About Us

We work collaboratively with our clients to build strong, sustainable relationships. Our team is committed to delivering consistent high standards of service, and we understand the importance of accessibility. Working with us, you'll enjoy open communication, meaning well scoped, properly resourced and effectively managed matters.

Learn More

Latest Case

Providing strategic advice on expansion structures November 16, 2018

Founded in Bondi Beach in 2012, Bailey Nelson has rapidly grown into a global eyewear retailer and service provider with boutiques in Australia, London, Canada and New Zealand. The strong demand for their products and … Continued

Latest News

Maddocks appoints leading energy and resources partner November 19, 2019

Tuesday 19 November 2019 Maddocks has appointed one of Australia’s leading energy and resources lawyers. Peter Limbers will be joining Maddocks as a partner in Sydney in early 2020. Peter is widely recognised as one … Continued

Latest Article

Is your franchise network now liable to pay payroll tax? December 6, 2019

If, as part of your franchise network, you are a franchisor that performs the administrative function of collecting fees directly from customers that are mutual to you and your franchisees and you remit the balance … Continued

ACCC v Google – what you need to know now

It’s all over the news. The ACCC has instituted proceedings (Google Proceedings) in the Federal Court against Google LLC and Google Australia Pty Ltd (together, Google), alleging the tech giant engaged in misleading conduct and made false or misleading representations to consumers about the personal location data Google collects, keeps and uses.

The ACCC claims that from at least January 2017, Google breached the Australian Consumer Law when it made on-screen representations on Android mobile phones and tablets that the ACCC alleges misled consumers about the location data Google collected or used when certain Google Account settings were enabled or disabled.

‘We are taking court action against Google because we allege that as a result of these on-screen representations Google has collected, kept and used highly sensitive and valuable personal information about consumers’ location without them making an informed choice,’ ACCC chair Rod Sims said.

The Google Proceedings come hot on the heels of the ACCC’s case against HealthEngine (HealthEngine Proceeding). In the HealthEngine Proceeding, the ACCC is alleging that HealthEngine, which runs a medical appointment booking app, misled consumers by collecting personal information for the purpose of providing the medical appointment service but also passing on that personal information to private health insurance brokers for a fee without adequately disclosing to consumers it would do so. In a press release issued by the ACCC, Mr Sims said, ‘..patients were misled into thinking their information would stay with HealthEngine but, instead, their information was sold off to insurance brokers.’

The ACCC is sending a crystal clear message to the market: don’t mislead consumers about the way in which you use their personal data. In privacy terms, this is known as ‘functional creep’, collecting personal information for one purpose and using it for another entirely different purpose (and not being open and transparent about that).

The ACCC has come out swinging when it comes to privacy related matters in a way the Office of the Australian Information Commissioner (OAIC) has not been able to do in regulating the Privacy Act (likely due to a number of factors, including resourcing).

In our view, the ACCC’s Google Proceedings and HealthEngine Proceedings, together with the ACCC’s 600+ page Digital Platform Inquiry, signal a new era of consumer-focused privacy reform in Australia where compliance with the Privacy Act is not going to be the end of the story when it comes to the collection and use of personal information.

In order for organisations to stay on the right side of the law and not mislead individuals about their personal information it is clear that organisations must:

  • Take a ‘privacy by design’ approach and think about privacy at the start of a project. This is best done by conducting a privacy impact assessment which can assess the use of data and put in place adequate controls;
  • Be open and transparent with individuals and consumers about how their personal information is being used – relying on bundled consent in privacy policies and collection statements for a secondary use and disclosure is increasingly becoming pretty risky given the ACCC’s actions;
  • Don’t be creepy! To avoid misleading consumers about the way in which you use and disclose their personal information – be mindful of functional creep. Consider the reason why the consumer gave you their personal information in the first place and whether you are using their personal information for that purpose (again, conducting a Privacy Impact Assessment for new projects is crucial).

For more information, contact Brendan Coady, Rob Gregory or Sonia Sharma, or any other member of Maddocks Technology Sector team.

Authors:
Sonia Sharma | Special Counsel
61 2 9291 6143
Sonia.Sharma@maddocks.com.au
Harriet Royle | Associate
61 2 9291 6213
Harriet.Royle@maddocks.com.au

It’s all over the news. The ACCC has instituted proceedings (Google Proceedings) in the Federal Court against Google LLC and Google Australia Pty Ltd (together, Google), alleging the tech giant engaged in misleading conduct and made false or misleading representations to consumers about the personal location data Google collects, keeps and uses.

The ACCC claims that from at least January 2017, Google breached the Australian Consumer Law when it made on-screen representations on Android mobile phones and tablets that the ACCC alleges misled consumers about the location data Google collected or used when certain Google Account settings were enabled or disabled.

‘We are taking court action against Google because we allege that as a result of these on-screen representations Google has collected, kept and used highly sensitive and valuable personal information about consumers’ location without them making an informed choice,’ ACCC chair Rod Sims said.

The Google Proceedings come hot on the heels of the ACCC’s case against HealthEngine (HealthEngine Proceeding). In the HealthEngine Proceeding, the ACCC is alleging that HealthEngine, which runs a medical appointment booking app, misled consumers by collecting personal information for the purpose of providing the medical appointment service but also passing on that personal information to private health insurance brokers for a fee without adequately disclosing to consumers it would do so. In a press release issued by the ACCC, Mr Sims said, ‘..patients were misled into thinking their information would stay with HealthEngine but, instead, their information was sold off to insurance brokers.’

The ACCC is sending a crystal clear message to the market: don’t mislead consumers about the way in which you use their personal data. In privacy terms, this is known as ‘functional creep’, collecting personal information for one purpose and using it for another entirely different purpose (and not being open and transparent about that).

The ACCC has come out swinging when it comes to privacy related matters in a way the Office of the Australian Information Commissioner (OAIC) has not been able to do in regulating the Privacy Act (likely due to a number of factors, including resourcing).

In our view, the ACCC’s Google Proceedings and HealthEngine Proceedings, together with the ACCC’s 600+ page Digital Platform Inquiry, signal a new era of consumer-focused privacy reform in Australia where compliance with the Privacy Act is not going to be the end of the story when it comes to the collection and use of personal information.

In order for organisations to stay on the right side of the law and not mislead individuals about their personal information it is clear that organisations must:

  • Take a ‘privacy by design’ approach and think about privacy at the start of a project. This is best done by conducting a privacy impact assessment which can assess the use of data and put in place adequate controls;
  • Be open and transparent with individuals and consumers about how their personal information is being used – relying on bundled consent in privacy policies and collection statements for a secondary use and disclosure is increasingly becoming pretty risky given the ACCC’s actions;
  • Don’t be creepy! To avoid misleading consumers about the way in which you use and disclose their personal information – be mindful of functional creep. Consider the reason why the consumer gave you their personal information in the first place and whether you are using their personal information for that purpose (again, conducting a Privacy Impact Assessment for new projects is crucial).

For more information, contact Brendan Coady, Rob Gregory or Sonia Sharma, or any other member of Maddocks Technology Sector team.

Authors:
Sonia Sharma | Special Counsel
61 2 9291 6143
Sonia.Sharma@maddocks.com.au
Harriet Royle | Associate
61 2 9291 6213
Harriet.Royle@maddocks.com.au