Last month, the "Australian Privacy Principles" came into effect in Australia – the most significant changes to our privacy laws in over a decade.

These principles deal with the way in which businesses handle, use and store personal information that it has collected during the course of its operations. With serious fines for businesses who do not comply with the new laws, it is important to be aware of your obligations.

Who Is Affected?

The law applies to any business that handles "personal information" and has a turnover of over $3 million. The laws will also apply to businesses who generate less than $3 million but who "trade in personal information".

Personal information is information that identifies (or could reasonably identify) an individual. Personal information includes names, addresses and telephone numbers which are often collected by businesses for a number of purposes. If you have en enquiry form on your website, you are collecting personal information.

"Trading in person information" occurs when a business collects from or discloses to a third party personal information for a benefit, service or advantage. Some examples of trading in personal information include:

Purchasing a mailing list from a third party without the consent of individuals on the list Sharing customer details with third parties for commercial benefit Commercial benefit does not always involve money changing hands. If you are using personal information collected from one business you own to promote or cross-sell the products or services of another business you own, this is still likely to be considered a "commercial benefit".

How to Comply?

If you fall under the ambit of the laws, you must review and ensure that your business is complying with the Australian Privacy Principles. For most businesses who have a web presence and are collecting personal information from their website, it is important to make sure that you have an up-to-date privacy policy and that this policy addresses the requirements of the new laws. You are also required to have systems in place that ensure that your organisation is complying with its obligations under the new laws.

Failure to comply will attract fines of up to $1.7 million for companies and fines of up to $340k for sole traders and other entities.

Disclaimer: Remember that Optimising are good at online marketing, not law! The content in this post is of a general nature and for informational purposes. It is not intended to, nor does it, provide legal advice of any kind.