Data Protection and Privacy

Data Protection & Privacy

Experienced, practical data protection lawyers

Information is a strategic asset of a modern business, yet managing it properly is a major challenge for multi-channelled and multi-regional organisations. As data protection legislation and regulation tightens, you can rely on our full-service team to help you manage the risks associated with privacy and data protection issues.

From the rise of social networking and online storage of consumer information to the mass dissemination of information via WikiLeaks, breaches of privacy are on the rise. There are potentially severe legal, commercial and reputational risks associated with a breach.

At the same time, businesses are also faced with an unprecedented level of privacy compliance enforcement and varying international laws and regulations.

Keeping you on top of data protection issues

Balancing the responsibilities of data protection and privacy with the obligations of disclosure and fair processing is an everyday concern for many of our clients. Making sure you stay on top of compliance risks and avoid negative consequences, with minimum disruption to your business operations, is an integral part of the specialist advice we provide on data protection law.

Because we have invested time in creating practical checklists, we can provide a data protection audit service to assess your level of compliance with the law. We can identify any areas where remedial action should be taken. And we can identify the practical steps that should be taken to improve compliance.

King & Wood Mallesons advises credit providers, government departments and leading commercial organisations on the risks associated with the way information is captured, used and transferred. Specifically, we advise on:

  • Developing privacy compliance programmes
  • Detailed contract and transaction reviews, privacy audits, compliance systems, drafting and negotiating contractual provisions
  • Making submissions to regulators
  • Privacy legislation and codes, responses to complaints of breach of privacy, requests for determinations, privacy statements, consents and policies
  • Obtaining data with and without consent
  • Opt ins and opt outs
  • Transfer of data across jurisdictions
  • Safe harbour and model clauses
  • Data access requests
  • Freedom of Information issues.

Show moreShow less

Our experience in these areas includes advising on compliance issues relating to the credit provider regime for St George Bank, General Electric, AMP Group, Telstra and the Data Advantage Group. Data protection was also part of the advice we provided to Lion Capital – along with advice on disciplinary processes, executive terminations, drafting policies, and restrictive covenants.

Our other experience in data protection law includes advising:

  • Activision Blizzard Advice on online sales and gaming concept (including e-commerce, e-money and payment services regulations, licensing, unfair competition, intellectual property, data protection)
  • A global entertainment corporation in relation to its online platform (e-commerce, terms and conditions, data protection, unfair competition and youth protection)
  • On the privacy aspects of various co-branded credit card arrangements, including Telstra/ANZ and Telstra/ANZ/Qantas and Woolworths Ezy Banking
  • Lion Nathan on sponsorship privacy and confidentiality obligations
  • A leading telecommunications company on privacy and interception matters – including developing privacy protection policies, advising on privacy aspects of products and marketing and conducting privacy training
  • A major financial institution on its business proposals – including providing advice on legal requirements/risks in relation to privacy and data security as well as drafting and negotiating provisions dealing with privacy and confidentiality in securitisation programmes.
"The team are very good at sharing our corporate history with those lawyers who haven’t worked with us before. I don’t need to repeat myself."


We have a full team specialising in this area.

Discover our latest insights into legal issues affecting your business

The Australian Government announced it will legislate a Consumer Data Right which will initially give consumers access to their banking, electricity, phone and internet transactions.

27 November 2017

The Australian Government’s open data and digital agenda has sparked renewed debate around privacy, governance and security.

06 November 2017

Australia's coordinated and strategic framework to respond to the increasing risks of sabotage, espionage and coercion against Australia’s national critical infrastructure.

19 October 2017

We look at reforms in the telecommunications sector to see what hints they provide on the Australian Government’s approach to other critical infrastructure, including electricity, ports and water.

04 October 2017