Archived Posts Lists

Australian Regulatory Compliance Review
Australian Technology and IP Business
Credit Union and Mutual Law
National Consumer Credit Reform
Personal Property Securities Australia
Longview Business Insights
Australian Private Health Insurers
Wills, Trusts, Super
Mutuals Resource Centre


Commonwealth legislation
Corporate Governance
Not-for-Profit links
Regulator Links

January 18, 2013

Privacy Act amendments: the effect on current exemptions

The Privacy Act amendments will take effect on 12 March 2014.

How will current exemptions be affected?

Small business exemption
Currently small businesses (with a turnover of $3 million or less) are exempt unless they are:

  • a health service provider
  • a trader in personal information
  • related to a larger business
  • a contractor with Commonwealth
  • a reporting entity under the AML/CTF Act
  • an operator of a residential tenancy database.

A small business can opt in.

The only change to that exemption is that small businesses will be bound by the CR (credit reporting) Code if they elect to participate in the credit reporting system.

Credit providers and credit reporting agencies that are small businesses will be required to comply with the Privacy Act.

Private Sector Employee records
Employee records directly related to a current or former employment relationship will continue to be exempt. But employment agencies and information about prospective employees will continue to be covered by the Privacy Act.

Spam Act and Do Not Call Register Act

APP 7.8 (direct marketing) provides that APP 7 will not apply if the Spam Act or the Do Not Call Register Act apply. These Acts contain specific provisions regarding a particular type of direct marketing or direct marketing by a particular technology.

But if these Acts do not apply then APP 7 will apply to organisations involved in direct marketing relating to electronic messages and other acts and practices not covered by these Acts.

The Spam Act generally applies to any unsolicited commercial electronic message (“spam”) with an Australian link.

The Privacy Act will apply to emails and other non-commercial electronic messages not covered by the Spam Act when it involves the use of “personal information‟.

The amendments could also therefore apply to non-message based online marketing including Twitter and pop up ads.

We will be discussing the effect of the amendments on financial service providers at our February seminars.

Print This Post Print This Post

Posted 18th January 2013 by David Jacobson in Do Not Call Register, Marketing, Privacy