Welcome to our Newsletter, bringing you the latest in Intellectual Property, Technology and Media Law news.
Online age verification in Australia: A work in progress
Australia’s much discussed new social media ban for users under 16 and other reforms including the Children’s Online Privacy Code mean that age verification reforms could affect nearly everyone’s online activities.
This article provides a brief overview of each of these developments, what we know about compliance requirements so far, when they are expected to take effect and who needs to know about them.
Click here to read more.
Enhancing email trust with Common Mark Certificates
Common Mark Certificates (CMCs) provide a simple, effective solution to enhance email security and brand recognition. By displaying a digitally authenticated brand logo in the sender field, CMCs reassure recipients that the email is legitimate and from a trusted source, reducing the risk of phishing and spoofing attacks. Additionally, CMCs help reinforce brand identity with each email sent, and unlike other solutions, they do not require a registered trade mark. Find out how your business can qualify for a CMC below.
Click here to read more.
Pixel perfect compliance: The OAIC releases guidance on tracking pixels and privacy obligations
The Office of the Australian Information Commissioner (OAIC) recently published new guidance on deploying third-party tracking pixels on websites in a way that complies with the Privacy Act 1988 (Cth) (Privacy Act).
Tracking pixels are tools offered by social media platforms and other digital platforms, which are invisibly embedded in an organisation’s website. The pixel is loaded each time a user accesses the webpage, sending certain data to the third party platform. The pixels can therefore be used to track webpage activity broadly, but also to track the activity of individual users, and facilitate and track the effectiveness of targeted advertising.
The OAIC’s guidance applies the obligations of the Privacy Act to third-party tracking pixels, and provides useful context regarding how to deploy third-party tracking pixels in a way that the OAIC considers complies with the Privacy Act.
For example, the guidance includes advice regarding how organisations can ensure that their privacy policies and collection notices contain clear and transparent information about the use of third-party tracking pixels on websites to collect, use, and disclose personal information.
In addition to these transparency obligations that relate to Australian Privacy Principles (APPs) 1 and 5, the guidance also covers:
- types of personal information tracked using tracking pixels;
- what to consider before deploying tracking pixels;
- how to adopt a privacy by design approach;
- collection of personal information (APP 3);
- ensuring that pixel technology is configured appropriately;
- collection and use of sensitive information;
- collection of personal information by lawful and fair means;
- use and disclosure of personal information (APP 6); and
- direct marketing (APP 7).
This article was written by Daniel Kiley, Partner and Iain McLaren, Special Counsel.
In case you missed it, the following articles were recently written and published by our team:
Where’s Wally? Geotracking devices in the workplace
Advances in technology have made tracking the location of staff easier than ever, but doing so can be legally complicated. Each State and Territory in Australia has varying regulatory schemes regarding how geotracking devices may be used in the workplace leading to situations where the standard operating procedures regarding tracking devices may be lawful in one State or Territory, but not another.
In this article, we discuss the varying laws around the country which impact on how geotracking can be used in the workplace.
Click here to read more.
New privacy laws passed in Western Australia: What do they mean for you?
The WA Parliament has passed new privacy legislation through the Privacy and Responsible Information Sharing Bill 2024 (PRIS Bill), which introduces privacy obligations for WA Ministers, Parliamentary Secretaries, public entities, and their contracted service providers for the first time. The PRIS Bill, along with the Information Commissioner Bill 2024, was introduced on 6 May 2024 and passed on 28 November 2024. The legislation includes minor amendments, mostly related to formatting and the review period for privacy provisions. This new regime strengthens privacy protections in line with recent Commonwealth changes.
Click here to read more.
Mum, can I borrow your phone? Proposed social media ban for under-16s
The Online Safety Amendment (Social Media Minimum Age) Bill 2024 (Bill) proposes amendments to the Online Safety Act 2021, aiming to restrict social media access for users under 16. If passed, it will require social media providers to take “reasonable steps” to prevent users under this age from creating accounts. This measure seeks to address the developmental and psychological risks posed by adolescent exposure to social media.
