Call 1800 POD LEGAL   

Will Your Website Privacy Policy Hold Up To Scrutiny?

As featured by

The Global Privacy Enforcement Network has initiated the first International Internet Privacy Sweep, attracting participation from 19 privacy enforcement authorities from around the world. Jamie White explains what this could mean for your business.

As part of the sweep, the Office of the Australian Information Commissioner (OAIC) has just conducted an internet sweep of the most used Australian websites. The theme for the sweep was Privacy Practice Transparency. The relevance of the word transparency is that it is an underlying principle of worldwide privacy laws.

Australian Privacy Commissioner Tim Pilgrim said that, “Organisations need to be open and transparent about how they collect, use and disclose personal information. A clear and easy to understand privacy policy is one way that organisations can assist people to exercise control over their own information. This is even more important in an online environment where personal information is sometimes used in ways that individuals may not expect.”

Pilgrim expressed his concern that privacy policies are often very difficult to understand and, in some cases, can be complex and confusing. He continued to say that the OAIC is interested to learn how the websites being assessed will withstand the scrutiny of the OAIC and whether they are simple, clear and easy to understand.

The websites being scrutinised will also be assessed in light of the transparency requirements commencing in March 2014 under the new privacy laws. In particular, scrutiny will relate to Australian Privacy Principle (APP) 1 – Open and transparent management of personal information. Put simply, APP 1 requires organisations to manage personal information in a more open and transparent way.

Of notable interest is Pilgrim’s assertion, “In order to be compliant with the new laws, every organisation is going to have to review their privacy policies.” However, businesses must be aware that simply having a privacy policy in place is not enough. If a business fails to closely adhere to its privacy policy, ramifications will follow. One ramification might be the irreparable damage to its brand.

The results of the sweep, which will be released later this year, will be used to develop guidance on the new requirements being introduced in March 2014. The results will also provide organisations with much needed education in respect of privacy policies.

Would the privacy practices of your business hold up to the scrutiny of the OAIC and meet the requirements of the new Australian Privacy Principles?