What are the Australian Privacy Principles?
Defining the Australian Privacy Principles
Out of the 13 of APP’s, here are some of the most important:
Australian Privacy Principles 1 – Open and Transparent Management of Personal Information
- Collection of personal information;
- Use of personal information;
- Disclosure of personal information;
- Rights and control of customers personal information;
- Storage and security of personal information;
- Website cookies and third party sites.
Australian Privacy Principles 2 – Anonymity and Pseudonymity
Furthermore, individuals must have the option of not identifying themselves or using a pseudonym when dealing with an APP entity concerning a particular matter. Anonymity ensures that an individual dealing with an APP entity has limited identification, and the entity does not collect personal information or identifiers. Companies with this obligation may provide individuals with the option of using a pseudonym. It is important to note that this provision is subject to some limitations. Exceptions can include where it is impractical for an organisation not to know the individual or where the court mandates it.
Australian Privacy Principles 5 — Notification of the collection of personal information
An APP entity that collects personal information about an individual must take reasonable steps to notify the individual of specific issues regarding their privacy. Matters can include, the fact and circumstances of collection, whether the collection is required or authorised by law and whether the entity is likely to disclose personal information to overseas recipients. An APP entity must take reasonable steps before or at the time of collection to notify the customer. For example, customer service providers follow this procedure when they inform the complainants about their privacy obligations at the start of a call. Therefore, telling customers about privacy collection is essential.
Australian Privacy Principle 7—direct marketing
Companies are often unaware of APP 7. APP 7 provides that an organisation must not use or disclose personal information it holds for the purpose of direct marketing unless an exception applies. Direct marketing is where a company discloses personal information like an email address for the purposes of marketing. Companies who use direct marketing must ensure they provide customers an opportunity to opt-out of the direct marketing services. Therefore, companies should always consider how they can protect a customer’s privacy when they are direct marketing.
Privacy Never sleeps
Privacy should always be at the forefront when you are dealing with customer’s personal information. Companies who neglect privacy not only endanger the customer but put their business reputation at risk. This article has only explored a select few of the Australian Privacy Principles. Consider visiting the OAIC website to learn about how the other principles affect your business. Therefore, in the digital age, companies need to consider how to protect their customers’ privacy best.
Josh is a Legal intern at Lawpath. He is a Commerce/Law student at Macquarie University. He has an interest in cyberlaw and blockchain technology.