Here's What The Big Changes To Australia's Privacy Laws Next Week Mean For You

Sean Gallup/Getty

If you’re wondering why you keep getting those marketing emails disguised as newsletters, you’ll soon be able to find out.

Privacy laws fundamentally change in Australia next week and give you more rights than just opting out.

If you ask, companies must disclose where they got your personal contact information from.

And from March 12, anyone can demand a copy of private information about them held by companies or the government.

And the companies have to provide that information, correct it if you ask them and determine whether that information gets sent overseas or not.

Companies must also get your agreement on what they can do with the information they collect about you. Or they can’t use the information.

If they don’t give you the information or get your agreement, the changes to the federal Privacy Act mean fines of up to $1.7 million for companies and $340,000 for individuals.

However, unlike the US, the new rules don’t force a company to tell anyone about a security breach or, for example, the loss of credit card details.

“You don’t have to report a breach of privacy,” says Pat Devlin of global security group WatchGuard Technologies. “It’s strongly recommended but you don’t have to.”

He recommends companies, as a first step to meeting the requirements of the new rules, at least have a privacy policy document.

But Devlin suspects that most companies are totally unprepared.

“Half the people I talk to are aware of it (the changes) but I wouldn’t say there are a lot of people beavering away getting prepared to switch on something next week,” he says.

“We’re proactively reaching out to people and saying: are you aware that this is coming because you need to be able to turn this function on?

“The people we are talking to are interested and engaged and starting to do that.

“But I had hoped people would be calling me and asking me to help them out.”

Everyone now has a right to see a copy of and have the opportunity to correct their information.

“If you call a company and say you want to see their privacy policy and they can’t show you one, they are in breach,” Devlin says.

How soon a company needs to provide information requested is undefined. Currently, the information must be provided in a ‘reasonable’ time.

Devlin expects there will be a few high profile cases launched by the Office of the Australian Information Commissioner.

And those court cases will get closer to defining what a reasonable time might be.

Business Insider Emails & Alerts

Site highlights each day to your inbox.

Follow Business Insider Australia on Facebook, Twitter, LinkedIn, and Instagram.