With the key trends in today's business world -- which include Customer Relationship Management (CRM), e-business, e-commerce, and database mining -- involving the collection of a large volume of detailed, and possibly intimate, personal information, -many businesses pursuing these strategies will be covered by the new Act and may need to adjust the way they handle personal information in order to comply, federal Privacy Commissioner Malcolm Crompton, said.
Roy Morgan Research conducted the national Privacy and Business survey in June 2001, on behalf of Office of the Federal Privacy Commissioner, questioning 560 private sector organisations across six major industry sectors about the new Privacy Amendment (Private Sector) Act 2000. The findings were not dissimilar to those previously reported by ZDNet.
While the majority (82 percent) of respondents were aware of the existence of federal privacy laws, less than 40 percent were aware that new legislation came into effect December 21, 2001.
The survey also uncovered a specific lack of knowledge about the new legislation, with 52 percent of the sample noting that their organisation had very little knowledge, or no knowledge, concerning the new laws. A whopping 74 percent of respondents stated that their organisation had not started preparing for the new legislation and 91 percent believed they didn't have sufficient information on the new privacy laws to begin preparation for the new legislation.
Whilst community interest is -latent", it is also -awakening", Crompton said, and although only 19 percent of businesses have commenced preparation for the new legislation, -that number is increasing by the day...Don't mistake lack of knowledge for lack of interest," he added.
Vague awareness
On the other hand, Bridget Larson, legal & e-policy manager for the Australian Information Industry Association, said she found the -vague awareness" of the new legislation -a little alarming".
-This is going to require a lot of work over the next five months," Larson said. -For those who ignore it there will be additional risk and additional cost."
However, the new legislation has been heavily criticised for coming with no penalty for non-compliance.
Toothless tiger
-The biggest failing of Australia's new privacy laws is that there is no penalty for any breach (except, perhaps, the disapproval of the Privacy Commissioner...)," one reader told ZDNet. -Our Government was so eager to cave into the interests of big business that it created a new law with no teeth at all. So if businesses choose to ignore the new laws, who can honestly be surprised? A law with no penalty is no law at all."
The Commissioner's office said that although it doesn't have the power to impose fines for non-compliance it can take remedial action against offending companies, including an order from the Commissioner that sufficient data security is brought on board within a given timeframe - -potentially very expensive in terms of IT spend," a representative for the Crompton's office told ZDNet in an earlier interview.
Indeed, when asked about the barriers to organisational compliance with the new legislation, the most common responses were; lack of information and the cost and time of implementation, according to the research.
The last survey question concerned the ways that the Federal Privacy Commissioner's office could assist organisations to prepare for the amended privacy laws. The majority (72 percent) of respondents answered that they needed more information.
Crompton's office claims it will be rolling out a communications strategy aimed at -getting the message out" to businesses about the new legislation and the need to comply with it over the next few months.
I agree with the surveys done earlier. The different companies should be aware of the changes/ammendments in the new privacy law.