Abstract
21st century businesses rely on leveraging consumer data to target consumers more accurately, customise services and learn more about the markets in which they operate. As the use of data in business has flourished, incidents of data breaches have also increased with criminal activity, and system and human errors all playing a role in the unintended or unauthorised release of consumer data. Recent increases in the prominence of data breaches have raised questions about the obligations to protect the consumer data at law. This article undertakes a practical and example-driven review of the Australian laws applicable to data protection – primarily, the Privacy Act 1988 (Cth). This article will also briefly touch on the provisions of the Consumer Data Right as an example of a comparative approach of mandating data protection. As Australian law currently stands, corporate data protection obligations are flexible and circumstance dependent, but do not impose prescriptive obligations.
Original language | English |
---|---|
Pages (from-to) | 749-765 |
Number of pages | 17 |
Journal | Australian Law Journal |
Volume | 97 |
Issue number | 10 |
Publication status | Published - Oct 2023 |
Keywords
- Privacy
- Data protection--Law and legislation
- Business enterprises
- Consumer protection
- State supervision
- Personal information management
- Companies
- Business
- Office of the Australian Information Commissioner