2024 was a year of significant developments in the Australian privacy law landscape. The updates to the Privacy Act 1988 (Cth) (“Act“) resulting from the Privacy and Other Legislation Amendment Act 2024 (Cth) (“Amendment“) was a significant development of Australia’s legislative framework for privacy and data protection. Increased enforcement powers for the regulator and the introduction of new rights for data subjects makes privacy law a core organizational governance imperative for businesses heading into 2025.
In addition to the powers and regulatory role of the Office of the Australian Information Commissioner (OAIC), the Australian Competition and Consumer Commission (ACCC) has continued to address privacy and technology issues from both a consumer and a competition law perspective, highlighting the regulatory intersection between competition, consumer and privacy laws. The ACCC’s role in this space has been cemented through its pursuit of ACL enforcement actions arising from use and collection of personal information, its role in the long-running Digital Platforms Review, its appointment as the “Digital ID Regulator” (with the OAIC as a co-regulator for Digital IDs), and its potential role as the general regulator of the Scams Prevention Framework.
Although the privacy law developments in 2024 were significant, the prospect of the Tranche 2 reforms to the Act and the enactment of the Scams Prevention Framework on 21 February 2025 make this a space to watch closely.
A number of emerging trends in privacy law – including digital rights expansion and increased technological governance – are fuelled by regulatory developments relating to cybersecurity, AI and digital platforms. For our Year in Review summaries in relation to those areas of law, please see our further client alerts Cyber Security and AI.
Click here to read the full alert.
