In a decision published this week the Australian Privacy Commissioner has clarified that metadata may be personal information when an organisation has the capacity and resources to link that information to an individual Partner Michael Pattison Associate Priyanka Nair and Law Graduate Leah Wickman ...

With an upward trend in large-scale ransomware attacks and the number of data breaches reported globally mandatory data breach notification will become law in Australia in February 2018 This will place privacy compliance and cyber security in sharp focus Partner Michael Park Lawyer Samantha Naylor ...

The Federal Government has taken the first step in fulfilling its promise to introduce a mandatory data breach notification scheme Under an exposure draft of the proposed legislation companies will be required to notify the Office of the Australian Information Commission and affected individuals of ...

The AAT has overturned the Grubb determination of the Commonwealth Privacy Commissioner and found that mobile network data from an individual's phone activity does not constitute 'personal information' under the Privacy Act ...

The Federal Governments response to the Productivity Commissions report on data availability and use released this week outlines a bold vision but has a surprising lack of detail suggesting implementation is likely to be some way off If legislation is introduced the new regime will result in a ...

Where multiple entities jointly hold personal information compromised in a data breach only one of those entities will need to comply with the assessment and notification requirements under the Notifiable Data Breaches Scheme NDB Scheme That is compliance by one entity will be taken to constitute ...

ASIC's latest Corporate Plan has put cyber resilience high on the agenda ...

While the Consumer Data Right CDR regime is likely to benefit businesses by increasing access to greater consumer data and customers by increasing choice and competition the draft legislation leaves a lot of the details to be finalised at a later date primarily through the Australian Competition and ...

As part of the new Consumer Data Right CDR framework a new regime of offences remedies and enforcement powers will be implemented The Australian Competition and Consumer Commission ACCC will have primary oversight for the enforcement of the regime though the OAIC will handle privacy complaints in ...

The Australian Government has released draft legislation to provide national security and law enforcement agencies with means to access encrypted communications and devices The draft legislation aims to respond to the increasingly widespread use of encryption by Australian consumers and the ...