Privacy Code review 2019

Independent Review of the Privacy Code

ABOUT THE PRIVACY (MARKET AND SOCIAL RESEARCH) CODE 2014

Launched on 1 December 2014, AMSRO’s Privacy (Market and Social Research) Code 2014, is the first and only non-mandatory industry privacy code under the Australian Privacy Principles (APP) registered on the Federal Register of Legislative Instruments (FRLI). A copy of the Privacy (Market and Social) Code 2014 is available here.

View the Privacy (Market and Social Research) Code 2014 Consultation drafts here

THE INDEPENDENT CODE REVIEW OF THE PRIVACY (MARKET AND SOCIAL RESEARCH CODE) 2014

In accordance with the provisions of Part G of the Code, the Code is subject to independent review by the Independent Code Reviewer Panel at least every five years.

Professor Peter Leonard, Principal, Data Synergies Law Pty. Ltd., has been commissioned to undertake the independent review of the Privacy (Market and Social Research) Code 2014[1] (the Code).  A full copy of Professor Leonard’s explanatory notes is here and summarised below.

The responsibilities of the Independent Code Reviewer are:

  • to seek the views of the Commissioner, government agencies, industry representatives, consumer representatives, the general public and other persons or bodies as appropriate in Australia and internationally, regarding the operation of this Code and in relation to suitable revisions and amendments;
  • by January 31, 2020, to produce a report including recommendations for any amendments to this Code that are considered necessary or desirable for the effective operation of the Code.

As Independent Code Reviewer, and in consultation with the AMSRO Secretariat and AMSRO Privacy Compliance Committee, Professor Leonard has prepared a consultation review draft revision of the Code.  This consultation review draft is attached below, as a mark-up to the Code as currently in operation so that changes made are readily seen.  This is a working draft, intended to facilitate public input into this Code review.

Amendments proposed by the independent reviewer include:

  • to bring the Code up to date, including by addressing changes in the law;
  • to clarify certain aspects of operation of the Code that were not as clearly expressed as would be ideal,
  • to reference relevant guidance and explanatory material that had been released by the OAIC since the Code was registered in 2014.

PROPOSED CHANGES

View The Privacy (Market and Social Research) Code 2014 Consultation drafts

Clean copy

Marked copy

 

Proposed changes include:

  • references to the Notifiable Data Breach Scheme, to ensure good practice in mitigation of risk of data breaches and sector awareness of the requirements of this Scheme;

  • clarification as to alternatives available to consumers in raising concerns as to operation of the Code and complaints as to compliance with provisions of the Code;

  • improved coverage of obligations of Code members to ensure compliance with data privacy law in relation to use of cloud services, outsourcing and other data handling practices conducted outside Australia, including relevant foreign laws such as the General Data Protection Regulation of the European Union;

  • removal of references to the AMSRS Code of Professional Behaviour, which is not controlled by the Code Administrator and which therefore could be changed by AMSRS in a manner that conflicts with the findings of this review or the approval requirements of the Code;

  • stronger monitoring, stronger compliance and reporting mechanisms, to heighten sector-wide awareness of issues or concerns which arise in relation to an individual Code member but which have wider sector relevance.

Submissions in relation to the proposed Code revisions are welcome and should be addressed to amsro@amsro.com.au by 17 January 2020.

[1] https://www.oaic.gov.au/privacy/privacy-registers/privacy-codes-register/market-and-social-research-code/

Terms of Reference

The Reviewer

Submissions

AUSTRALIAN MARKET AND SOCIAL RESEARCH ORGANISATIONS AMSRO advertisment - Privacy