This webinar discusses the impact of the GDPR in Australasia. Our speakers outline key considerations for businesses in Australasia, including the extra territorial scope of the GDPR, and mechanisms to ensure compliance, such as geoblocking. Through a discussion of enforcement under the GDPR, and how businesses can manage operations EU, this webinar provides a straightforward guide to the practical implications of the GDPR on Australasian businesses.

KEY TAKEAWAYS

Territorial scope of the GDPR in Australasia

For global organisations, Article 3(2) of the GPDR addressing territorial scope provides a central point of determination as to whether the GDPR will apply. In short, the GDPR will apply if a business is offering goods or services in the EU, or monitoring behavior of data subjects within the EU. For example, our speakers note that this would apply to companies operating an advertising campaign in the EU without the need for a purchase or exchange of goods. In terms of monitoring behaviour, our speakers highlight the importance of ‘geoblocking’ for companies operating on a multinational basis as businesses need to be prepared to treat the personal data of EU citizens in accordance with the GDPR.

Steps to achieving compliance with the GDPR

There are steps Australasian businesses can take to manage compliance with the GDPR. Our speakers note that businesses need to analyse whether they are subject to the GDPR before entering into a GDPR compliance program, as well as ensure they have the technical capability to action compliance. For example, they must be able to fulfil data subject rights, including the right to erasure and access. In addition, our speakers emphasise that businesses need to look at their existing third-party contacts, as the GDPR may also apply to these. Having said this, business may wish to limit the impact of the GDPR, by isolating operations in the EU. Our speakers state that even if an Australasian business is not subject to the GDPR they should still be aware of its requirements when conducting operations in the EU in order to avoid accidental advertising or monitoring.

GDPR enforcement in Australasia

Australasian businesses and organisations should be aware that many European countries have signed a reciprocal enforcement of foreign judgments treaty with Australia. In practice, this means that a judgment made in a European court could be enforced in Australia. Therefore, the GDPR may have financial implications for Australasian businesses. As pointed out by our speakers, while the key concepts of privacy law are similar in both Australiasian and EU legislation, the GDPR has established formal enforcement mechanisms with substantial fines.

HOW ONETRUST DATAGUIDANCE HELPS

OneTrust DataGuidanceTM is the industry’s most in-depth and up-to-date source of privacy and security research, powered by a contributor network of over 500 lawyers, 40 in-house legal researchers, and 14 full time in-house translators. OneTrust DataGuidanceTM offers solutions for your research, planning, benchmarking, and training.

OneTrust DataGuidance offers a GDPR Benchmarking tool, which includes California, Brazil, Thailand, Russia, Japan, and which is currently being expanded to include Australia as well as China. The tool assists organisations to understand and examine core requirements under each law in order to determine their consistency for gap analysis and assessment, and contribute to the development of global compliance programs.

OneTrust DataGuidance solutions are integrated directly into OneTrust products, enabling organisations to leverage OneTrust to drive compliance with hundreds of global privacy and security laws and frameworks. This approach provides the only solution that gives privacy departments the tools they need to efficiently monitor and manage the complex and changing world of privacy management.

Watch the webinar HERE