Submission to the Attorney-General's Department on the Review of the Privacy Act

February 2022

Amy Pereira @AmyVPereira

CHOICE has made a submission to the Attorney-General's Department for the Review of the Privacy Act 1988 (Cth).

We support the introduction of reforms that place consumer needs at the fore, enabling them to better control and protect their data.

Too much emphasis has been placed on the obligations of the individual in how they manage and control their privacy in relation to an entity. While recognising that this approach has been adopted in the past, the Privacy Act Review should refocus on the needs of the collective. Individual consent as the primary means of controlling privacy should be replaced by organisational accountability where privacy-by-design is embedded into an entity's practices.

Disclosure of a harmful practice does not remove the harm. Notice and consent mechanisms, while useful, need to be supported by regulations where consumers are not put in a position where they must choose between accessing a product or service and forgoing their privacy or agency. Any reform to the Privacy Act needs to ensure that entities do no harm rather than set requirements for how a consumer can choose not to be harmed.

CHOICE's recommendations to the Review are underpinned by three desired outcomes. These are:

Recognition of the increasing value of data in the Australian economy.
Increased corporate responsibility where information asymmetries between consumers and entities are not exploited.
Well-resourced regulators that hold appropriate and relevant powers

Download submission (PDF)