Never miss a Privacy update
Subscribe to receive the latest insights and Privacy Reform related events.
Almost a year after the Government announced that it agreed or agreed in-principle with 106 of the 116 recommended reforms in the Attorney-General’s Department Privacy Act Review Report 20221, A ‘Tranche 1’ Bill has been introduced to address a suite of those recommendations. Many of the proposed reforms have however been deferred, with a draft of Tranche 2 to be developed for further consultation at a later stage.
For our detailed commentary on the Tranche 1 Bill, see here.
Together, the reforms in Tranche 1 and especially Tranche 2 (if it proceeds) represent be the most significant changes to Australian privacy law since the 2014 reforms which introduced the Australian Privacy Principles (APPs).
Proposed changes include measures to expand the scope of the Act, stricter consent and notice rules, a broader ‘fairness’ standard, increased rights and new avenues of claim for individuals, enhanced regulatory enforcement tools, mandated privacy impact assessments, and more prescriptive rules in respect of data security, data breaches and data retention.
We will continue to share updates on the progress of Tranches 1 and 2. In the meantime, with increased penalties, regulatory enforcement and public scrutiny surrounding privacy and data security, it is more important than ever for entities to ensure they are complying with the current requirements of the Privacy Act, as well as anticipating the changes to come.
This article was originally published on 31 July 2024 and updated on 13 September 2024.
While the implications of the privacy reforms will only be fully known once enacted and supported by OAIC guidance, the scale of the reforms means it is important for entities to strategically approach the program of work needed for compliance.
With a deep bench strength of privacy experts and cross-practice expertise in multiple jurisdictions, we offer a holistic approach to support your privacy and data protection compliance program.
We can leverage our experience supporting clients with the implementation of other data and consumer protection regimes in Australia and overseas to help you anticipate and prepare for the changes ahead, including through readiness assessments, repapering and review of policies, procedures, consents, contracts and privacy impact assessments.
This article was originally published on 31 July 2024 and updated on 13 September 2024.
Market leading data and privacy experts
Special Counsel, Melbourne
Partner, Melbourne
Partner, Head of TMT, Asia, Singapore
Partner, Melbourne
Partner, Head of Technology, Media and Telecommunications Sector, Sydney
Partner, Melbourne
Partner, Head of Technology, Media and Telecommunications, Asia and Australia, Brisbane
The contents of this publication are for reference purposes only and may not be current as at the date of accessing this publication. They do not constitute legal advice and should not be relied upon as such. Specific legal advice about your specific circumstances should always be sought separately before taking any action based on this publication.
© Herbert Smith Freehills Kramer 2026
Receive timely insights and briefings from HSF Kramer, tailored to keep you informed and ahead