What is the current Privacy Act in Australia?

The Privacy Act 1988 is the primary legislation governing privacy and data protection in Australia. It came into force in 1989 and was one of the world’s first data protection regulations. There have been many significant updates to the Privacy Act in Australia since then.

The Privacy Act sets out 13 “Australian Privacy Principles” (APPs) that regulate the processing of personal information of “APP entities” that include government agencies and most private sector organizations. 

In response to a series of data breaches, the Privacy Act underwent amendments in December 2022. These changes increased the penalties outlined in the Act and broadened the enforcement capabilities of the Office of the Australian Information Commissioner (OAIC).