Australia’s privacy laws are dated, vague, open to interpretation and full of loopholes you could drive a semi through. Companies should have to be clear about exactly what they collect, how it’s stored and give people options to delete it. No more “we may collect some data and keep it for as long as we deem reasonable.” It should only be legal for companies to use data for their primary function (i.e assessing a tenant for eligibility), all other purposes (like selling to advertisers) should be strictly optional and opt-in. And no more using already collected data for a new purpose without getting a new round of permission
And the exception for small business needs to go. Small businesses without proper cybersec teams are usually the least equipped to securely handle the data they collect.
Australia’s privacy laws are dated, vague, open to interpretation and full of loopholes you could drive a semi through. Companies should have to be clear about exactly what they collect, how it’s stored and give people options to delete it. No more “we may collect some data and keep it for as long as we deem reasonable.” It should only be legal for companies to use data for their primary function (i.e assessing a tenant for eligibility), all other purposes (like selling to advertisers) should be strictly optional and opt-in. And no more using already collected data for a new purpose without getting a new round of permission
And the exception for small business needs to go. Small businesses without proper cybersec teams are usually the least equipped to securely handle the data they collect.