Data is becoming an increasingly valuable commodity.

Many businesses rely on data to drive growth and draw key insights but they do not always invest in ensuring that the data they generate and use meets compliance and regulatory obligations.

At Sainty Law, we can assist your business to become compliant with the complex regulatory landscape governing data while maximising the opportunities created by data in an ethical and commercially minded way. We work with you to understand:

  • the types of data you are using or would like to use;
  • how you would like to use the data;
  • whether the data will be shared and if so, whether there are any cross border considerations; and
  • what measures are in place to protect the data.

As part of this process, we consider the following regulatory and compliance areas:

  • Privacy Law: In Australia this includes the Privacy Act 1988 (Cth) including the Australian Privacy Principles. Depending on the extent of a business’ overseas activities, the EU General Data protection Regulation (GDPR), UK GDPR and California Consumer Privacy Act may also be relevant.
  • Competition Law: The Australian Competition and Consumer Commission, as well as many other international regulators, have flagged that data can lead to market power and in some cases lessen competition.
  • Consumer Law: Australian consumer protection law is becoming alive to the risks of unfair data practices and its effect on consumers. For example, the Consumer Data Right was introduced to gives consumers greater control over their own data, including the ability to securely share data with a trusted third party.

Our goal is to provide you with practical advice at all stages of the data life cycle that you implement in your business.

We have experience across a broad range of sectors and clients, including:

  • domain names;
  • health and data;
  • data contracts and initiatives in the media, including advice on audience analytics activities;
  • employee onboarding platforms;
  • key contracts involving the collection, use and transfer of data; and
  • advising on data breach incidents.