AIIA Calls for Major Privacy Act Reforms, Backs GDPR Distinction
The Australian Information Industry Association (AIIA) has outlined its stance on the Privacy Act, calling for significant reforms. It seeks the removal of the small and medium enterprise (SME) exemption and the introduction of the data controller-data processor distinction from the GDPR. The association also advocates for improved data governance practices and clarity on data retention requirements.
The AIIA, representing the Australian information and communications technology industry, has expressed its support for the introduction of the data controller-data processor distinction from the GDPR into Australian law. This, it believes, will provide a clear framework for data responsibilities and accountability.
The association has also called for the removal of the SME exemption from the Privacy Act. Despite the lack of information on the specific commissioner who supports this call, the AIIA's stance is clear: all businesses, regardless of size, should be held to the same data privacy standards. Furthermore, the AIIA wants clarification of data retention requirements and monitoring of the feasibility and effect of APP 11.2.
The AIIA is pushing for these changes to be implemented through the Privacy Act, viewing it as the most appropriate vehicle to address current data and privacy concerns. The association has urged the Albanese Government to release an exposure draft of the proposed changes before the end of the year, demonstrating its commitment to driving progress in Australian data governance.
