AADA would like to draw members attention to recent developments regarding the Privacy Act, and risks that Dealers face in the area of cyber security.
Firstly, you may be aware that in December 2022 the Federal Government passed amendments to the Privacy Act to significantly increase penalties for breaches of customer privacy. The changes include fines of up to $50 million for serious or repeated breaches. The penalties apply to any organisation that handles personal information, which can include Dealers.
The Privacy Act and Australian Privacy Principles (APPs) apply to businesses with an annual turnover of more than $3 million. Most small businesses are exempt; however, many Dealers are likely to be captured by this threshold and consequently, must comply with the Privacy Act and mandatory APPs.
In light of these changes, it is more important than ever for Dealers to ensure that they are compliant with the Privacy Act. This means taking steps to protect the personal information of customers and employees, including implementing strong data security measures and obtaining consent before collecting and using personal information.
Secondly, it isn’t just breaches of privacy that Dealers need to be wary of. The Australian Competition and Consumer Commission (ACCC) have released their latest Targeting Scams Report that shows the Australian business community saw a 73 per cent increase in scam losses in 2022, totalling $23.2 million in losses. Australians lost over $3 billion last year to scams and cyber-attacks.
ACCC recommends business stay vigilant and educate themselves and their staff about common types of scams. By taking proactive steps to protect personal information and staying alert to potential scams, businesses can reduce their exposure to legal and financial risks.
In the coming months AADA will be tackling the issue of cyber security from a franchised new car Dealers perspective. We will commission research and develop some practical guidance material that Dealers can use to identify and mitigate cyber security risks.