How does the Privacy Act apply to commercial electronic messages and spam?
The Privacy Act only applies to some commercial electronic messages. This will depend on:
- whether the sender is covered by the Privacy Act
- whether personal information is used to send the message.
Remember, In general, businesses and other organisations, including government bodies, must comply with the Spam Act, even if they are not covered by the Privacy Act.
Is the sender covered by the Privacy Act?
The Privacy Act applies to organisations that:
- are based in Australia, and
- have an annual turnover of more than $3 million or
- are private sector health service providers, such as a GP, private hospital or clinic or
- are particular types of smaller businesses specified in the Act (for example, if the business trades in personal information).
To find out more about which organisations are covered by the Privacy Act, go to www.privacy.gov.au/materials/types/infosheets/view/6544.
Is the sender using personal information?
The Privacy Act only applies to 'personal information' - in other words, information that can identify you. Some kinds of information, such as your email address or mobile phone number, will not always be 'personal information'. This will depend on whether the organisation can work out who you are from the information it is holding about you or by linking it to other pieces of information.
Example: What is personal information?
Kristy creates a hotmail account for herself, and chooses a meaningless nickname as her username. She signs up to a fashion retailer's email newsletter, but does not give them any other information about herself. In this case, the fashion retailer has no way of linking the username to Kristy. It is not personal information.
That same username may be personal information if used differently. For example, if Kristy gives it to a company (such as her mobile phone provider), together with her name and address. In this case, the phone provider can connect the username back to Kristy by linking it with her name and address.
The application of the Privacy Act to commercial electronic messages is explained under Are all commercial electronic messages covered by the Spam Act?
- For more information about spam and the Privacy Act, see Information Sheet 26.
- More information about spam is also available from the Australian Communications and Media Authority at www.spam.acma.gov.au, as well as from www.scamwatch.gov.au.