Training is key to avoiding legal liability for rogue employees

Organisations may be able to escape liability for privacy breaches caused by ‘rogue’ employees, but only if proper protections were in place to start with….

How to draft a privacy policy like the law expects – instead of like a lawyer

Australian privacy law requires regulated organisations to have a privacy policy and collection notices. United States models don’t comply. By ANNA JOHNSTON.

Big Brother is watching: the hidden cost of the Gold Opal Card

Transport for NSW contravened the Privacy and Personal Information Protection Act 1998 by its collection of Gold Opal Card data. By STEPHEN MCKENZIE and EVA…

2018: a year of significant changes to privacy law

A number of significant reforms to privacy law commence in 2018. Legal practitioners will need to consider the impact on clients, and on their own…

Mass surveillance and data retention: do the means justify the ends?

The Attorney-General’s Department released the Telecommunications (Interception and Access) Act 1979 – Annual Report. By MICHELLE MEARES.

Is your practice secure? Client confidentiality and data breach

A data breach response plan is essential to being prepared for an eligible data breach. By HELEN BROWN.

The end of a long road: mandatory data breach notification becomes law

The introduction of mandatory data breach notification obligations may ultimately lead to an increase in privacy-related litigation (including class actions). By NICK ABRAHAMS and JAMIE…

Data, metadata & personal information: landmark Federal Court ruling

The Privacy Act 1988 (Cth) places legal obligations on businesses and government agencies. These obligations are triggered when data meets the definition of ‘personal information’….