|
Expert
Legal Knowledge |
"Lawyers who enjoy keeping up to date with the latest legal and regulatory developments"
|
|
|
7 November 2018 - APRA Releases Cyber Attacks Information Security StandardThe Australian Prudential Regulation Authority (APRA) released an information security standard which aims to ensure that APRA-regulated entities take measures to make them resilient to cyber attacks by requiring them to clearly define information-security related roles and responsibilities, maintain an information security capability commensurate with the size and extent of threats to their information assets, implement controls to protect their information assets commensurate with the criticality and sensitivity of those assets and notify APRA of material information security incidents.
|
|
2 October 2018 - Federal Court Imposes Penalties of $3.5 Million on EquifaxThe Federal Court has ordered Equifax (formerly VEDA) to pay penalties of $3.5 million for engaging in misleading and deceptive conduct and unconscionable conduct as a result of its representatives making false and misleading representations to consumers in phone calls by telling them that its paid credit reports were more comprehensive than the free reports which Equifax was required to provide to consumers under the Privacy Act 1988 (Cth) when the reports actually contained the same information.
|
|
26 September 2018 - Fitness First Penalised for Excessive Payment SurchargeFitness First Australia Pty Ltd was required to pay a penalty of $12,600 for imposing a fifty cent flat fee surcharge of about 1.09% for the processing of a $46 fortnightly membership payment using MasterCard debit payment after the Australian Competition and Consumer Commission issued it with an infringement notice for breach of the excessive payment surcharge provisions contained in the Competition and Consumer Act 2010 (Cth) as its actual costs of processing the MasterCard debit payment were only 0.81%.
|
|
16 August 2018 - Enhancing Online Safety (Non-consensual Sharing of Intimate Images) Bill 2018The Enhancing Online Safety (Non-consensual Sharing of Intimate Images) Bill 2018 (Cth) passed the House of Representatives making a person who posts online an intimate image of another person without consent, or who refuses to remove such an intimate image in accordance with a removal notice, liable to a civil penalty and a person who uses a telecommunications service to transmit such an intimate image liable to a criminal penalty.
|
|
31 July 2018 - OAIC Releases Second Notifiable Data Breaches Quarterly ReportThe Office of the Australian Information Commissioner released its second quarterly report under the Notifiable Data Breaches scheme advising that 242 data breach notifications had been reported in the period from 1 April to 30 June and that the main causes of these data breaches were malicious or criminal attacks (142 notifications mostly involving compromised credentials) and human error (88 notifications mostly involving sending emails containing personal information to the wrong recipient).
|
|
15 June 2018 - $1.95 Million Penalty for Australian Consumer Law Domain Name BreachDomain Corp Pty Ltd and Domain Name Agency Pty Ltd were ordered to pay $1.95 million in penalties for breaching the Australian Consumer Law by making false and misleading representations and engaging in misleading and deceptive conduct as a result of the companies sending out approximately 300,000 unsolicited notices to organisations which looked like domain name renewal notices but were actually notices for registration of new domain names for which approximately $2.3 million was paid by organisations.
|
|
25 May 2018 - EU General Data Protection Regulation (GDPR) commencesThe European Union's General Data Protection Regulation commenced which applies to all organisations operating within the EU and organisations in Australia and other countries outside the EU but which offer goods or services to persons in the EU and imposes fines up to the greater of 20 million euros and 4% of an organisation's total worldwide annual turnover for non-compliance with its data protection provisions.
|
|
11 April 2018 - OAIC Releases Notifiable Data Breaches Quarterly ReportThe Office of the Australian Information Commissioner released its first quarterly report under the Notifiable Data Breaches scheme which stated that 63 data breach notifications had been reported under the scheme and that 51% of these notifications were attributed to human error, 44% of these notifications were attributed to malicious or criminal attack and 3% of these notifications were attributed to system faults.
|
|
22 March 2018 - ACMA fines Allied Construction and Roofing Pty Ltd $21,600 for calling numbers on Do Not Call RegisterThe Australian Communications and Media Authority fined solar power business Allied Construction and Roofing Pty Ltd $21,600 for calling numbers on the Do Not Call Register without consent and accepted a court enforceable undertaking from the company detailing its commitment to comply with the telemarketing rules under the Do Not Call Register Act 2006 (Cth).
|
|
22 February 2018 - Notifiable Data Breaches Scheme CommencesOrganisations subject to the Australian Privacy Principles contained in the Privacy Act 1988 (Cth) must commence notifying affected persons of specified data breaches under the new Notifiable Data Breaches (NDB) scheme where the data breach involves unauthorised accessing or releasing of personal information or the loss of personal information likely to be accessed or released without authorisation in circumstances which are likely to result in a person suffering serious financial harm or harm to the person's mental or physical well-being.
