, by the Federal Privacy Commissioner, found that more than 40% of respondents could refer to an instance of refusing to deal with a business that had not addressed a privacy issue.

For further information, contact Joe Lederman at BALDWINS, Australian Lawyers & Consultants.

Return to the Intellectual Property Law Archive.