New European data laws in effect

What’s happened?

You may have received messages from a number of international brands like Google, Twitter and eBay about updates to their privacy policies and how they use your data.

The messages are in response to changes to the European Union’s General Data Protection Regulation (GDPR) that come into effect today, 25 May 2018. The GDPR is a privacy law similar to the Australian Privacy Act 1988.

These changes aim to protect EU citizens from privacy and data breaches, by requiring organisations to be more transparent and to let you know how they use your data.

Does it affect me?

The new regulations apply to all organisations that collect personal data from any person in the European Union. As an example, large organisations like Twitter and eBay have customers all over the world and they will need to comply with the new regulations.

This means that as a customer, you could receive messages about updates to their privacy policies and how they use your data.

Some Australian businesses covered by the Australian Privacy Act 1988 may also need to comply with the GDPR if they offer goods and services in the EU, find out what this means for your business.

How do I stay safe?

There are a few simple things you can do to help keep your information safe:

• Take the time to read the privacy policies of a website, before you hand over your personal details.
• Regularly review the policy as privacy policies can change.
• Only make online purchases from companies that have a clear privacy policy and secure payment pages.

More information

• the GDPR changes
• the impacts for Australian businesses
• how to protect your personal information and privacy
• where to get help if you have been impacted by a cyber incident.

Thank you to the the Attorney General's Department who prepared this information.