Privacy Act Amendments – Are You Compliant?

Although not all businesses are required to comply with the Privacy Act 1988, most businesses will have agreed to comply with it, and have a privacy policy which has been prepared based on the provisions of the Privacy Act.

The Privacy Amendment (Enhancing Privacy Protection) Act 2012 has introduced significant amendments to the Privacy Act. These changes commenced on 12 March 2014, and all qualifying entities were required to be compliant with the changes by 12 March 2014.

What has changed?

There are several significant changes to the Privacy Act which businesses need to be aware of. In particular:

  1. The National Privacy Principles and Information Privacy Principles have now been replaced with a unified set of principles called the Australian Privacy Principles (“APPs”). The APPs regulate how both businesses and Australian government agencies are required to handle personal and sensitive information. The APPs contain 13 privacy principles, in comparison to the 10 principles under the National Privacy Principles.
  2. APP 7 is a new addition and relates to the use and disclosure of personal information for direct marketing purposes.
  3. Under the APPs, all privacy policies are now required to include how a person may complain about a breach of the APPs, or a registered APP code (if any) that binds the business, and how the business will deal with such a complaint. There is no set procedure for how a business is required to handle a complaint.
  4. Under the APPs, all qualifying entities are required to include in their privacy policies whether they are likely to disclose the person’s personal information to recipients overseas, and, if so, which countries it is likely to disclose the personal information to. This is a new addition to the privacy principles and must be incorporated into the privacy policy.
  5. The information that you are required to provide to people at the time you collect their personal information (or as soon as practicable after) has also been amended. You are now also required to provide the following:
  • the fact that the privacy policy contains information about how the person may complain about a breach of the APPs;
  • whether you are likely to disclose the person’s personal information to overseas recipients, and, if so, to which countries;
  • if you collect personal information from someone other than the person; and
  • the main consequences (if any) for the person if all or some of their personal information is not collected by you.

Under the Privacy Act amendments, the Australian Information Commissioner’s (through the Privacy Commissioner) enforcement powers have also been increased.

The Privacy Commissioner is now able to:

  • seek civil penalties of up to $1.7 million if your business repeatedly breaches privacy, or if there has been a serious breach of privacy; and
  • accept enforceable undertakings.

It is crucial that you review your privacy policies,internal privacy procedures and privacy statements to ensure that they comply with the amendments to the Privacy Act. This is particularly important given the increased enforcement powers of the Privacy Commissioner.

If you are concerned about the amendments, we are able to provide a privacy policy that incorporates the most recent amendments for a fixed fee of $770 (including GST).

Please do not hesitate to contact us if you require further information about the amendments, or would like assistance to ensure that you are compliant.



Negotiations in the lead up to finalising a contract can be stressful. During negotiations a range of matters may be canvassed until an agreement is reached and there is usually great relief for both parties when the uncertainty is over. Or is it?

Potential liability

What was said during the negotiations leading up to an agreement can have a major impact on the expectations of each party to the agreement, whether the expectations relate to specific terms of the contract, how a contract will be performed or even the nature of the contract itself.

However, many people do not realise that the statements made during negotiations could still give rise to claims for damages by one party for misleading the other if the representations that were made prove to be false.

This is as a result of section 18 of the Australian Consumer Law which prohibits conduct in trade or commerce that is misleading or deceptive.

Although many contracts contain entire agreement clauses, and they can be effective at excluding parties from relying on representations, the parties cannot contract out of the provisions of the Australian Consumer Law.

This means that a party may be bound to representations that were made during discussions prior to the signing of a contract, even if they are not included in the written contract.

Careful consideration should be given to the terms of any clause purporting to exclude precontractual representations, because if it is not carefully drafted it may be ineffective and have wide ranging consequences for all the parties to a contract.