Expert
Legal
Knowledge
"Lawyers who enjoy keeping up to date with the latest legal and regulatory developments"
|
11 February 2020 - Information Commissioner Releases Health Service Providers' Data Breach Action PlanThe Office of the Australian Information Commissioner released a Data Breach Action Plan for health service providers which contains a four step process for managing a data breach involving steps for containing the breach, assessing risks associated with the breach, contacting relevant parties and minimising the likelihood and effects of future data breaches.
|
|
21 January 2020 - Federal Court Finds Trivago Breached Australian Consumer LawThe Federal Court found that Trivago breached the Australian Consumer Law by making misleading representations about hotel room rates which misled consumers into believing that its website would help users to quickly and easily identify the cheapest rates available for a given hotel when in fact Trivago used an algorithm to display hotel room rate rankings which placed significant weight on which online hotel booking sites were willing to pay Trivago the most.
|
|
17 December 2019 - ACMA Issues $12,600 Infringement Notice to ExetelInternet service provider Exetel has paid $12,600 in respect of an infringement notice issued by the Australian Communications and Media Authority (ACMA) for failing to lodge complaint reports by the due date in accordance with the Telecommunications (Consumer Complaints) Record-Keeping Rules 2018 which require specified telecommunications service providers to report complaint information quarterly to ACMA.
|
|
13 November 2019 - ASIC Releases Whistleblower Policies Regulatory GuideThe Australian Securities and Investments Commission released a Whistleblower Policies Regulatory Guide to assist public companies, large proprietary companies and proprietary companies that are trustees of registrable superannuation entities to meet the legal requirement that they make available to their officers and employees by no later than 1 January 2020 a whistleblower policy which deals with specified matters.
|
|
17 October 2019 - Information Commissioner Releases Draft Consumer Data Right Privacy Safeguard GuidelinesThe Office of the Australian Information Commissioner released for public comment draft Consumer Data Right (CDR) Privacy Safeguard Guidelines which are intended to assist organisations to understand their obligations under the new CDR framework and outline how the Information Commissioner will interpret and apply the privacy safeguards contained in Part IVD of the Competition and Consumer Act 2010 (Cth).
|
|
5 September 2019 - ACCC Releases Draft Customer Loyalty Schemes ReportThe Australian Competition and Consumer Commission (ACCC) released for public comment a draft report on Customer Loyalty Schemes which is intended to put loyalty scheme operators on notice in respect of future enforcement action by the ACCC that they must ensure that they comply with the Australian Consumer Law including by avoiding statements that are incorrect or likely to create a false impression and avoiding unfair contract terms.
|
|
30 August 2019 - ACCC Issues Intellectual Property GuidelinesThe Australian Competition and Consumer Commission issued guidelines on its approach to the enforcement of intellectual property rights where specified types of intellectual property related conduct will no longer be exempt from prohibitions on cartel conduct, anti-competitive agreements and exclusive dealing
as a result of the repeal of the intellectual property exemption contained in the Competition and Consumer Act 2010 (Cth). |
|
26 July 2019 - ACCC Releases Digital Platforms Inquiry Final ReportThe Australian Competition and Consumer Commission released the final report for its Digital Platforms Inquiry which contains a number of recommendations covering competition law, consumer protection, media regulation and privacy for the purpose of addressing the dominance of Google, Facebook and other digital platforms and their impact on Australia's economy, media and society.
|
|
26 June 2019 - Sumo Power Pays $46,200 Telemarketing Infringement NoticeSumo Power, an electricity, gas and internet provider, has paid a $46,200 infringement notice issued by the Australian Communications and Media Authority for failing to produce evidence that it had obtained consent to make telemarketing calls to telephone numbers registered on the Do Not Call Register.
|
|
27 May 2019 - ACMA Issues Telstra Formal Warning for Mobile Phone Base Station DeploymentThe Australian Communications and Media Authority issued a formal warning to Telstra for failing to comply with the Mobile Phone Base Station Deployment Industry Code by not complying with its consultation plan, not sending a letter containing specified information to all interested and affected parties and not acknowledging a complaint within the required timeframe.
|
|
9 April 2019 - ACMA Institutes Legal Proceedings Against Solar TelemarketerThe Australian Media and Communications Authority instituted legal proceedings against Balaska Pty Ltd being a solar business and V Marketing Pty Ltd being a call centre alleging that V Marketing
Pty Ltd made telemarketing calls to numbers on the Do Not Call Register at the request of Balaska Pty Ltd in breach of the Do Not Call Register Act 2006 (Cth). |
|
29 March 2019 - ACCC Releases Draft Consumer Data Right RulesThe Australian Competition and Consumer Commission released for public comment draft rules for the Consumer Data Right which will initially allow individuals to obtain access to their banking data and have it transferred to other service providers in the banking sector, for example, providers of comparison services or financial advice.
