?? New Privacy Protections for Australians?

Hello all, and happy Thursday!?

With the Privacy Act of 1988, Australia was among the first countries to implement data privacy legislation in the world. But it should come as no surprise that legislation from 1988 is a bit outdated.??

Over the years, the Privacy Act has received a few updates here and there, but it’s been consistently behind relative to more comprehensive data privacy regulations like the GDPR. After a recent review, the Australian government has introduced a new piece of legislation that will update the Privacy Act to bring it in line with modern data privacy regulations.??

The draft bill isn’t perfect and still doesn’t match many of the protections provided by EU or US laws, but it’s a start. Notably, the act introduces:?

• A tort for serious invasions of privacy?
• A children's privacy code applying to social media and internet services
• Tiered sanctions for data breaches
• Requirements to include details of automated decision-making in privacy policies
• Data breach declarations
• Equivalency standards for overseas transfers
• Criminal offense for doxxing?

However, the bill has only just been introduced in the Australian legislative process (which, candidly, I am not an expert on). It’s likely to go through additional changes, but if it passes, it’ll go a long way toward providing Australians with much-needed, modern privacy protections!?

Best,?

Arlo?

Highlights from Osano

New This Week...

Announcing Osano & Vanta’s New Partnership!?

We’re pleased to announce a new partnership between Osano and the Vanta trust management platform!?

Read more ?

In Case You Missed It...

The Privacy Insider Podcast, Episode 6: David, Goliath, and Data Privacy Part I: Max Schrems?

Hear from renowned Austrian privacy activist Max Schrems, as he chats with Arlo Gilbert about noyb and privacy rights.?

Listen here ?

When AI meets PI: Assessing and Governing AI from a Privacy Perspective?

How can privacy teams be proactive in AI governance? Find out by watching the on-demand webinar.?

Watch the recording ?

Upcoming Webinars and Events

Join us at Privacy. Security. Risk. 2024 for the O-Mazing Race?

Win prizes at Booth #334 at this year’s P.S.R. conference!?

September 22nd-24th | Grab a time to meet us ?

Why Privacy Is Your Secret Weapon against Third-party Risk?

October 8th | Save your seat ?

The Privacy Pro Survival Summit?

Join us for a one-day, virtual event designed to help privacy professionals survive and thrive in the world of data privacy.?

October 22nd | Save your seat ?

Top Privacy Stories of the Week

Instagram Rolls Out Teen Accounts with Privacy, Parental Controls as Scrutiny Mounts?

Meta Platforms is rolling out enhanced privacy and parental controls for Instagram accounts of users under 18 in a significant overhaul aimed at addressing growing concerns around the negative effects of social media. Meta will port all designated Instagram accounts automatically to "Teen Accounts,” which will be private accounts by default, the company said on Tuesday. The changes are in part a response to the US Senate’s advancement of the Kids Online Safety Act and the Children and Teens' Online Privacy Protection Act.?

Read more ?

Australia: Long Awaited Australian Privacy Reform Comes to Fruition?

The Australian Government has published a draft bill showing potential reforms in the Australian Privacy Act. Among other changes, the draft bill will introduce a tort for serious invasions of privacy, establish a children’s privacy code, require data breach declarations, and create tiered sanctions for data breaches.?

Read more ?

23andme Settles Data Breach Lawsuit for $30 Million?

23andMe will pay $30 million and provide three years of security monitoring to settle a lawsuit accusing the genetics testing company of failing to protect the privacy of 6.9 million customers whose personal information was exposed in a data breach last year. The accord also resolves accusations that 23andMe did not tell customers with Chinese and Ashkenazi Jewish ancestry that the hacker appeared to have specifically targeted them and posted their information for sale on the dark web.?

Read more ?

Your Data Act Queries Answered: The European Commission Publishes FAQs?

The Data Act establishes horizontal rules for accessing and sharing data from internet-of-things (IoT) products and related services across the EU’s data market. Since the Data Act interacts with the GDPR in many ways, the EU Commission recently published a list of FAQs that explain how the Data Act, GDPR, and other EU legislation intersect.?

Read more ?

California Privacy Protection Agency (CPPA) to Businesses: Avoid Dark Patterns?

On September 4, 2024, the California Privacy Protection Agency (CPPA) issued an?Enforcement Advisory?on the importance of avoiding dark patterns. The Enforcement Advisory highlights the CPPA’s focus on ensuring consumer autonomy and choice by advising businesses to “review and assess their user interfaces to ensure that they are offering symmetrical choices and using language that is easy for consumers to understand when offering privacy choices.”?

Read more ?

Like what you see in the Privacy Insider newsletter?

There's more to explore:

???The Privacy Insider Podcast

We go deeper into additional privacy topics with incredible guests monthly. Available on?Spotify ?or?Apple .

?? The Privacy Insider:?How to Embrace Data Privacy and Join the Next Wave of Trusted Brands

The book inspired by this newsletter: Osano CEO, Arlo Gilbert, covers the history of data privacy and how companies can start building a privacy program from the ground up. More details?here. ?

If you’re interested in working at Osano, check out our Careers page !?