/>iIn Australia, last week was the 2025 Privacy Awareness Week (PAW), with this year’s theme ‘Privacy – it’s everyone’s business’. Among other things in PAW, the Office of the Australian Information Commissioner (OAIC) produced a Privacy Foundations self-assessment tool, which provides a privacy maturity score on the basis of tenets such as Accountability, Transparency, Collection and Data breach management. The tool, and PAW more broadly emphasise that privacy is not just about compliance, but good business and building trust. NSW, Vic and QLD state governments have each run parallel PAW events.
The PAW theme is especially fitting considering recent Australian privacy strides, including the new tort for serious invasions of privacy which came into effect on 10 June 2025. Under this new tort, a claim arises where a person invades an individual’s privacy by intruding on their seclusion or misusing their information.
Other notable developments include Tranche 1 of the Privacy Act reforms, enacted late last year, and the new obligation to disclose ransomware payments which we highlighted earlier this month. One of the less visible changes in the Privacy Act reforms is the requirement to describe automated decision making processes in entities’ privacy policies, which will come into effect in December 2026.
At the same time, ever-sophisticated developments in technology such as AI models and tools promise entirely new automated ways of collecting, analysing and presenting data for your business and interacting with your customers. As this year’s PAW draws to a close, it reminds us all of the ongoing need to ensure your business’s policies and practices are updated to enable and support the things you may want to do with the information you collect, to ensure your business is best placed to not only protect that information but also to harness the technology that the future may bring.
Emre Cakmakcioglu also contributed to this article.
