Transfer of data by Australian organisations to other jurisdictions is increasingly common. This is a result of IT service providers using personnel and infrastructure in low cost jurisdictions such as India to service Australian based clients. The cloud computing industry alone is now worth nearly $2 billion in Australia and about half of this is spent on public cloud services. 86% of Australian businesses now report that they use cloud services.
While there are onshore data processing options available in the market place (including ‘Australian-only’ clouds ), these may not offer the customer the same benefits (e.g. economies of scale, affordability) as offshore options.
There are a range of commercial risk and regulatory considerations that any customer or supplier considering offshoring data needs to assess. In particular, new laws govern the ‘disclosure’ by Australian organisations of personal information to overseas recipients from 12 March 2014. This note addresses some of the relevant issues.
The new law replaces the National Privacy Principles (that applied to private organisations) and Information Privacy Principles (that applied to government agencies) with a single list of principles called the Australian Privacy Principles (APPs).
The new law gives the Privacy Commissioner more powers, including:
Click 'Download' to read the full article.
The content of this publication is for reference purposes only. It is current at the date of publication. This content does not constitute legal advice and should not be relied upon as such. Legal advice about your specific circumstances should always be obtained before taking any action based on this publication.