|
|
13 February 2019 - Consumer Data Right Bill 2019The Australian Prudential Regulation Authority (APRA) released an information security standard which aims to ensure that APRA-regulated entities take measures to make them resilient to cyber attacks by requiring them to clearly define information-security related roles and responsibilities, maintain an information security capability commensurate with the size and extent of threats to their information assets, implement controls to protect their information assets commensurate with the criticality and sensitivity of those assets and notify APRA of material information security incidents.
|
|
15 January 2019 - ACMA Issues Infringement Notices of $8,400 for telemarketingThe Australian Communications and Media Authority issued infringement notices of $8,400 to Primus Telecommunications Pty Ltd and iSelect LImited and a formal warning to Dodo Services Pty Ltd for making telemarketing calls to consumers after they had withdrawn their consent where their telephone numbers were listed on the Do Not Call Register.
|
|
10 December 2018 - ACCC Releases Digital Platforms Inquiry Preliminary ReportThe Australian Competition and Consumer Commission (ACCC) released the preliminary report of its inquiry into the impact of Google, Facebook and other online search engines, social media and digital aggregators on competition which contains the ACCC's preliminary recommendations to address its concerns regarding the substantial market power held by Google and Facebook and the extent to which consumers' data is collected and used to enable targeted advertising.
|
|
7 November 2018 - APRA Releases Cyber Attacks Information Security StandardThe Australian Prudential Regulation Authority (APRA) released an information security standard which aims to ensure that APRA-regulated entities take measures to make them resilient to cyber attacks by requiring them to clearly define information-security related roles and responsibilities, maintain an information security capability commensurate with the size and extent of threats to their information assets, implement controls to protect their information assets commensurate with the criticality and sensitivity of those assets and notify APRA of material information security incidents.
|
|
2 October 2018 - Federal Court Imposes Penalties of $3.5 Million on EquifaxThe Federal Court has ordered Equifax (formerly VEDA) to pay penalties of $3.5 million for engaging in misleading and deceptive conduct and unconscionable conduct as a result of its representatives making false and misleading representations to consumers in phone calls by telling them that its paid credit reports were more comprehensive than the free reports which Equifax was required to provide to consumers under the Privacy Act 1988 (Cth) when the reports actually contained the same information.
|
|
26 September 2018 - Fitness First Penalised for Excessive Payment SurchargeFitness First Australia Pty Ltd was required to pay a penalty of $12,600 for imposing a fifty cent flat fee surcharge of about 1.09% for the processing of a $46 fortnightly membership payment using MasterCard debit payment after the Australian Competition and Consumer Commission issued it with an infringement notice for breach of the excessive payment surcharge provisions contained in the Competition and Consumer Act 2010 (Cth) as its actual costs of processing the MasterCard debit payment were only 0.81%.
|
|
16 August 2018 - Enhancing Online Safety (Non-consensual Sharing of Intimate Images) Bill 2018The Enhancing Online Safety (Non-consensual Sharing of Intimate Images) Bill 2018 (Cth) passed the House of Representatives making a person who posts online an intimate image of another person without consent, or who refuses to remove such an intimate image in accordance with a removal notice, liable to a civil penalty and a person who uses a telecommunications service to transmit such an intimate image liable to a criminal penalty.
|
|
31 July 2018 - Information Commissioner Releases Second Notifiable Data Breaches Quarterly ReportThe Office of the Australian Information Commissioner released its second quarterly report under the Notifiable Data Breaches scheme advising that 242 data breach notifications had been reported in the period from 1 April to 30 June and that the main causes of these data breaches were malicious or criminal attacks (142 notifications mostly involving compromised credentials) and human error (88 notifications mostly involving sending emails containing personal information to the wrong recipient).
|
|
15 June 2018 - $1.95 Million Penalty for Australian Consumer Law Domain Name BreachDomain Corp Pty Ltd and Domain Name Agency Pty Ltd were ordered to pay $1.95 million in penalties for breaching the Australian Consumer Law by making false and misleading representations and engaging in misleading and deceptive conduct as a result of the companies sending out approximately 300,000 unsolicited notices to organisations which looked like domain name renewal notices but were actually notices for registration of new domain names for which approximately $2.3 million was paid by organisations.
|
|
25 May 2018 - EU General Data Protection Regulation (GDPR) commencesThe European Union's General Data Protection Regulation commenced which applies to all organisations operating within the EU and organisations in Australia and other countries outside the EU but which offer goods or services to persons in the EU and imposes fines up to the greater of 20 million euros and 4% of an organisation's total worldwide annual turnover for non-compliance with its data protection provisions.
