Now that the dust has settled on the federal election, what will happen to privacy reform?
Prior to the election, Australia appeared poised for a significant uplift in privacy regulation. However, the government has now been vocal in promising a productivity-focused second term, and it’s hard to ignore what that usually means: cutting regulation, slashing ’red tape’, and shelving reforms seen as ‘non-essential’.
Treasurer Jim Chalmers has framed the government’s second-term agenda around a singular theme: productivity.
“The best way to think about the difference between our first term and the second term … [is the] first term was primarily inflation without forgetting productivity, the second term will be primarily productivity without forgetting inflation.”
In political circles, anything with a compliance cost rarely makes the productivity cut.But privacy reform should. The OAIC has been crystal clear: our laws need to be uplifted. After the POLA Act passed to introduce the first tranche of the reforms, Commissioner Kind said “The reforms are an important first step. More needs to be done of course, and we appreciate the government’s commitment to further action.” Privacy professionals agree (loudly). And so does the public.
In fact, findings from the OAIC’s 2023 community attitudes to privacy survey show that:
- 84% of Australians want more control over how their personal info is collected and used.
- 82% think political parties should be bound (probably even higher after this election’s unsolicited texts and fake unsubscribe links).
- 77% want small businesses covered.
- A massive 93% support a right to erasure.
So, there is overwhelming public support for enhanced privacy laws. But will that count for anything in this new area which focuses on productivity as the key goal? Undoubtedly, loud voices in the business sector may seek to persuade the government that delivering on its promise to strengthen Australia’s privacy laws will be anti-productivity. My view? That would be a mistake. Stronger privacy laws can drive productivity. Here’s how:
Better data governance means better decisions
Privacy compliance forces organisations to map, manage and classify their data. That’s not red tape, that’s the foundation for accurate analytics, AI-readiness, and strategic decision-making.
Less time spent fixing messes, more time building value
Stronger privacy practices reduce the risk of costly breaches, regulatory blowback, and reputation damage. Prevention is cheaper (and faster) than response and remediation.
Trust accelerates business
Consumers and partners are more likely to engage, share data, and adopt new digital services when they trust that their information is handled responsibly. Privacy becomes a competitive differentiator, not a barrier.
Privacy uplift enables AI – responsibly
Quality, well-governed data is the lifeblood of effective AI. Privacy reform pushes organisations to clean up legacy practices, ensuring data is fit for safe, scalable AI use, without surprises down the line.
Reduces shadow IT and data chaos
Clear privacy and security rules lead to more consistent internal controls, reducing duplication, data silos, and time-wasting workarounds across businesses.
And importantly, ignoring the human cost makes the productivity argument incomplete
Poor privacy practices don’t just create business risk, they cause real harm, including financial loss, identity theft, emotional distress, and lasting reputational damage. Privacy is fundamental to dignity, autonomy, and safety. Any cost–benefit analysis that overlooks these impacts is deeply flawed, and ultimately unsustainable in a digital society.
The challenge with many of the benefits outlined above is that they are difficult to quantify in a simple, universally-accepted dollar figure. While it might seem straightforward to estimate the cost of compliance activities for business (for example, system upgrades, documentation, staff training), it is far more complex to assign a precise economic value to improved data governance, increased consumer trust, or avoided breaches. Yet these are the very things that drive long-term national competitiveness, resilience, and innovation.
Still, there is no doubt that poorly designed regulation can impose unnecessary friction. Ambiguity, uncertainty, and lack of implementation support can all create inefficiencies and negatively impact productivity.
The solution is not to shelve reform – it is to deliver better regulation:
- Clearer legal standards;
- Proportionate obligations; and
- Stronger guidance and engagement from regulators.
Well-designed regulation creates certainty, improves planning, reduces litigation risk, and establishes trust. All of this is essential to a high-functioning digital economy.
We do not need to choose between productivity and strong privacy laws. The two are not in opposition. When designed and implemented well, privacy frameworks are productivity-enabling infrastructure for a modern, resilient and high-trust digital economy.