|
|
24 January 2018 - ACCC releases Payment Surcharges GuideThe Australian Competition and Consumer Commission released a guide to assist businesses to comply with the new ban under the Competition and Consumer Amendment (Payment Surcharges) Act 2016 (Cth) which prohibits the charging of payment surcharges that are more than the actual cost of accepting the payment method which includes typical card payment methods such as Eftpos, MasterCard, Visa and American Express.
|
|
15 December 2017 - OAIC releases Notifiable Data Breaches Scheme ResourcesThe Office of the Australian Information Commissioner released resources to assist organisations subject to the Australian Privacy Principles to comply with their obligations under the Notifiable Data Breaches scheme established by the Privacy Amendment (Notifiable Data Breaches) Act 2017 (Cth) which requires that they notify individuals whose personal information is involved in a data breach that is likely to result in serious harm.
|
|
2 November 2017 - ACMA fines TPG $360,000 for breaching Spam Act 2003The Australian Communications and Media Authority fined TPG Internet Pty Limited $360,000 under the Spam Act 2003 (Cth) for not properly processing unsubscribe requests from consumers who had unsubscribed from receiving commercial electronic messages from it but continued receiving such messages.
|
|
4 October 2017 - ACMA issues ValueAd Marketing Formal Warning for breaching Spam Act 2003The Australian Communications and Media Authority issued a formal warning to ValueAd Marketing Pty Ltd for breaching the Spam Act 2003 (Cth) by sending almost 25,000 commercial SMS messages to promote product sampling / testing and mystery shopping opportunities where the messages did not include its contact details so that recipients could readily contact it.
|
|
15 September 2017 - Telecommunications Sector Security ReformsThe Telecommunications and Other Legislation Amendment Bill 2016 (Cth) was passed by both Houses of Parliament with the intent of significantly enhancing the security of critical telecommunications infrastructure by requiring telecommunications carriers and carriage service providers to do their best to manage risks to ensure the availability and integrity of their networks and facilities and to protect the confidentiality of information stored on and carried across their networks and facilities.
|
|
25 August 2017 - Victorian Government releases Cyber Security StrategyThe Victorian Government released its Cyber Security Strategy which is intended to ensure secure and resilient government information, services and infrastructure by developing and implementing cyber security capabilities to preserve and improve the protection of sensitive citizen and other data, resilience of government services, systems and infrastructure to cyber threats, protection and security of new digital services for citizens, coordination of its response to infrastructure threats, and security and viability of its core infrastructure.
|
|
12 July 2017 - ACMA fines Upside.Digital $39,600 for breaching Spam Act 2003The Australian Communications and Media Authority fined Upside.Digital $39,600 under the Spam Act 2003 (Cth) for sending a significant number of marketing emails on behalf of its clients which did not clearly contain each client's name and contact details and for being unable to demonstrate how it had obtained consent to send emails on behalf of its clients through other third party marketers which sent the emails to their own customer databases.
|
|
13 June 2017 - ACCC issues Infringement Notice to Sprint TelcoThe Australian Competition and Consumer Commission issued an infringement notice to telecommunications service provider Sprint Telco Pty Ltd for making false or misleading representations to a consumer during a telemarketing call in which it alleged that it was acting as Telstra's agent or with Telstra's approval when it transferred the consumer to it from Telstra.
|
|
9 May 2017 - IP Australia releases IP Commercialisation GuideIP Australia released a guide to assist startups and small businesses with their commercialisation steps involving understanding commercialisation, sourcing and protecting your idea, IP background due diligence, commercialisation vehicle options, business structures, funding your idea and finalising your commercialisation plan.
|
|
13 April 2017 - Review of Access to Telecommunications Data
The Australian Government has completed a review into whether civil litigants should be granted access to data retained by telecommunications service providers solely for the purpose of the data retention scheme and concluded that there is insufficient evidence to allow civil litigants to access such data although they will still be able to access data that is not retained by providers solely for the purpose of the data retention scheme.
|
|
1 March 2017 - Revised Code for Handling Life Threatening and Unwelcome CommunicationsThe revised Handling of Life Threatening and Unwelcome Communications Code developed by Communications Alliance and its members came into effect which establishes standard procedures for the handling by telecommunications industry suppliers of communications in life-threatening situations and unwelcome communications to helplines.
|
|
13 February 2017 - Mandatory Data Breach Notification Laws passedMandatory data breach notification laws will soon commence in Australia after the Privacy Amendment (Notifiable Data Breaches) Bill 2016 (Cth) was passed by the Senate which imposes mandatory data breach notification obligations on organisations regulated under the Privacy Act 1988 (Cth) by requiring them to notify the Privacy Commissioner and affected individuals as soon as practicable after becoming aware of a data breach where there is a likely risk of the affected individuals suffering serious harm.
