Enhanced privacy protections proposed for Australians

In response to the Privacy Act Review Report, the government has accepted a series of proposals to improve Australians' privacy and personal information.

The federal government has agreed to 38 of the Privacy Act Review Report's 116 recommendations, agreed in-principle to 68 where more engagement will be undertaken before a final decision, and noted 10.

 AGREED CHANGES

* Journalism will remain exempt from the Privacy Act.

* Researchers can rely on "broad consent" because obtaining "specific" consent from individuals while conducting research can be difficult.  

* The Privacy Act is about protecting personal information.

AGREED IN-PRINCIPLE

* Australians should have a right to have their data erased, although any new laws would not override existing requirements, such as the retention of identification records or criminal records.

* Targeted marketing based on sensitive information should be banned unless it is socially beneficial.

* Australians should be able to opt out of having their personal information used or disclosed for direct marketing.

* Entities are prohibited from directly marketing towards children or trading their personal information.

* Children's best interests must be considered when their personal information is handled, in accordance with a children's online privacy code. 

* Small businesses should lose their exemption to obligations on large corporations under the Privacy Act.

* Small businesses need to invest in keeping personal information secure and notify consumers in the event of a data breach.

* Search engines should remove results linked to a person's name on limited grounds. 

NOTED

* Exemptions under the Privacy Act should be narrowed for politicians. 

* Entities should take reasonable steps to protect de-identified information.