AustLII Home | Databases | WorldLII | Search | Feedback

University of New South Wales Faculty of Law Research Series

Faculty of Law, UNSW
You are here:  AustLII >> Databases >> University of New South Wales Faculty of Law Research Series >> 2013 >> [2013] UNSWLRS 27

Database Search | Name Search | Recent Articles | Noteup | LawCite | Author Info | Download | Help

Waters, Nigel; Greenleaf, Graham --- "Australia's 2012 Privacy Act Revisions: Weaker Principles, More Powers" [2013] UNSWLRS 27

Last Updated: 18 April 2013

Australia's 2012 Privacy Act Revisions: Weaker Principles, More Powers

Nigel Waters, University of New South Wales

Graham Greenleaf, University of New South Wales

This paper is available for download at Available at


This paper was published in Privacy Laws & Business International Report, Issue 121, February 2013, 12-13. This paper may also be referenced as [2013] UNSWLRS 27.


The Australian Government’s Privacy Amendment (Enhancing Privacy Protection) Act 2012 was enacted on 29 November 2012 but will not commence until March 2014. It contains the first significant amendments to the Privacy Act 1988 since 2001. The whole process took nearly seven years since the Australian Law Reform Commission (ALRC) started work on its privacy reform reference. This article focusses on those aspects of the law which have been changed, for better or worse. We have previously analysed the deficiencies of the Bill in articles <> and submissions <> , and the Bill was enacted with none of those deficiencies removed.

The most positive aspect of the Amendment Act is the additional enforcement powers given to the Privacy Commissioner, including powers to direct remedial actions; power to make determinations following ‘own motion’ investigations; civil penalty provisions; powers to require Privacy Impact Assessments; and a new function to conduct ‘assessments’, replacing audit powers.

The addition of a right of appeal to the Administrative Appeals Tribunal against determinations by the Commissioner, while very desirable, do not deal directly with the key problem of the Act: complainants cannot require the Commissoner to make determinations when they are dissatisfied with mediation and disagree with the Commissioner’s view that a complaint has been successfully resolved.

Although one unified set of privacy principles in the Act is desirable, unfortunately none of the thirteen new Australian Privacy Principles (APPs) is an overall improvement, and 8 of the 13 APPs are worse for privacy protection. The most controversial new principle is APP 8, which abandons a ‘border protection’ approach in favour of ‘accountability’. The dangers of this approach are outlined.

Changes to the credit report and direct marketing are also outlined.

AustLII: Copyright Policy | Disclaimers | Privacy Policy | Feedback