In response to the Privacy Act Review Report, the government has accepted a series of proposals to improve Australians' privacy and personal information.
The federal government has agreed to 38 of the Privacy Act Review Report's 116 recommendations, agreed in-principle to 68 where more engagement will be undertaken before a final decision, and noted 10.
AGREED CHANGES
* Journalism will remain exempt from the Privacy Act.
* Researchers can rely on "broad consent" because obtaining "specific" consent from individuals while conducting research can be difficult.
* The Privacy Act is about protecting personal information.
AGREED IN-PRINCIPLE
* Australians should have a right to have their data erased, although any new laws would not override existing requirements, such as the retention of identification records or criminal records.
* Targeted marketing based on sensitive information should be banned unless it is socially beneficial.
* Australians should be able to opt out of having their personal information used or disclosed for direct marketing.
* Entities are prohibited from directly marketing towards children or trading their personal information.
* Children's best interests must be considered when their personal information is handled, in accordance with a children's online privacy code.
* Small businesses should lose their exemption to obligations on large corporations under the Privacy Act.
* Small businesses need to invest in keeping personal information secure and notify consumers in the event of a data breach.
* Search engines should remove results linked to a person's name on limited grounds.
NOTED
* Exemptions under the Privacy Act should be narrowed for politicians.
* Entities should take reasonable steps to protect de-identified information.