|
|
11 April 2018 - Information Commissioner Releases Notifiable Data Breaches Quarterly ReportThe Office of the Australian Information Commissioner released its first quarterly report under the Notifiable Data Breaches scheme which stated that 63 data breach notifications had been reported under the scheme and that 51% of these notifications were attributed to human error, 44% of these notifications were attributed to malicious or criminal attack and 3% of these notifications were attributed to system faults.
|
|
22 March 2018 - ACMA fines Allied Construction and Roofing Pty Ltd $21,600 for calling numbers on Do Not Call RegisterThe Australian Communications and Media Authority fined solar power business Allied Construction and Roofing Pty Ltd $21,600 for calling numbers on the Do Not Call Register without consent and accepted a court enforceable undertaking from the company detailing its commitment to comply with the telemarketing rules under the Do Not Call Register Act 2006 (Cth).
|
|
22 February 2018 - Notifiable Data Breaches Scheme CommencesOrganisations subject to the Australian Privacy Principles contained in the Privacy Act 1988 (Cth) must commence notifying affected persons of specified data breaches under the new Notifiable Data Breaches (NDB) scheme where the data breach involves unauthorised accessing or releasing of personal information or the loss of personal information likely to be accessed or released without authorisation in circumstances which are likely to result in a person suffering serious financial harm or harm to the person's mental or physical well-being.
|
|
24 January 2018 - ACCC releases Payment Surcharges GuideThe Australian Competition and Consumer Commission released a guide to assist businesses to comply with the new ban under the Competition and Consumer Amendment (Payment Surcharges) Act 2016 (Cth) which prohibits the charging of payment surcharges that are more than the actual cost of accepting the payment method which includes typical card payment methods such as Eftpos, MasterCard, Visa and American Express.
|
|
15 December 2017 - Information Commssioner releases Notifiable Data Breaches Scheme ResourcesThe Office of the Australian Information Commissioner released resources to assist organisations subject to the Australian Privacy Principles to comply with their obligations under the Notifiable Data Breaches scheme established by the Privacy Amendment (Notifiable Data Breaches) Act 2017 (Cth) which requires that they notify individuals whose personal information is involved in a data breach that is likely to result in serious harm.
|
|
3 November 2017 - ACMA fines TPG $360,000 for breaching Spam Act 2003The Australian Communications and Media Authority fined TPG Internet Pty Limited $360,000 under the Spam Act 2003 (Cth) for not properly processing unsubscribe requests from consumers who had unsubscribed from receiving commercial electronic messages from it but continued receiving such messages.
|
|
4 October 2017 - ACMA issues ValueAd Marketing Formal Warning for breaching Spam Act 2003The Australian Communications and Media Authority issued a formal warning to ValueAd Marketing Pty Ltd for breaching the Spam Act 2003 (Cth) by sending almost 25,000 commercial SMS messages to promote product sampling / testing and mystery shopping opportunities where the messages did not include its contact details so that recipients could readily contact it.
|
|
15 September 2017 - Telecommunications Sector Security ReformsThe Telecommunications and Other Legislation Amendment Bill 2016 (Cth) was passed by both Houses of Parliament with the intent of significantly enhancing the security of critical telecommunications infrastructure by requiring telecommunications carriers and carriage service providers to do their best to manage risks to ensure the availability and integrity of their networks and facilities and to protect the confidentiality of information stored on and carried across their networks and facilities.
|
|
25 August 2017 - Victorian Government releases Cyber Security StrategyThe Victorian Government released its Cyber Security Strategy which is intended to ensure secure and resilient government information, services and infrastructure by developing and implementing cyber security capabilities to preserve and improve the protection of sensitive citizen and other data, resilience of government services, systems and infrastructure to cyber threats, protection and security of new digital services for citizens, coordination of its response to infrastructure threats, and security and viability of its core infrastructure.
|
|
12 July 2017 - ACMA fines Upside.Digital $39,600 for breaching Spam Act 2003The Australian Communications and Media Authority fined Upside.Digital $39,600 under the Spam Act 2003 (Cth) for sending a significant number of marketing emails on behalf of its clients which did not clearly contain each client's name and contact details and for being unable to demonstrate how it had obtained consent to send emails on behalf of its clients through other third party marketers which sent the emails to their own customer databases.
|
|
13 June 2017 - ACCC issues Infringement Notice to Sprint TelcoThe Australian Competition and Consumer Commission issued an infringement notice to telecommunications service provider Sprint Telco Pty Ltd for making false or misleading representations to a consumer during a telemarketing call in which it alleged that it was acting as Telstra's agent or with Telstra's approval when it transferred the consumer to it from Telstra.
