Editor's note: The IAPP is policy neutral. We publish contributed opinion and analysis pieces to enable our members to hear a broad spectrum of views in our domains.
This week in the Australian marketplace, the eSafety Commissioner launched its social media age restrictions hub, following the November 2024 passage of the Online Safety Amendment, which bars children under age 16 from accessing social media platforms and requires platform operators to incorporate age verification systems into their services.
The hub reads, "The Australian Government is protecting young Australians at a critical stage of their development, through world-first social media age restrictions taking effect on 10 December." It goes on to highlight: "It's not a ban, it's a delay to having accounts. Age-restricted platforms won't be allowed to let under-16s create or keep an account. That's because being logged into an account increases the likelihood that they'll be exposed to pressures and risks that can be hard to deal with. These come from social media platform design features that encourage them to spend more time on screens, while also serving up content that can harm their health and wellbeing."
The legislation and enforcement of the social media ban comes as a first salvo from the federal government, which has also tasked the Office of the Australian Information Commissioner with drafting a complementary Children's Online Privacy Code, which will put children at the center of privacy protections in Australia, leveraging insights from international counterparts.
The code will specify how online services accessed by children must comply with the Australian Privacy Principles and may impose additional requirements consistent with the existing principles.
This code won't come into effect until December 2026, which is only a year away now, and a year has already gone by since the legislation passed. A consultation phase will begin in early 2026. The IAPP will be following and providing both content and community to help foster discussions and debate, and to gain understanding and perspective on these critical issues.
While all this has been playing out, the Qantas data breach has been hitting front pages across Australia again in recent weeks as hackers demanded ransom and then published customer data to the dark web when the company appeared to refuse to pay. It's a reminder that all organizations continue to face difficulty balancing the demands of a global threat presence while also prioritizing customers' privacy and security.
If you or your organization are not active members of the IAPP community across the Asia-Pacific and Australia and New Zealand regions, I'd welcome and encourage you to join and take an active interest. It's a brilliant cohort and can only serve to uplift individual and organizational understanding, empathy, presence and readiness.
Adam Ford is the managing director, Australia, New Zealand, for the IAPP.
This article originally appeared in the Asia-Pacific Dashboard Digest, a free weekly IAPP newsletter. Subscriptions to this and other IAPP newsletters can be found here.