Forwarded From: Nicholas Charles Brawn <ncb05@uow.edu.au>
17Nov98 AUSTRALIA: DATA PRIVACY POLICY URGED.
By JAMES RILEY.
AUSTRALIAN companies should consider implementing internal data protection
policies following the Federal Government's failure to respond to a
European Union (EU) deadline on privacy legislation, legal experts have
warned.
The EU has warned its trading partners that member nations would not allow
for the transmission of data to trading nations that had not enacted
adequate data-protection and privacy measures.
Although the deadline expired on October 25, most EU States had not passed
their own privacy legislation, making the likelihood of sanctions against
partners remote, Freehill, Hollingdale and Page privacy solicitor Alan
Peckham said.
But although the EU appeared to be behind its own schedule in implementing
data-protection trade policy, Mr Peckham said his firm had recommended
that clients trading with Europe should establish strict internal privacy
policies.
The directive had sought to allow data exchange only with "White-listed"
countries (those with data-protection legislation). However, Mr Peckham
said that Australian companies with European trading interests could apply
to "White-list" themselves if they could demonstrate adherence to their
own, strict internal privacy policies. "For the average Australian
company that deals with the EU, this shouldn't really be a concern," he
said.
"But they should still make sure they have sufficient privacy protection
in place to ensure that they can be `White-listed' later if it's
required." Mr Peckham said that although the Federal Government passed
privacy legislation in the late 1980s that protected personal data held by
government departments - and was later extended to include credit
providers - there was no privacy law covering the private sector.
Rather, the Federal Government had introduced a privacy code in March
through Privacy Commissioner Moira Scollay as a means of industry
self-regulation.
National Office of the Information Economy executive director Paul Twomey
said various EU spokesmen had indicated that this kind of selfregulation
would satisfy EU personal data protection requirements, as long as there
was adequate policing and enforcement.
"In the e-commerce world, consumers are clearly putting a premium on
security issues," Dr Twomey said.
"So it's in a company's own commercial interest to enact some kind of
personal data protection either by themselves, or through some sort of
industry code."
The Victorian Government, meanwhile, plans to introduce a data-protection
bill, providing an enforceable framework, in the autumn session of
parliament next year. www.hreoc.gov.au.
AUSTRALIAN 17/11/1998 P46
-o-
Subscribe: mail majordomo@repsec.com with "subscribe isn".
Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
Received on Sat Nov 21 11:38:07 1998