Data Protection & Privacy

Experienced, practical data protection lawyers

Information is a strategic asset of a modern business, yet managing it properly is a major challenge for multi-channelled and multi-regional organisations. As data protection legislation and regulation tightens, you can rely on our full-service team to help you manage the risks associated with privacy and data protection issues.

From the rise of social networking and online storage of consumer information to the mass dissemination of information via WikiLeaks, breaches of privacy are on the rise. There are potentially severe legal, commercial and reputational risks associated with a breach.

At the same time, businesses are also faced with an unprecedented level of privacy compliance enforcement and varying international laws and regulations.

Keeping you on top of data protection issues

Balancing the responsibilities of data protection and privacy with the obligations of disclosure and fair processing is an everyday concern for many of our clients. Making sure you stay on top of compliance risks and avoid negative consequences, with minimum disruption to your business operations, is an integral part of the specialist advice we provide on data protection law.

Because we have invested time in creating practical checklists, we can provide a data protection audit service to assess your level of compliance with the law. We can identify any areas where remedial action should be taken. And we can identify the practical steps that should be taken to improve compliance.

King & Wood Mallesons advises credit providers, government departments and leading commercial organisations on the risks associated with the way information is captured, used and transferred. Specifically, we advise on:

  • Developing privacy compliance programmes
  • Detailed contract and transaction reviews, privacy audits, compliance systems, drafting and negotiating contractual provisions
  • Making submissions to regulators
  • Privacy legislation and codes, responses to complaints of breach of privacy, requests for determinations, privacy statements, consents and policies
  • Obtaining data with and without consent
  • Opt ins and opt outs
  • Transfer of data across jurisdictions
  • Safe harbour and model clauses
  • Data access requests
  • Freedom of Information issues.

Show moreShow less

Our experience in these areas includes advising on compliance issues relating to the credit provider regime for St George Bank, General Electric, AMP Group, Telstra and the Data Advantage Group. Data protection was also part of the advice we provided to Lion Capital – along with advice on disciplinary processes, executive terminations, drafting policies, and restrictive covenants.

Our other experience in data protection law includes advising:

  • Activision Blizzard Advice on online sales and gaming concept (including e-commerce, e-money and payment services regulations, licensing, unfair competition, intellectual property, data protection)
  • A global entertainment corporation in relation to its online platform (e-commerce, terms and conditions, data protection, unfair competition and youth protection)
  • On the privacy aspects of various co-branded credit card arrangements, including Telstra/ANZ and Telstra/ANZ/Qantas and Woolworths Ezy Banking
  • Lion Nathan on sponsorship privacy and confidentiality obligations
  • A leading telecommunications company on privacy and interception matters – including developing privacy protection policies, advising on privacy aspects of products and marketing and conducting privacy training
  • A major financial institution on its business proposals – including providing advice on legal requirements/risks in relation to privacy and data security as well as drafting and negotiating provisions dealing with privacy and confidentiality in securitisation programmes.
"The team are very good at sharing our corporate history with those lawyers who haven’t worked with us before. I don’t need to repeat myself."


Your key contacts


Australia's financial institutions are experiencing more regulatory pressure than ever before. Remain at the forefront of key regulatory issues as we guide and shape the future of financial services.

Discover our latest insights into legal issues affecting your business

This note focuses on consent, and in particular consent requirements as set forth by the GDPR which are numerous.

01 August 2018

Organized into 19 stand-alone law topics, this article presents perspectives and on-the-ground experience from an experienced legal counsel in China.

15 November 2017

Comments on Measures for the Security Assessment of Personal Information and Important Data to be Transmitted Abroad (Draft for Comment).

17 April 2017

Is data or electronic information considered “tangible property” (and therefore insured property)? This poses an important question for insurers and policyholders alike.

27 March 2017

This site uses cookies to enhance your experience and to help us improve the site. Please see our Privacy Policy for further information. If you continue without changing your settings, we will assume that you are happy to receive these cookies. You can change your cookie settings at any time.

For more information on which cookies we use then please refer to our Cookie Policy.