Best Lawyers works with leaders in the legal marketplace to keep our practice area lists current, allowing clients and referring lawyers to more easily locate the precise expertise they are seeking.
View region-specific practice areas by first selecting a country from the drop-down below.
Privacy and Data Security Law
Privacy and Data Security Law Definition
Most of us want the right to be left alone. Unsolicited phone calls and junk emails are annoying. We are uncomfortable being recorded or monitored.
However, there are times when it suits us to give out information about ourselves. We expect that information to be used for a proper purpose. We expect that it will not be used or forwarded on to others for a collateral purpose. If our personal information is ‘out there’, we want it to be accurate and safely stored. We are particularly ‘sensitive’ about information relating to our health, finances, credit history, and our political, religious affiliations, and criminal record. And if we must be monitored for a legitimate reason, we expect to be told in advance. Such is the stuff of privacy and data security law in Australia.
Defamation aside, the common law in Australia does not recognize a right to privacy. Varying statutory protections exist at Commonwealth and state/territory level. In general, these statutes do not protect the privacy of an individual as such, but regulate information about an individual: how it is collected, used, disclosed, and stored. Practitioners in the privacy and data security field must grapple with an untidy patchwork of inconsistent Commonwealth and state/territory statutes spanning (variously) privacy, telecommunications and communication interception, surveillance devices, and, increasingly, workplace surveillance. They then need to apply these laws to ever-emerging technologies, and in the context of diverse and flexible work practices.
Key legislation at a federal level includes: the Privacy Act 1988 (Cth); the Telecommunications (Interception and Access) Act 1979 (Cth), the Surveillance Devices Act 2004 (Cth), and the Telecommunications Act 1997 (Cth). At a state/territory level, one can expect to find statutes regarding privacy (applicable to state/territory public sector) and health privacy, and recording devices. Legislation specifically directed at employers conducting workplace surveillance of their employees (including monitoring the content of emails and computer records) is currently in place in NSW, the ACT, and, to a more limited extent, Victoria.
Those in the business of telecommunications, government surveillance, credit reporting, direct marketing, and providing health services are obviously particularly affected by privacy and data security law in Australia. But most employers, and in particular, all public sector employers, also have considerable compliance burdens. Appreciating the intersection of applicable privacy and data security legislation with the many other workplace and public sector statutes, is a necessary skill set in this developing field.
These practice areas are open for nominations but are not yet included in our publications.
Click here to download a PDF of all Practice Areas.