Skip to content   Skip to footer navigation 

Submission to the Privacy Act Review

March 2023


Australia's privacy laws are stuck in the 1980s, when consumer data collected by businesses was often limited to home phone numbers and home addresses. Now with highly advanced digital technology becoming more common, businesses are collecting more data – from email addresses and IP addresses to shopping behaviour, browsing history, and even biometric datalike facial features and genetic code.

The Privacy Act Review is a chance to reset this power imbalance to create a fairer and safer system. Modernising Australia's privacy laws will make them more fit-for-purpose in an increasingly digital world, and create an even playing field between consumers and businesses. In this Review, CHOICE has identified three key priority areas to make a fairer market possible:

  1. Establish a "fair and reasonable" test for data collection. This strengthened definition will require businesses to only collect and use data for the purpose of providing consumers with a good or service, and remove unneeded data in a timely manner.
  2. A broader definition of "personal information". A broader definition of personal information which includes information that "relates to" an individual will ensure the privacy framework is relevant in today's digital environment.
  3. Ensure people have stronger consumer protections from all businesses and harmful emerging practices. Urgent regulation of emerging harms including automated decision-making ('ADM') and facial recognition is needed to protect people from harm. The small business exemption should also be removed to ensure people have consistent protections.

Download submission (PDF)

Related content

Stock images: Getty, unless otherwise stated.