Australian organisations still struggling to fully comprehend new privacy laws

ADMA chief highlights the lack of knowledge around the implications of Australia's new Privacy Act and its impact for marketers on customer data

Large and medium-sized organisations are getting ready for Australia’s new privacy laws but concerns remain across the industry that smaller businesses still don’t appreciate the significance of the new legislation.

The new privacy laws comes into effect on 12 March and will introduce a range of measures that companies must oblige by around customer data. These are a single set of standards called the Australian Privacy Principles that specify when information can be used for direct marketing or be sent overseas. Penalties for failing to meet the new privacy laws could cost companies up to $1.7m.

CEO of the Association for Data-driven Marketing and Advertising (ADMA), Jodie Sangster, told CMO that she believed many of Australia’s larger and medium-sized companies are on top of the changes, and have put in place processes to abide by the new rules. These include notices across customer-facing website outlining new privacy policies and rights.

But Sangster expressed concern around the readiness of SMBs and not-for-profit organisations, many of which don’t believe the privacy law changes apply to them, she claimed. The other challenge is that most of these organisations don’t have internal legal resources, staff on-hand, or budgets to hire consultancies to help them act on the information.

“Smaller marketers are challenged firstly on what they have to do, then secondly, how they get this in motion,” Sangster said.

Major challenges all organisations have faced is the notification piece and what that actually means.

“There is a question mark over what notification actually means and how organisations must notify customers,” Sangster said. “Many businesses are comfortable with sending people to a privacy policy without realising that won’t quite cut it under the new laws. There are whole new obligations to be met around proactively telling people what data you have about them. And there is a real struggle around how I do that, when I do that, and do I have to do it on an ongoing basis.”

The second recurring stumbling block is the provision around unsolicited information. According to Sangster, organisations must delete any unsolicited information obtained, nor can they use such information for any future relationship-building exercise. As an example, if someone brings a colleague or wife along to an event they have registered for, this could be unsolicited information and organisations wouldn’t be allowed to keep it.

“The question then becomes if this information has been given by someone for a business purpose, or has it just been given under a different reason. If it’s the latter, we cannot use it for future relationship building,” Sangster said.

“These are the types of things on the peripheral, not in the middle of the radar and therefore will be challenging,” she claimed. “The problem we have is that what the law says and the practicalities are often not aligned. This [unsolicited information clause] seems good in practices, but when you run every business scenario past it, it’s doesn’t work.”

To help member organisations get up to speed, ADMA launched the Data Pass responsible data practice program last October focus on the new privacy and security changes. Sangster said 40 companies have signed up to participate including Telstra, Weight Watchers, Foxtel and Amaysim.

“There is a big need for education throughout the whole industry,” Sangster claimed. “The reaction that we’ve had so far to the classes is that many don’t realise there’s so much to it. Data touches all parts of the business, not just the compliance person and anyone in the organisation that touches data needs to be aware of the changes."

While concerns remain around how prepared organisations are for the privacy crackdown, Sangster said it hasn’t hindered the rise of data-driven marketing across Australian businesses.

“Either organisations have made the changes and they’re ready, or they continue to feel they are compliant with the law as they are, so no one has said ‘stop’,” she said. “That did happen, however, when the spam act came in.”

Sangster’s key tips on getting on top of privacy law changes
  • Do a data audit: Organisations need to get a grip on what has to be done as a first step, even down to single data spreadsheets.
  • Get your front-facing information in order first: This includes the customer privacy policy, opt-out notifications and disclosure statements. These will at least be compliant while you then work on ensuring the whole back-end processes in your organisation meet the new privacy obligations.
  • Train your staff: Teams need to be trained to understand what they have to achieve and abide by, Sangster said. She pointed out there are a number of free tools available around digital privacy and policies from not only ADMA, but also legal firms and other associations. These are a good starting point for getting a grip on what needs to be done.
  • Tackle the new compliance policies in marketing: Sangster encouraged marketers to work on the wording of any new privacy and compliance statements, rather than leave them in the hands of legal teams. This will ensure that any information is couched in a customer approach and is therefore easier to understand as an end consumer.

Follow CMO on Twitter: @CMOAustralia, take part in the CMO Australia conversation on LinkedIn: CMO Australia, or join us on Facebook: https://www.facebook.com/CMOAustralia

Signup to CMO’s new email newsletter to receive your weekly dose of targeted content for the modern marketing chief.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Show Comments
cmo-xs-promo

Latest Videos

More Videos

I couldn't understand one things why on earth people only talk aboutimpact of digital transformation on banking and finance field instead...

Rajesh Acharya

Digital take-up and experiences help drive Suncorp's solid FY21 performance

Read more

Good afternoon,This is a complaint of the process of refunds which does not comply with Australian legislation. Despite a exhaustive req...

shiree Gilroy

Catch Group combines commercial and marketing role

Read more

I really appreciate your article. Love your Article. By reading your article, its created an idea in my mind about loyalty strategy to ke...

Jack Reacher

Report: Marketers failing to realise the benefits of customer loyalty programs

Read more

One month’s research and we’ve handpicked this generation’s 50 most talented Women CEOs, leading the top multinational companies around t...

Vaishnavi Pillai

Women in leadership the focus on International Women’s Day

Read more

Great post!

deen8

What felix Mobile is doing to keep customer support cost-effective

Read more

Blog Posts

When friction can be a brand’s best friend

I always enjoy those oft-forgotten, in-between moments in any experience. These moments are not necessarily part of any defined experience per se. They likely wouldn’t show up in an organisation’s plans or ideas to help make the customer journey or user flow as simple, easy and seamless as possible.

Rich Curtis

CEO, FutureBrand A/NZ

How much attention should we be paying to the ‘attention economy’?

There’s been a lot of buzz in the advertising industry lately about what’s coined the ‘attention economy’. And it’s fast becoming the new battleground for media channels to prove their wares and to develop and espouse new attention metrics.

Nickie Scriven

CEO, Zenith

Sometimes the best solutions are some of the most counterintuitive

Exceptional CMOs do exceptional things for themselves and for those they inspire. At your best you are creative, innovative and inspirational. We have a problem though. We now live in a corporate world that demands sensibility where everything you do is measurable and stakeholders demand predictability – the antithesis of breakthrough and transformation.

Hamish Thomson

Author, former regional president and global brand head, Mars Incorporated

Sign in