Following commencement of that scheme, all carriers, carriage service providers and internet service providers will have obligations under the Privacy Act 1988 (Privacy Act). For the larger carriers and service providers, their obligations will not change in terms of compliance with the Privacy Act. However, from commencement, s 187LA of the Telecommunications (Interception and Access) Act 1979 will also require smaller carriers and service providers to comply with the Privacy Act to the extent that their activities relate to information that they are required to collect and retain under the data retention scheme.
Privacy business resource 11 outlines key obligations under the Australian Privacy Principles as contained in Schedule 1 to the Privacy Act. The resource also contains useful links to key privacy resources. The OAIC encourages all carriers and service providers to review the resource and consider how they will comply with their privacy obligations in relation to data collected and retained under the data retention scheme.
