Privacy in Australia from Federation to Framework - Will the notifiable data breach regime breathe new life?

At the start of the 21st Century the legal concept of privacy was just short of dead in Australia. Despite longstanding suggestions of support for the concept in its disparate forms — including the potential for a common law, or even a statutory, cause of action — no enduring legal criteria had been identified. The European-based privacy principles in the Privacy Act provided a limited source of privacy protection but with little teeth. The near final nail in the coffin has been the recent lack of application to metadata of the Australian privacy principles.

More recently, developments in 2012 in relation to the human rights framework have given no substantive content to the existence or protection of privacy in Australia.

However, the recent enactment of the notifiable data breach legislation has potentially resurrected privacy in Australia. New life has been breathed into privacy protections which are reportable to the Australian Information Commissioner, the subject of significant penalties and, most importantly, involve the very real potential of judicial involvement.

See further:

Wilson, “Privacy in Australia from Federation to Framework - Will the notifiable data breach regime breath new life?” (2018) 46 Australian Bar Review 316.