Personal Information under the Australian Privacy Act
Share
The Privacy Act of 1988 in Australia governs the collection and processing of personal information. The Act defines personal information as any information or opinion about an identified or reasonably identifiable individual, regardless of its truth or form.
However, ongoing reviews have led to proposed changes in the definition and scope of personal information.
Privacy Act and personal information
Under the current Privacy Act, personal information pertains to information or opinions about individuals. This includes their name, signature, address, telephone number, date of birth, medical records, bank account details, employment details, and any commentary or opinion about them. Notably, personal information only applies to living individuals and excludes deceased individuals.
Determining whether an individual is “reasonably identifiable” from certain information depends on several factors. These include the nature and amount of the information, the circumstances of its receipt, access granted to it, other available information, and the possibility of identification by the entity holding it. If a reasonable public member can identify an individual based on publicly released information, it would be considered personal information.
Meanwhile, business information such as a business name, address, and general contact details are not considered personal under the Privacy Act. However, specific contact details of individual employees, even if publicly available, may be categorised as personal information like the employee’s direct email address or phone number.
Privacy Act reforms
As part of the ongoing Privacy Act review, the Australian government has proposed reforms to broaden the definition of personal information. The proposed changes would align the definition with the European Union’s General Data Protection Regulation (GDPR) and include technical information like IP addresses, device identifiers, location data, and online identifiers. The aim is to enhance the protection of inferred personal information.
Additionally, the proposed reforms seek to bring de-identified information under the ambit of the Privacy Act. De-identified information, which carries a risk of re-identification, would be subject to reasonable protection measures. For instance, organisations must safeguard de-identified information from misuse, interference, loss, and unauthorised access, modification, or disclosure. Re-identifying de-identified information collected in such a state would be prohibited.
While these reforms are still being considered, businesses should stay informed about potential changes to ensure compliance with the evolving privacy landscape in Australia. If you have any questions or require assistance regarding personal information and Privacy Act compliance, it is advisable to seek guidance from privacy and data protection experts.
After four years in business school and working for multinational clients, Jomar believes he can improve the world through his writings via Public Spectrum, by informing the public on the latest news and updates happening around the government and society. Jomar has eight years experience as a writer and has a degree in Business Administration and Entrepreneurial Marketing.
Today’s Pick
11th Annual Aus Goverment Data Summit
April 1, 2025
7th Annual NZ Government Data Summit
May 7, 2025
3rd Public Sector Comms Week
May 14, 2025
Subscribe
We send emails,
but we do not spam
Join our mailing list to be on the front lines of healthcare , get exclusive content, and promos.
AI appointment Australia Australian boost boosts business businesses covid-19 cyber attack cybersecurity cyber security data data breach data management defence Digital employment enhance enhances fraud funding governance government grants Healthcare infrastructure Innovation Lockdown management new zealand NSW NZ online privacy public Public Sector queensland renewable energy scams security Social Media Technology telecommunications victoria
Last Viewed
Australia & NZ privacy watchdogs investigate Latitude Financial
Australian Government releases country’s first Data Strategy
Government’s looming record-keeping crisis
Australia’s first Online Safety Youth Advisory Council established
Crucial Connections