Many Australian businesses appear unaware of major privacy law changes that took effect in December 2024, putting them at risk of enforcement actions and penalties.
According to an IAB Australia report, 87% of advertising decision-makers expressed only moderate confidence in their privacy compliance readiness before the holiday period. This lack of preparedness is concerning as the Privacy and Other Legislation Amendment Act 2024 introduced immediate obligations for data handling when it received Royal Assent on December 10.
The reforms passed during a busy legislative session that saw 32 bills approved in a single evening. Media coverage focused heavily on Australia's social media restrictions for under-16s, overshadowing the privacy amendments that granted expanded powers to the Office of the Australian Information Commissioner (OAIC).
Recent data paints a troubling picture of the industry's privacy stance. A 2024 Yahoo study found just 12% of advertising professionals in Australia and Southeast Asia made privacy solutions a priority. Meanwhile, the OAIC reported a 9% increase in Australian data breaches during the first half of 2024.
The OAIC has already demonstrated its commitment to enforcement through several recent actions, including guidance on tracking pixels and legal proceedings against companies like Medibank and Australian Clinical Labs. Under the new laws, the office can impose penalties for serious breaches and administrative fines for inadequate privacy policies.
International precedent suggests swift enforcement is likely. Regulators in California, Brazil, Portugal, and Thailand all took action within days or months of their privacy laws taking effect. Australian businesses banking on a gradual rollout may face unexpected consequences.
The OAIC's next enforcement report is scheduled for late 2025. Companies that delay addressing these new privacy requirements risk becoming early enforcement targets, particularly regarding tracking pixels, children's data protection, and third-party data sharing practices.