Understanding the rules: data, privacy and risk

  20-Aug-2019
 

James Frank recently spoke at a Sydney Hills Business lunch on how the Internet has changed the business game. The following article is a summary of his key points.

Rules are good things. They assist us in understanding what we can and cannot do. If you play rugby union, you know that a certain set of rules and expectations apply to your game. Similarly, if you play netball you know that a different set of rules and expectations apply. From rugby, to netball to business, rules govern the way we play and help us understand boundaries.

But what if the game changes. What if you were playing rugby and you were suddenly expected to play by netball rules?

This is what happened to business when the Internet decided to show up. Over the last 10 years the internet has fundamentally changed the way we do business and play the business game.

We can now simultaneously buy Himalayan goats cheese, Scandinavian smoked fish, Kenyan coffee and the first edition of monopoly, while receiving instructions to sue an Australian company from a European manufacturer.

While this new business game is exciting and more accessible than ever, rules still exist, and business owners need to be aware of their rights and obligations while playing this new business game.

So, what are the rules?

There are 3 key rules that must be considered.

Data is King

Data is incredibly valuable and powerful to both the giver and receiver of data. It is crucial to establish policies and procedures to govern how data is collected, assessed, controlled and owned.

Business owners need to ensure that employees have Employment Agreements and a code of conduct which treats your valuable data with the appropriate respect and makes the rules clear for all to understand.

Business owners need to regard data like an oil well. You would not let your employee drive a tanker up to your well and syphon off barrels of oil, so don’t let them take data that isn’t theirs.

Privacy is a Thing

Privacy is an ever-increasing threat to individuals and to business owners who hold valuable data.

Business Owners must understand their obligations to comply with the law, especially when it comes to the Privacy Act 1988. They must also have appropriate policies and procedures in place to ensure key data and privacy is protected, such as employment agreements and communication policies. As well, business owners should understand their international exposure. Even if you are not trading internationally, it is important to understand how different regions have different laws regarding privacy.

Privacy is not just a nice concept. It is a well-trodden, institutionally respected right and so it must be treated appropriately.

Risk is Real

Once we understand how important data and privacy are, it becomes clear that there are real and inherent risks to the business and the directors that need to be understood and mitigated.

The key risks to the business are:

  • Complying with advertising legislation like the Competition and Consumer Act and the Australian Consumer Law
  • Dealing with hackers, crypto lockers, sensitive material thieves and corporate espionage
  • Dealing with breaches of the relevant privacy laws
  • Online reputation damage by a disgruntled employee or client, or damage by association. The Supreme Court of New South Wales recently ruled that an organisation can be legally responsible for defamatory comments made by other people on their business’ own social media posts
  • The ongoing viability and profitability of a business exposed to these risks

The key risks to the directors are:

  • Personal liability for breach of Directors Duties
  • Civil and criminal penalties for breaching the Competition and Consumer Act or Australian Consumer Law
  • Insolvency issues, especially if the business is affected by a downturn or suffers reputational damage due to an online event

Our team at Frank Law can help you understand these new rules by:

  • Advising you of your obligations, so you can focus on what you do best and not worry about complying to legislation
  • Give practical solutions to ensure ongoing compliance and risk management
  • Manage a crisis, such as defamatory comments, consumer law claims or litigation of any kind

The fundamental question all business owners need to ask: “is my business Internet ready?” To help you work this out, we have created a short simple test to check whether your business is Internet ready. Please click here to go to our Internet ready checklist.

As Bill Gates once said, the Internet is becoming the town square for the global village of tomorrow. While the risks are real and ever growing for businesses that are on the Internet, if managed properly the rewards are real and can be lucrative.

If you have further questions, please contact us via the Frank Law website


About the author: James Frank is the Chief Executive Partner of Frank Law. He is the Partner in charge of the Corporate division. His passion for innovation and technology, and his experience in building and scaling starts ups, has pushed Frank Law into being the progressive and relevant law firm it is today.
 

 

Join our Newsletter

Platinum Partners