Ad Industry Pushes Back on Proposed Changes to Australia Privacy Law – CPO Magazine

Marketing

The Interactive Advertising Bureau (IAB), Australia’s largest industry association for digital advertisers, has released a statement pushing back on some aspects of proposed changes to the country’s regulations governing targeted advertising and data collection. The Australia privacy law, the Privacy Act 1988, is undergoing a much-needed modernization to account for the modern internet and device landscape.
The Australian government explored changes to the privacy act in a discussion paper that was closed to submissions recently after a long span of government back-and-forth that began in 2020. The advertising industry would like to see regulations kept loose enough to allow “legitimate” data collection, a “tech neutral” posture and rules that are no stronger than the ones at play in the European Union and United Kingdom.
One of the central points the IAB attacked was the concept of “consent fatigue,” or consumers becoming fed up with endless notification banners on every website even if it is meant to protect their personal information. This issue has already reared its head in the EU, but has also become a line among some in the UK government looking to loosen data protection regulations to court more business.
The IAB also called for privacy regulations that do not curtail “legitimate data practices that support the digital economy,” a tech-neutral approach that can be adapted to evolving data practices over time, and rules that do not put the country at a competitive disadvantage. On this last point, it specifically asked that regulations not be any stronger than the comparable terms already in place in the EU and UK; the General Data Protection Regulation (GDPR) and the UK’s very similar GDPR variant.
A central focus of the Australia privacy law review has been to refine the definition of “personal information,” which was set up before the internet was commonly available. When online identifiers and metadata come into play, Australian courts generally refer to a long tangle of case law established since then to try to determine what to do on a situational basis. The government is looking to specifically define metadata and online identifiers as a protected category of personal information.
Another concept of the proposed Australia privacy law that pertains directly to advertising industry fortunes is the establishment of “fair and reasonable” terms for collection and use of personal data. The legislation appears to be centering this on end user expectations of fair and reasonable uses of the data that has been gathered, something that the ad industry is calling for immediate detailed guidance on to avoid some of the similar confusion created in the early days of the GDPR implementation (for example, when user consent takes priority over the “pub test” of reasonable use of gathered information).
The IAB also opposed “pro-privacy” settings by default, called for a limited “right to object” similar to the ones found in the EU and UK GDPRs, wants location information to not be included under the umbrella of protected personal information, and quibbled with the proposed changing of the term “de-identification to “anonymization.”
The IAB attempted to support its case by pointing out that online advertising is big business and a growth market in Australia, worth $11.4 billion in 2021 and projected to grow 5.5% by 2025. It also touted the benefits of “free” ad-supported services to Australians. The IAB does carry some clout in the country, with tech giants such as Amazon and Google throwing in with it as well as the major media companies such as NBCUniversal and CBS Interactive. It remains to be seen how much influence they will have on the direction of the Australia privacy law reform.
Other industry groups have chipped in with their own contributions to the Australia privacy law discussion paper. The Interactive Games and Entertainment Association (IGEA), the primary video games lobby, wanted to see a flexible framework that leaves room for its free-to-play games to continue to thrive as a business model. On the other side of the debate, the Consumer Policy Research Centre (CPRC) applauded the pro-privacy default setting requirements and looked for even more accountability to be placed on companies engaging in personal data collection.
A final report on the Australia privacy law reform is to be published now that all of these discussion comments have been collected, and the government will then choose what reforms to adopt following that. One issue that did not come up in the digital marketing industry’s response is the proposed fines and penalties, which stand to be greatly increased from those that are currently on the books: “serious or repeated” violations could cost companies up to $10 million AUS or 10% of the organization’s annual turnover in the 12 month period leading up to the incident.
 
About
Contact
Our Advertising
Privacy Policy
Cookie Policy
Terms of Use

News, insights and resources for data protection, privacy and cyber security professionals.
About
Contact
Our Advertising
Privacy Policy
Cookie Policy
Terms of Use
Do Not Sell My Data

source

Leave a Reply

Your email address will not be published.