|
|
19 January 2017 - Definition of "Personal Information" considered by Full Federal CourtIn Privacy Commissioner v Telstra Corporation Limited the Full Federal Court held that the words "about an individual" contained in the then definition of "personal information" in the Privacy Act 1988 (Cth) require that an individual needs to be the subject of the information or opinion (which can have multiple subject matters) and that in every case it is necessary that an item of information or opinion, individually or in combination with other items, is about an individual in order for the item to fall within the definition of "personal information".
|
|
15 December 2016 - ISPs ordered to block access to pirate websitesIn Roadshow Films Pty Ltd v Telstra Corporation Ltd Justice Nicholas of the Federal Court made orders pursuant to section 115A of the Copyright Act 1968 (Cth) requiring that Telstra, Optus, M2, TPG and several other internet service providers block access to a number of overseas piracy websites that infringe or facilitate copyright infringement including The Pirate Bay, Torrentz, TorrentHound and IsoHunt websites.
|
|
12 November 2016 - Unfair Contract Terms in Small Business Contracts
New unfair contract term protections in the Australian Consumer Law were extended to apply to standard form business-to-business contracts for the supply of goods and services where at least one of the parties is a small business which employs less than 20 people and the upfront price payable under the contract is no more than $300,000 (or $1 million if the contract is for more than 12 months).
|
|
19 October 2016 - Privacy Amendment (Notifiable Data Breaches) Bill 2016
The Privacy Amendment (Notifiable Data Breaches) Bill 2016 (Cth) was introduced into the Australian Parliament which imposes mandatory data breach notification obligations on organisations regulated under the Privacy Act 1988 (Cth) requiring them to notify affected individuals and the Privacy Commissioner as soon as practicable after becoming aware of a data breach where there is a likely risk of the affected individuals suffering serious harm.
|
|
8 September 2016 - EU Court finds hyperlinks breach copyrightThe highest court in the European Union has held that a person infringes the copyright in a copyright protected work where in the pursuit of financial gain the person posts a hyperlink to the work which is freely (although illegally) available on another website without the consent of the copyright owner unless the person can establish that the person did not know and could not reasonably have known the illegal nature of the publication of the work on the other website.
|
|
24 August 2016 - Privacy Commissioner releases Final Report on Ashley Madison Data BreachThe Office of the Australian Information Commissioner released its final report on the data breach involving the public disclosure of 36 million Ashley Madison user profiles which identifies a number of breaches of the Australian Privacy Principles and sets out legally binding steps which Ashley Madison must take to protect the privacy of users' personal information including enhancing privacy safeguards, amending information retention practices, improving information accuracy and increasing information handling transparency.
|
|
13 July 2016 - Privacy Commissioner releases Coles' flybuys and Woolworths Rewards Privacy Reportshe Office of the Australian Information Commissioner released privacy assessment reports on Coles' flybuys and Woolworths' Rewards loyalty programs which consider whether personal information being collected through the programs is being handled transparently in accordance with the Privacy Act 1988 (Cth) and contain recommendations in respect of the handling of personal information for the purposes of the programs.
|
|
28 June 2016 - Victorian Protective Data Security Frameworkhe Victorian Commissioner for Privacy and Data Protection released the Victorian Protective Data Security Framework under the Privacy and Data Protection Act 2014 (Vic) which sets out minimum security measures which are required to be implemented by Victorian public sector agencies and bodies to protect Victorian government information.
|
|
11 May 2016 - Privacy Commissioner releases Consultation Draft Big Data GuideThe Office of the Australian Information Commissioner released a draft big data guide which provides guidance on how the Australian Privacy Principles apply to big data to facilitate big data activities by organisations whilst protecting personal information.
|
|
11 April 2016 - Privacy Commissioner releases Draft Data Breach Response PlanThe Office of the Australian Information Commissioner released a guide to assist organisations to develop a data breach response plan which covers the data breach response team, data breach response actions, escalation paths, critical decision points and key communications steps.
|
|
21 March 2016 - ASIC releases Regulating Digital Financial Product Advice Consultation PaperThe Australian Securities and Investments Commission released a consultation paper seeking comments on proposals for regulating the provision of digital financial advice (also known as "robo-advice" or "automated advice") which involves the provision of automated financial product advice using algorithms and technology without the direct involvement of a human adviser.
|
|
10 February 2016 - ACMA releases The Connected Citizen Occasional PaperThe Australian Communications and Media Authority released an occasional paper which discusses making the citizen a central consideration in the regulation of the communications and media environment in the context of recent international and Australian regulatory developments.
|
|
18 January 2016 - ACCC investigates Unfair Consumer Broadband Agreement TermIn response to a consumer complaint the Australian Competition and Consumer Commission investigated a clause in Exetel's consumer broadband agreement which allowed Exetel to vary any part of the agreement for any reason and the investigation concluded that the clause was an unfair contract term which was likely to contravene the Australian Consumer Law on the basis that it allowed Exetel to unilaterally vary the agreement for any reason.
|
