Urgent call to reform Privacy Act: CHOICE

Consumer advocacy group CHOICE is marking Data Protection Day with results from a new survey, which has found Australians must typically consent to an average of 116 privacy policies at any one time, amounting to a hefty 467,000 words.

“It’s completely unacceptable that Australians have to read through 467,000 words of privacy policies if they want to be able to fully understand how companies are using their personal data,” said CHOICE consumer data advocate Kate Bower.

“No one has the time to sift through 467,000 words of complicated legalese contained in privacy policies. In fact, CHOICE calculated that it would take over 31 hours to read through the average 116 privacy policies Australians are asked to read and consent to. That’s almost a full-time working week, which is essentially impossible,” Bower said.

“Our research shows that notice and consent alone won’t protect Australians from data misuse. Instead of expecting every consumer to read about the detailed ways in which their data could be used by businesses, we should have clear rules to stop businesses using data in ways that harm consumers.”

CHOICE says it’s no surprise the survey also found that over half of the respondents have read none of the privacy policies in full from their smart devices, smartphone apps, websites they visited, subscriptions and loyalty programs.

The group is calling for urgent reform to the Privacy Act, with a move away from the current notice and consent model to one that requires businesses to act responsibly and ethically in the first place.

“Australians should not be put in a position where they have to choose between accessing a product or service, and giving over their data to a business to use indefinitely in ways that could cause them harm,” Bower said.

“We want to see businesses putting Australians first by only collecting data that is needed to provide the service or product they’re offering and making sure that they use data in ways that help consumers, not hurt them. We know this can be achieved by reforming the Privacy Act so that businesses are legally required to use customer data responsibly and fairly.

“The introduction of standardised privacy policies, written in simple and easily understood language, would also be a good step in the right direction. However, we know that there is a lot more that needs to be done to ensure that the personal data of the Australian community is protected and used responsibly by companies. We need better regulation of businesses, stronger monitoring by regulators and tougher penalties for bad behaviour.”

Image credit: ©stock.adobe.com/au/Sashkin