The Attorney-General's Department (AGD) has been conducting a review of Australia's 33-year-old Privacy Act, considering, among other things, the current definition of personal information.
The department in October released an issues paper for public consultation. AGD transparency and criminal law branch assistant secretary Autumn Field said about 200 submissions to the consultation were received and it was in the process of finalising a discussion paper, which is set to be released for public consultation in the coming weeks.
"That discussion paper will talk about the kinds of themes that we picked up from the submissions, and will also raise some possible options for reforming the Privacy Act. And the ideas that will be put forward are basically the ones that we feel warrant some further public discussion," she told the Select Committee on Foreign Interference Through Social Media on Friday.
"After we've publicly consulted on that discussion paper, we'll review all of its submissions, and formulate a final report for government's consideration."
The review was meant to occur last year, but as previously claimed, COVID is to blame for the delay.
But in addition to work on reforming the Privacy Act 1988, Field said AGD was also working on a further legislative instrument targeted towards social media companies operating in Australia.
"In addition to the Privacy Act review, we are also separately working on exposure draft legislation that will specifically target social media companies and certain other online platforms with similar themes in terms of ensuring that there's greater transparency about how personal information is being used, and how consent is obtained, particularly for young people," she told the committee.
"We're in the process of finalising that legislation at the moment, and that will also be released for public discussion as well."
Field was asked if the amount of legislation in the works surrounding social media and other technology companies highlighted the "extraordinary power that needs to be addressed by regulation and accountability".
"In terms of the review of the Privacy Act, it's really a process of making sure that the current settings are appropriately calibrated, and that there is the correct balance between protecting individual's personal information, and still ensuring that we can operate in a very digital economy," she said in response. "The purpose of the review is to flush out those issues and to work out how the Privacy Act could be improved."
Earlier this year, Facebook, Google, Microsoft, Redbubble, TikTok, and Twitter committed to the Australian Code of Practice on Disinformation and Misinformation, which is a voluntary code the signatories have vowed to follow on their respective platforms.
Appearing alongside Field was Pauline Sullivan, who is the first assistant secretary of the Department of Infrastructure, Transport, Regional Development and Communications. Sullivan was asked why the government agreed to a voluntary code that was developed by the social media companies.
She told the committee the platforms worked in a timely fashion to get a code in play and they have provided transparency reports on time.
Sullivan said advice has been provided to the minister for further consideration.
MORE FROM THE PRIVACY ACT REVIEW
- Privacy Act review to examine privacy tort, direct action rights, and GDPR compliance
- Facebook and Snap Inc call for a GDPR-aligned Australian Privacy Act
- Attorney-General asked to update 'personal information' definition in Privacy Act
- ACCC calls for Privacy Act changes to protect loyalty scheme customers
- Google says consent over every aspect of data processing would be burdensome
- Optus warns not to punish whole economy for tech giant sins in Privacy Act changes
- Over 4,000 privacy complaints made about Aussie telcos in FY20
- OAIC wants stronger enforcement powers in Australia's revamped Privacy Act
- Nearly 12-months old COVIDSafe legislation cited as cause of Privacy Act review delays