Privacy legislation in other jurisdictions

All states and territories, except South Australia and Western Australia, have enacted specific information privacy legislation that regulates how certain public and private sector organisations collect, handle and store personal information about individuals. (The Western Australian Government is currently considering whole-of-government privacy and responsible information sharing legislation.) Some jurisdictions, including Victoria and those without a general privacy statute protecting personal information, give health information specific or additional legislative protection.

Victoria, the Australian Capital Territory and Queensland have human rights legislation that recognises the broader right to privacy under the UNICCPR and requires public sector organisations to act in a way that is compatible with privacy and other human rights.

For Australian organisations that sell to overseas markets, it is common to find commitments in the website privacy policies about compliance with the General Data Protection Regulation (GDPR) or other overseas privacy laws. However, although some overseas privacy laws, like the GDPR, can impose some obligations on Australian companies, they do not generally give enforceable privacy protection for people in Australia. Instead, people in Australia should look to local laws to enforce their privacy rights.