|
|
9 May 2017 - IP Australia releases IP Commercialisation GuideIP Australia released a guide to assist startups and small businesses with their commercialisation steps involving understanding commercialisation, sourcing and protecting your idea, IP background due diligence, commercialisation vehicle options, business structures, funding your idea and finalising your commercialisation plan.
|
|
13 April 2017 - Review of Access to Telecommunications Data
The Australian Government has completed a review into whether civil litigants should be granted access to data retained by telecommunications service providers solely for the purpose of the data retention scheme and concluded that there is insufficient evidence to allow civil litigants to access such data although they will still be able to access data that is not retained by providers solely for the purpose of the data retention scheme.
|
|
1 March 2017 - Revised Code for Handling Life Threatening and Unwelcome CommunicationsThe revised Handling of Life Threatening and Unwelcome Communications Code developed by Communications Alliance and its members came into effect which establishes standard procedures for the handling by telecommunications industry suppliers of communications in life-threatening situations and unwelcome communications to helplines.
|
|
13 February 2017 - Mandatory Data Breach Notification Laws passedMandatory data breach notification laws will soon commence in Australia after the Privacy Amendment (Notifiable Data Breaches) Bill 2016 (Cth) was passed by the Senate which imposes mandatory data breach notification obligations on organisations regulated under the Privacy Act 1988 (Cth) by requiring them to notify the Privacy Commissioner and affected individuals as soon as practicable after becoming aware of a data breach where there is a likely risk of the affected individuals suffering serious harm.
|
|
19 January 2017 - Definition of "Personal Information" considered by Full Federal CourtIn Privacy Commissioner v Telstra Corporation Limited the Full Federal Court held that the words "about an individual" contained in the then definition of "personal information" in the Privacy Act 1988 (Cth) require that an individual needs to be the subject of the information or opinion (which can have multiple subject matters) and that in every case it is necessary that an item of information or opinion, individually or in combination with other items, is about an individual in order for the item to fall within the definition of "personal information".
|
|
15 December 2016 - ISPs ordered to block access to pirate websitesIn Roadshow Films Pty Ltd v Telstra Corporation Ltd Justice Nicholas of the Federal Court made orders pursuant to section 115A of the Copyright Act 1968 (Cth) requiring that Telstra, Optus, M2, TPG and several other internet service providers block access to a number of overseas piracy websites that infringe or facilitate copyright infringement including The Pirate Bay, Torrentz, TorrentHound and IsoHunt websites.
|
|
12 November 2016 - Unfair Contract Terms in Small Business Contracts
New unfair contract term protections in the Australian Consumer Law were extended to apply to standard form business-to-business contracts for the supply of goods and services where at least one of the parties is a small business which employs less than 20 people and the upfront price payable under the contract is no more than $300,000 (or $1 million if the contract is for more than 12 months).
|
|
19 October 2016 - Privacy Amendment (Notifiable Data Breaches) Bill 2016
The Privacy Amendment (Notifiable Data Breaches) Bill 2016 (Cth) was introduced into the Australian Parliament which imposes mandatory data breach notification obligations on organisations regulated under the Privacy Act 1988 (Cth) requiring them to notify affected individuals and the Privacy Commissioner as soon as practicable after becoming aware of a data breach where there is a likely risk of the affected individuals suffering serious harm.
|
|
8 September 2016 - EU Court finds hyperlinks breach copyrightThe highest court in the European Union has held that a person infringes the copyright in a copyright protected work where in the pursuit of financial gain the person posts a hyperlink to the work which is freely (although illegally) available on another website without the consent of the copyright owner unless the person can establish that the person did not know and could not reasonably have known the illegal nature of the publication of the work on the other website.
|
|
25 August 2016 - Privacy Commissioner releases Final Report on Ashley Madison Data BreachThe Office of the Australian Information Commissioner released its final report on the data breach involving the public disclosure of 36 million Ashley Madison user profiles which identifies a number of breaches of the Australian Privacy Principles and sets out legally binding steps which Ashley Madison must take to protect the privacy of users' personal information including enhancing privacy safeguards, amending information retention practices, improving information accuracy and increasing information handling transparency.
|
|
13 July 2016 - Privacy Commissioner releases Coles' flybuys and Woolworths Rewards Privacy ReportsThe Office of the Australian Information Commissioner released privacy assessment reports on Coles' flybuys and Woolworths' Rewards loyalty programs which consider whether personal information being collected through the programs is being handled transparently in accordance with the Privacy Act 1988 (Cth) and contain recommendations in respect of the handling of personal information for the purposes of the programs.
|
