OAIC Releases Privacy Foundations Self-Assessment Tool

In today’s digital world, protecting personal information is not just a legal obligation but a cornerstone of consumer trust. The Office of the Australian Information Commissioner (OAIC) released a Privacy Foundations Self-Assessment Tool to help businesses evaluate and enhance their privacy practices. Good privacy practices build trust, reduce risks, and ensure compliance with regulations like the Privacy Act …

APRA’s Prudential Standard CPS 230 is now in force – what it means for your business?

As of 1 July 2025, APRA’s Prudential Standard CPS 230: Operational Risk Management is in effect. This standard introduces a comprehensive and unified framework for managing operational risk, business continuity and service provider arrangements across all APRA-regulated entities. At Arnotts Technology Lawyers, we’ve been advising clients since the consultation phase. Now that CPS 230 is in force, we’re helping organisations implement …

Will the Scams Prevention Framework Succeed?

Australians are losing over $2.74 billion annually to digital scams, prompting the federal government to introduce tougher laws. However, there has been criticism as to whether these changes will force big corporations to take real responsibility. From fake “Telstra” texts to fraudulent “ATO” calls, scams have become a daily menace. Despite 600,000 scams reported yearly, few perpetrators are …

Mandatory Ransomware Payment Reporting Now Active in Australia

From 30 May 2025, Australian businesses meeting specific turnover thresholds must report ransomware or cyber extortion payments within 72 hours under the Cyber Security Act 2024. This new regime aims to enhance national cybersecurity by tracking cybercriminal activity and improving threat response strategies. Who Must Report? Businesses with an annual turnover of $3 million or more in the last financial year …

Australian Signal Directorate Releases Best Practices to Secure AI systems

Artificial intelligence (AI) and machine learning systems rely heavily on high-quality, secure data to function accurately. However, without proper safeguards, these systems are vulnerable to data breaches, manipulation, and corruption. A recent Cybersecurity Information Sheet (CSI) co-authored by the National Security Agency (NSA), CISA, FBI, and international cybersecurity agencies outlines critical best practices for securing AI data throughout its …

NSW to Introduce New Laws for Identity Security

The New South Wales government has introduced new legislation to strengthen protections for residents at risk of identity fraud. The Identity Protection and Recovery Bill, announced by the Minister for Customer Service and Digital Government, establishes critical measures to combat the misuse of stolen or compromised identity documents. Under the bill, a new fraud check …

Australia and India Negotiate Bilateral Cybercrime Treaty to Counter Rising Threats

Australia and India are advancing discussions on a landmark bilateral treaty aimed at strengthening cybersecurity cooperation, as both nations grapple with escalating cyber threats. The proposed agreement would facilitate real-time data sharing and faster responses to cross-border cyberattacks, addressing gaps in existing legal frameworks. Brendan Dowling, Australia’s Ambassador for Cyber Affairs and Critical Technologies, confirmed …

2025 AI Deployment and Governance Survey Report

The rapid adoption of artificial intelligence (AI) across industries has created significant opportunities for efficiency, innovation, and competitive advantage. However, as highlighted in the 2025 AI Deployment and Governance Survey, organisations must implement strong governance frameworks to mitigate risks and ensure ethical, compliant, and effective AI use. Key Challenges in AI Deployment The survey emphasises …

Protecting Consumer Privacy in a Data-Driven Industry

The retail sector is increasingly reliant on customer data to personalise services, improve marketing, and enhance sales. However, as highlighted by the Office of the Australian Information Commissioner (OAIC), this trend comes with significant privacy risks. Retailers collect vast amounts of personal information from purchase histories to payment details, making them prime targets for cyber …

Federal Court Releases AI Transparency Statement

The Federal Court of Australia has released a clear and measured statement on the use of artificial intelligence (AI) in court processes, reflecting both the potential benefits and risks of emerging technologies. While AI tools like chatbots and text generators can enhance efficiency, the Court emphasises that their use must align with legal and ethical …