Skip to content

Could your privacy policy be improved?

Earlier in 2015, the Privacy Commissioner (the figurehead of the Office of the Australian Information Commissioner), not content with a week devoted to privacy awareness, conducted an audit of the Privacy Policies of 21 of the nation’s biggest entities. Our ‘big four’ banks were included, as well as dozens of other businesses like Twitter, LinkedIn and Instagram. This article will look at ways to improve your Privacy Policy.

Australian Privacy Principles

Privacy policies were evaluated against Australian Privacy Principle 1, which requires organisations to have a privacy policy that is clearly expressed and up to date. If you’re interested, the Australian Privacy Principles are contained within schedule 1 of the Privacy Act 1988 (Cth).

Under privacy law in Australia, businesses must include certain information that will allow people to be informed about how their personal information will be handled if they choose to interact with the business. The Commissioner distributed gold stars to a select few for their stellar privacy policies but noted that some organised remained firmly in the sin-bin. Organisations fell down when relevant information took too long to locate, or when they skirted around the issue of how information could be accessed and corrected. Black marks were also given when information on how a privacy complaint could be made or how information was protected was fudged or unclear.

The Commissioner’s findings boil down to ensuring that organisations doing business online have privacy policies that are ‘clearly expressed’. As an objective criterion, being ‘clearly expressed’ is a difficult concept to clearly and objectively define. Our Commissioner does his hardest to try, however, using instruments such as the Flesch-Kincaid Grade Level. Yes, this is a real measure.Using this system provides a result equivalent to the number of years of schooling a reader requires to be able to understand an organisation’s privacy policy.

The result is calculated using the formula below:

Grade Level = 0.39 (total words/total sentences) + 11.8 (total syllables/total words) – 15.59

For an instrument used to measure Plain English, the level of irony of using the formula above probably tops the scale.

Tips from the Commissioner

The Commissioner does have some excellent advice everyone can use to improve their privacy policy:

  • “Think about your audience. Don’t treat the privacy policy as a legal document to manage legal risk. It should be a document that creates trust in your entity and speaks to your customers or clients;
  • Don’t just repeat the words in the Australian Privacy Principles. Make the privacy policy specific to your business or operation;
  • Seek input from all areas of your entity including your public relations department, which may have ideas about innovative formats for better communicating the policy, for example, through video or other mechanisms relevant to the communication channel (paper, telephone, email, online) that you are using;
  • Focus on what is important to the reader. Do not try to cover everything in minute detail;
  • Keep it simple. Use simple language and test readability in content and format against external standards such as the Flesch-Kincaid grade level;
  • Take a layered approach. For example, for online publication provide a condensed (summary version) of key matters in the privacy policy, with a link to the full policy; and
  • Consider having more than one policy. For large or complex entities, consider whether you need to have more than one policy (for different parts of your operation or business, or different functions or activities).”
Continue reading this article below the form
Loading form

Conclusion

In summary, make sure you tailor your privacy policy to your audience, make it as clear as possible to understand and include information on how data is obtained, stored, used and how a complaint can be made. Perhaps hold back from dotting your policy with emojis and the odd ‘YOLO’. Get in touch with LegalVision on 1300 544 755 if you have questions.

Register for our free webinars

ACCC Merger Reforms: Key Takeaways for Executives and Legal Counsel

Online
Understand how the ACCC’s merger reforms impact your legal strategy. Register for our free webinar.
Register Now

Ask an Employment Lawyer: Contracts, Performance and Navigating Dismissals

Online
Ask an employment lawyer your contract, performance and dismissal questions in our free webinar. Register today.
Register Now

Stop Chasing Unpaid Invoices: Payment Terms That Actually Work

Online
Stop chasing late payments with stronger terms and protections. Register for our free webinar.
Register Now

Managing Psychosocial Risks: Employer and Legal Counsel Responsibilities

Online
Protect your business by managing workplace psychosocial risks. Register for our free webinar.
Register Now
See more webinars >
Chloe Sevil

Chloe Sevil

Read all articles by Chloe

About LegalVision

LegalVision is an innovative commercial law firm that provides businesses with affordable, unlimited and ongoing legal assistance through our membership. We operate in Australia, the United Kingdom and New Zealand.

Learn more

We’re an award-winning law firm

  • Award

    2025 Future of Legal Services Innovation Finalist - Legal Innovation Awards

  • Award

    2025 Employer of Choice - Australasian Lawyer

  • Award

    2024 Law Company of the Year Finalist - The Lawyer Awards

  • Award

    2024 Law Firm of the Year Finalist - Modern Law Private Client Awards

  • Award

    2022 Law Firm of the Year - Australasian Law Awards