Data Protection and Privacy

Data Protection & Privacy - Australia

Informed advice on every aspect of data protection and privacy laws

Thanks to decades of experience, we have deep expertise in all areas of data protection and privacy law.

Our firm has played an important part in reforming privacy laws in Australia, advising on the many changes and government reviews that have shaped the law in this area. Our clients include leading businesses headquartered in Australia such as Telstra, Medibank, Wesfarmers Group and Realestate.com, and many multinational corporations seeking to understand their exposure to Australian data protection regulation.

In March 2014 the penalties for serious contraventions of the Australian Privacy Act increased substantially to a maximum amount of A$1.7 million. This, in combination with regular media coverage of serious data security breaches, has caused many businesses to re-evaluate their approach to complying with that legislation.

Our experience enables us to advise you on every aspect of your data protection compliance regime, including strategic planning, responding to changes in law, monitoring compliance, training and dealing with data breaches. We also advise clients regularly on their potential exposure when entering into transactions that involve the disclosure of personal data outside Australia, including contractual and other risk mitigation measures. Whatever you need, you can rely on us to deliver timely, sensible and commercial advice to help manage your data protection risks.

Show moreShow less

Advice on all aspects of privacy and data protection legislation

Our data protection lawyers advise domestic and multinational clients operating in all sectors, including telecommunications, IT, financial services, health, consumer and retail and government in the following ways: 
  • The application of the data protection and privacy legislation, including the complex sector-specific regulation, in particular of consumer creditworthiness information and health information
  • Managing marketing, outsourcing and other core activities, and ensuring compliance 
  • Developing privacy policies, as well as underlying compliance practices and procedures, including training materials and conducting workshops 
  • Strategies for lobbying government, regulators and industry bodies 
  • Data protection audits and privacy impact assessments to assist with compliance
  • Negotiating and drafting contractual provisions to give contractual rights in the event of data compliance breaches 
  • Defending allegations of breaches of privacy and data protection legislation, both at the level of the office of the commissioner and in appellate tribunals
  • Developing international compliance programmes and solutions
  • Applying privacy regulations to developing technologies and techniques, including increasingly complex data analysis (“Big Data”), cloud computing, hosting data centres in Australia, cookies, online behavioural monitoring, use of geolocation information, mobile apps and social media.

We have a full team specialising in this area.

Regulator

Australia's financial institutions are experiencing more regulatory pressure than ever before. Remain at the forefront of key regulatory issues as we guide and shape the future of financial services.

regulator
Discover our latest insights into legal issues affecting your business

The Australian Government’s open data and digital agenda has sparked renewed debate around privacy, governance and security.

06 November 2017

KWM's response to the Review into Open Banking in Australia’s Issues Paper under which consumers could request financial institutions to provide or share their data.

22 September 2017

The Australian Government has announced plans to introduce new legislation to force global tech companies to unlock and provide encrypted information to authorities for law enforcement purposes.

09 August 2017

In response to a loophole, a Bill has been introduced to require all companies and registered schemes to record each member’s email address in the register of members.

07 August 2017