We discuss the Bill’s requirements and potential penalties for non-compliance.
Click here to read more.
*This has passed Parliament and is now an Act.
SOCI-ally aware: More Security of Critical Infrastructure Act reforms on the way
The Security of Critical Infrastructure Act is set to be updated, with a Bill before Parliament proposing a number of changes.
Australia’s 2023–2030 Cybersecurity Strategy, supported by the Security of Critical Infrastructure and Other Legislation Amendment (Enhanced Response and Prevention) Bill 2024 (Bill), strengthens protections for critical infrastructure against cyber threats. The Bill amends the Security of Critical Infrastructure Act 2018, enhancing government powers, refining risk management requirements, and consolidating oversight. It also mandates stricter reporting and risk management obligations for entities responsible for critical infrastructure to better safeguard national interests.
Click here to read more.
*This has passed Parliament and is now an Act.
Non-traditional trade marks: A lack of common scents?
Trade marks can be registered for various ‘signs’ including shapes, sounds, words, colours, and even scents.
Crayola has recently registered a trade mark for the scent of its crayons in the US, joining the likes of Hasbro’s Play-Doh and shoe retailer Grendene in registering scent trade marks.
In Australia, scent trade marks are possible but rare, with only two registered: eucalyptus for scented golf tees and cinnamon for non-wood furniture. The minimal number of registered scent trade marks in Australia is likely, in part, due to the high threshold of the distinctive description requirements.
Click here to read more.
AI and the Australian Consumer Law: Government considers changes to address risks posed by ‘smart’ products
Recent advancements in AI have led to the rise of ‘smart’ appliances with features like automated decision-making and voice control. While these systems offer benefits, such as improved safety and accessibility, they also introduce risks, including unpredictable behaviour and reliance on third-party servers. If these servers fail or are shut down, connected products may become non-functional.
The Australian Federal Government Treasury has released a discussion paper to explore how Australian Consumer Law applies to AI-enabled goods and services, aiming to address these new risks.
Click here to read more.
Australian Government releases new misinformation and disinformation bill
On 12 September 2024, the Australian Government introduced the Communications Legislation Amendment (Combatting Misinformation and Disinformation) Bill 2024 (Draft Bill) into Parliament, following a 2023 exposure bill.
The Draft Bill addresses the growing threat of misinformation and disinformation, which the government has been working to regulate since 2019. It empowers the Australian Communications and Media Authority to gather information and enforce industry standards to curb harmful online content. The Draft Bill also introduces new transparency obligations for digital platforms to enhance accountability in managing misinformation.
Click here to read more.
Australia’s Cyber Security Bill 2024: Ransomware reporting, safeguards for voluntary co-operation and more
With the release of the 2023-2030 Australian Cyber Security Strategy in November last year, the Australian Government confirmed its plans to strengthen cybersecurity requirements across all sectors of the Australian economy and improve coordination between industry and government on threat detection and incident response.
The Cyber Security Bill 2024 and the related Intelligence and Other Legislation Amendment Bill 2024 take the next step in this process by introducing a range of new measures to bolster Australia’s cyber security landscape, including a mandatory ransomware payment notification regime, cyber security standards for smart devices and new safeguards to encourage voluntary information sharing with certain government agencies.
Click here to read more.
*This has passed Parliament and is now an Act.
Cash Poor, Data Rich: Traversing privacy obligations for liquidators
The intersection of privacy law and insolvency practice creates challenges for liquidators in Australia, who must manage personal information about individuals involved with the distressed company, including customers and creditors. Liquidators are also tasked with realising assets, often encountering valuable customer databases that contain highly regulated personal information. They must balance the obligation to creditors with the responsibility to handle this data in compliance with the Privacy Act 1988 (Cth), or risk violating privacy laws.
Click here to read more