![Default Article Featured Image_laptop-newspaper-global-article-090623[95].jpg](https://images.contentstack.io/v3/assets/bltd4dd5b2d705252bc/blt61f52659e86e1227/64ff207a8606a815d1c86182/laptop-newspaper-global-article-090623[95].jpg?width=3840&quality=75&format=pjpg&auto=webp)
Privacy news this week has been all about wrapping up legislative developments and top media stories, mainly around high-profile data breaches. In this final letter for 2014, having prematurely already covered my top picks from 2014 last week, I would like to say a few things about what to expect in 2015. Looking into my privacy crystal ball, here are my five predictions for local privacy trends next year.
Prediction 1: More Registrations of APP codes
Australia’s privacy laws give a significant role to enforceable industry codes. This month, the Association of Market & Social Research Organisations’ new privacy code, the Privacy (Market and Social Research) Code 2014, has become the first and only registered privacy code under the Australian Privacy Principles, following the Australian Office of the Privacy Commissioner’s registration. Expect to see more APP codes registered in 2015.
Prediction 2: Implementation of Mandatory Telco Data Retention Laws
The proposed law has been controversial since it was first proposed due to opposition from both ISPs and the public concerned about the costs and privacy implications. The bill has been sent to the Parliamentary Joint Committee on Intelligence and Security for review and public inquiry, with a report expected in February. Putting aside the technicalities of drafting definitions, exceptions and limitations, I will be surprised if a version of this bill does not get through next year.
Prediction 3: Mandatory Data Breach Notifications On-Again or Off-Again?
Data breach notification laws, which would require companies to notify the regulator of a data breach, were proposed by the last Labor government but never enacted. Labor Sen. Lisa Singh has since reintroduced the legislation to Parliament. It is not clear what the bill's prospects are for successful passage. The Coalition has not previously expressed support for the bill in its current form. Nevertheless, it has been reported that the Coalition does support mandatory data breach notification as a matter of principle.
I think that the debate will be on-again in the not too distant future. The rise in privacy complaints to the regulator’s office, growing big data capabilities and other industry recommendations such as the federal government's Financial System Inquiry, which unequivocally backs “mandatory data breach notifications to affected individuals and the Australian Government agency with relevant responsibility under privacy laws,” all point to the issue creeping back into the spotlight.
Prediction 4: Increased Focus on Mobile/App Privacy Compliance
This is not rocket science: If regulators warn you that their office is focused on privacy compliance in respect of apps and the mobile environment, then we should take that on notice! Just last week, Australian Privacy Commissioner Timothy Pilgrim said that making links to privacy policies mandatory would improve transparency and trust with customers in this space.
Prediction 5: Big Data, Best Practice, Big Concerns!
Just like cloud computing and the implications for data security, integrity and overall privacy compliance was a sexy topic in the last decade—we now have a new beauty queen called “Big Data.” All the same concerns are being raised as to how privacy laws can possibly cope with the constantly innovating, evolving and changing world of big data technology and analytics.
As more and more big data projects take off in 2015, there will be a focus on best-practice guidelines as a way to supplement the application of privacy laws, especially around consent models and more global engagement with partners including the EU, APEC and the OECD, to ensure “interoperable global privacy frameworks.”