As we in the Australian privacy ecosystem turn the page on a new financial year, reform and enforcement must surely be the themes for the coming year. The common statement that captures the mood is "hope for the best and prepare for the worst."
There has been a noticeable uptick in activity across the privacy professional landscape, with a major increase in hiring as both the public and private sector seek the skills and experience to understand and support forthcoming privacy reforms. While this has been playing out, there has also been a counter-cyclical effect with some businesses restructuring, experiencing layoffs and budget constraints — despite the coming winter of regulatory discontent. It can't be easy trying to balance the competing interests of the many stakeholders while seeking to keep customer trust and safety top of mind.
The Office of the Australian Information Commissioner has made numerous statements and overtures in recent months about its heightened enforcement stance moving forward. The OAIC highlights the need for adequate resources and support, with an upgraded Privacy Act, to give it the tools to operate in a digital global economy.
The Office of the eSafety Commissioner has also showed a much more active agenda, with a recent call for an enforceable code to help protect children from graphic pornography and other high impact content. Online industry bodies must present a preliminary draft of the codes to the eSafety Commissioner by 3 Oct., and then provide final codes for registration no later than 19 Dec. They must also hold a public consultation on the codes. The office published a position paper to assist industry with the development of the codes and to ensure there is a clear, shared understanding of its expectations of how industry should provide appropriate protections for children.
Adjacent to privacy and intrinsically linked, the Australian Communications and Media Authority released its 2024–25 compliance priorities, which include a strong focus on consumer protections in the telecommunications sector. With the essential nature of their services, ACMA Chair Nerida O'Loughlin said telcos are "front and center of this year's compliance priorities." She said the ACMA will conduct "an intelligence-gathering audit focusing on telco rules intended to help Australians experiencing family and domestic violence to stay safe and connected."
"We will also work with the telco industry as it reviews its own consumer-facing code of practice to make sure they deliver better services and outcomes for consumers, especially those in vulnerable circumstances," O'Loughlin said.
The ACMA will continue to prioritize scam prevention, focusing on disrupting scam networks impersonating messages from legitimate businesses and services.
"Scam texts are the highest reported way these criminal syndicates attempt to dupe people out of their money and personal information," she said. “While we have seen a reduction in financial losses from scams in recent times, it is vital that we continue with the concerted effort from industry, government and regulators to put these scammers out of business."
This week's digest sees me preparing to attend my first IAPP Asia Privacy Forum next week in Singapore. As it's been over 20 years since my last visit, I'm more than excited to see how the city has evolved into a modern metropolis and hub for business and the privacy community across the APAC region. I'm aware of many privacy professional colleagues who will be attending and am looking forward to meeting and getting to know so many more over the coming week. I'd encourage all those that will be attending to reach out to me directly, introduce yourself and let's build enduring bonds and friendships for the future.
Adam Ford is the managing director, Australia, New Zealand, at the IAPP.