Australian organisations still struggling to fully comprehend new privacy laws

ADMA chief highlights the lack of knowledge around the implications of Australia's new Privacy Act and its impact for marketers on customer data

Large and medium-sized organisations are getting ready for Australia’s new privacy laws but concerns remain across the industry that smaller businesses still don’t appreciate the significance of the new legislation.

The new privacy laws comes into effect on 12 March and will introduce a range of measures that companies must oblige by around customer data. These are a single set of standards called the Australian Privacy Principles that specify when information can be used for direct marketing or be sent overseas. Penalties for failing to meet the new privacy laws could cost companies up to $1.7m.

CEO of the Association for Data-driven Marketing and Advertising (ADMA), Jodie Sangster, told CMO that she believed many of Australia’s larger and medium-sized companies are on top of the changes, and have put in place processes to abide by the new rules. These include notices across customer-facing website outlining new privacy policies and rights.

But Sangster expressed concern around the readiness of SMBs and not-for-profit organisations, many of which don’t believe the privacy law changes apply to them, she claimed. The other challenge is that most of these organisations don’t have internal legal resources, staff on-hand, or budgets to hire consultancies to help them act on the information.

“Smaller marketers are challenged firstly on what they have to do, then secondly, how they get this in motion,” Sangster said.

Major challenges all organisations have faced is the notification piece and what that actually means.

“There is a question mark over what notification actually means and how organisations must notify customers,” Sangster said. “Many businesses are comfortable with sending people to a privacy policy without realising that won’t quite cut it under the new laws. There are whole new obligations to be met around proactively telling people what data you have about them. And there is a real struggle around how I do that, when I do that, and do I have to do it on an ongoing basis.”

The second recurring stumbling block is the provision around unsolicited information. According to Sangster, organisations must delete any unsolicited information obtained, nor can they use such information for any future relationship-building exercise. As an example, if someone brings a colleague or wife along to an event they have registered for, this could be unsolicited information and organisations wouldn’t be allowed to keep it.

“The question then becomes if this information has been given by someone for a business purpose, or has it just been given under a different reason. If it’s the latter, we cannot use it for future relationship building,” Sangster said.

“These are the types of things on the peripheral, not in the middle of the radar and therefore will be challenging,” she claimed. “The problem we have is that what the law says and the practicalities are often not aligned. This [unsolicited information clause] seems good in practices, but when you run every business scenario past it, it’s doesn’t work.”

To help member organisations get up to speed, ADMA launched the Data Pass responsible data practice program last October focus on the new privacy and security changes. Sangster said 40 companies have signed up to participate including Telstra, Weight Watchers, Foxtel and Amaysim.

“There is a big need for education throughout the whole industry,” Sangster claimed. “The reaction that we’ve had so far to the classes is that many don’t realise there’s so much to it. Data touches all parts of the business, not just the compliance person and anyone in the organisation that touches data needs to be aware of the changes."

While concerns remain around how prepared organisations are for the privacy crackdown, Sangster said it hasn’t hindered the rise of data-driven marketing across Australian businesses.

“Either organisations have made the changes and they’re ready, or they continue to feel they are compliant with the law as they are, so no one has said ‘stop’,” she said. “That did happen, however, when the spam act came in.”

Sangster’s key tips on getting on top of privacy law changes
  • Do a data audit: Organisations need to get a grip on what has to be done as a first step, even down to single data spreadsheets.
  • Get your front-facing information in order first: This includes the customer privacy policy, opt-out notifications and disclosure statements. These will at least be compliant while you then work on ensuring the whole back-end processes in your organisation meet the new privacy obligations.
  • Train your staff: Teams need to be trained to understand what they have to achieve and abide by, Sangster said. She pointed out there are a number of free tools available around digital privacy and policies from not only ADMA, but also legal firms and other associations. These are a good starting point for getting a grip on what needs to be done.
  • Tackle the new compliance policies in marketing: Sangster encouraged marketers to work on the wording of any new privacy and compliance statements, rather than leave them in the hands of legal teams. This will ensure that any information is couched in a customer approach and is therefore easier to understand as an end consumer.

Follow CMO on Twitter: @CMOAustralia, take part in the CMO Australia conversation on LinkedIn: CMO Australia, or join us on Facebook: https://www.facebook.com/CMOAustralia

Signup to CMO’s new email newsletter to receive your weekly dose of targeted content for the modern marketing chief.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Show Comments

Blog Posts

Why you can’t afford to fail at CX in 2019

In 1976 Apple launched. The business would go on to change the game, setting the bar for customer experience (CX). Seamless customer experience and intuitive designs gave customers exactly what they wanted, making other service experiences pale in comparison.

Damian Kernahan

Founder and CEO, Proto Partners

Natural born leaders

Many business and marketing managers progressing to leadership positions face evolving their focus from operational matters to strategic decision making and planning.

Jean-Luc Ambrosi

Author, marketer

Using artificial intelligence to surprise your customers

​We have expected artificial intelligence (AI) will become part of our everyday lives for quite some time.

Katja Forbes

Founder and chief, sfyte

Just printed out this Brad Howarth screed to read tomorrow. I need a good laugh once in a while. Or maybe shed some manly-man tears at th...

Larry A Singleton

What a diversity agenda has done for Kellogg's staff and innovation engagement

Read more

Morons. PC Nazis infiltrating and subverting every level in our lives.These scum have destroyed our education system.Read FrontPage Magaz...

Larry A Singleton

What a diversity agenda has done for Kellogg's staff and innovation engagement

Read more

It is an accepted fact that in the present times the mass makes use of digital marketing more often and are more and more enlightened wit...

Digital Marketing Course in Ja

Why RMIT is partnering with Adobe for digital marketing learning

Read more

If men were really the dominating brutes that feminist make them out to be ,then women really would be second class citizens. Without th...

aaron

Analysis: Gillette's latest ad only proves why brands standing for positive change is vital

Read more

In 2019 Augmented Reality plays a vital role in marketing campaign its new way to engaged user with digital content. Try Augmented Realit...

hill william

Predictions: 9 digital marketing trends for 2019

Read more

Latest Podcast

More podcasts

Sign in