Jim Lennon (AU)

Subscribe to all posts by Jim Lennon (AU)

Queensland Government introduces mandatory data breach notification regime

Photo of Peter Mulligan (AU)Photo of Jim Lennon (AU)By Peter Mulligan (AU) and Jim Lennon (AU) on Posted in General
On 12 October 2023, the Government introduced the Information Privacy and Other Legislation Amendment Bill 2023 (Bill) to Queensland Parliament which, amongst other things, establishes a mandatory data breach notification scheme (MDBN Scheme) in Queensland. The Bill is consistent with the recommendations in the Coaldrake Review and is currently under consideration by the Education, Employment and Training Committee. It is … Continue reading

Privacy Act Review report

Photo of Ka-Chi CheungPhoto of Anna GamvrosPhoto of Jim Lennon (AU)Photo of Ross PhillipsonBy Ka-Chi Cheung, Anna Gamvros, Jim Lennon (AU) and Ross Phillipson on Posted in Privacy law
The Attorney General’s Department released its Privacy Act Review report on 16 February 2023, that includes the broad suite of reforms you would expect to bring Australia’s privacy laws in to line with both international standards and the reality of our data-based economy. These include enhanced data subject rights and increased accountability requirements for organisations collecting and … Continue reading

Flurry of activity in the Privacy Act review, including tougher penalties and new online privacy framework

Photo of Nick Abrahams (AU)Photo of Scott Atkins (AU)Photo of Ka-Chi CheungPhoto of Anna GamvrosPhoto of Peter Mulligan (AU)Photo of Benjamin KendePhoto of Jim Lennon (AU)Photo of Ross PhillipsonBy Nick Abrahams (AU), Scott Atkins (AU), Ka-Chi Cheung, Anna Gamvros, Peter Mulligan (AU), Benjamin Kende, Jim Lennon (AU) and Ross Phillipson on Posted in Cybersecurity
This article was co-authored with India Bennett. After months of anticipation regarding the ongoing review of the Privacy Act 1988 (Cth), the Federal Government has galvanized the Australian privacy landscape with two significant developments. Firstly, the Government has released a discussion paper about the reform of the Privacy Act. The discussion paper considers stakeholder feedback on the issues paper released in October 2020 … Continue reading

US CLOUD Act and International Privacy

Photo of Marcus Evans (UK)Photo of David Kessler (US)Photo of Jim Lennon (AU)Photo of Susan Ross (US)By Marcus Evans (UK), David Kessler (US), Jim Lennon (AU) and Susan Ross (US) on Posted in Compliance and risk management, Enforcement, General
The U.S. Clarifying Lawful Overseas Use of Data Act (“CLOUD Act”) is apparently the Goldilocks of the privacy world, according to recent statements issued by two international jurisdictions. The CLOUD Act’s requirements are “too hard” for Australian law, according to the Law Council of Australia, but the privacy protections are “too soft” for the European … Continue reading

Data breach notification to become mandatory in Australia from 22 February 2018

Photo of Jim Lennon (AU)Photo of Edward Odendaal (AU)By Jim Lennon (AU) and Edward Odendaal (AU) on Posted in Regulatory response
Privacy compliance will become even more important for all companies in Australia now that the mandatory data breach notification scheme has been enacted. From 22 February 2018, certain data breaches (known as “eligible data breaches”) will need to be notified to the Australian Privacy Commissioner and affected individuals.  Previously, notification of data breaches was optional.… Continue reading

Schrems: the global impact – how the ECJ ruling is affecting countries outside the EU and US

Photo of Jim Lennon (AU)By Jim Lennon (AU) on Posted in General
A number of jurisdictions around the world follow the lead from Europe in relation to data protection and impose similar restrictions on the export of personal data unless there is an “adequate level” of protection offered in the recipient jurisdiction. The EU Commission’s “US Safe Harbor” decision had permitted the transfer of personal data between … Continue reading
LexBlog