Skip to content

Acting for You, May 2023

by Catherine Macwell FGIA FCG General Manager, Policy & Advocacy, Governance Institute of Australia  

Update on the consultation into the Government response to the Privacy Act review report

Governance Institute finalised our submission into the Government’s Privacy Act public consultation. This major Report recommended a number of significant changes including: the introduction of more prescriptive privacy rules, greater alignment with EU data protection laws, a specific focus on online services, and the empowerment of regulators to play a more active enforcement role. A number of the proposals will require further consultation before they can proceed into law. Draft legislation will then be required to implement the proposals that are to progress. While the consultation represents a major step towards privacy law reform it is likely to be some time before the reforms are passed.

In our submissions we:


  • Recommended that the Government consult further on any proposal to remove or lower the

$3 million annual turnover exemption, including with the not-for-profit sector.

  • Encouraged all levels of government to coordinate to ensure better harmonisation between

privacy, data breach, cyber security data sovereignty and critical infrastructure regulation.

  • recommend that the Government consider the potential unintended impacts of the introduction of direct action and tort of privacy.
  • Advocated for the provision of clear frameworks setting compliance with various obligations to reduce the burden on training, skills uplift and technology uplift confusion.
  • Recommended a staged approach to further consultation.


We will keep members updated on these important reforms and any consultation.



20232030 Australian cyber security strategy submission

Governance Institute members have both a strong interest and involvement in digital technology and cyber security policy and take the governance and risk management of privacy, data protection and cyber security in all sectors very seriously. Many of our members work as governance and risk professionals in a range of organisations that are part of or connect with the digital economy, from the largest ASX-listed companies responsible for critical infrastructure to small businesses and not-for-profits , who are nonetheless affected by cyber issues. The Department of Home Affairs recently issued a consultation paper on the development of a forward looking national Cyber Security out to 2030. We made a submission in 2019 on the previous National Cyber Security Strategy.


In our submission to the Department of Home Affairs’ we advocated:

  • That All levels of government coordinate to ensure better harmonisation and greater simplicity between cyber security, data breach, data sovereignty, critical infrastructure and privacy regulation.
  • There is a need to develop a well-designed, well-targeted and fit for purpose cyber governance standard supported by guidance suitably tailored for organisations of differing sizes.
  • There is no need for further reform or expansion of the Security of Critical Infrastructure Act at this stage.
  • The Government consult further on any proposal for a stand-alone Cyber Security Act. .
  • For a concerted whole-of-Government approach to cyber security and data governance to secure government systems.
  • The inclusion of evaluation measures, such as regular reports on trends and good practices, as good methods of supporting public transparency and input.

We will keep members updated on this important issue.

Good Governance Guide refresh

We are currently progressing on a wholesale refresh of our catalogue of Good Governance Guides. These guides are among our most popular resources. This is a significant project, and we are working with our Policy Committees to establish relevant working groups to complete the Project.

Governance Institute in Federal Parliament 

The past month has seen Governance Institute increase its advocacy efforts in Federal Parliament, to advocate for the modernising business communications agenda and greater transparency in public appointments. Amongst many other meetings, Governance Institute Policy & Advocacy Adviser Charles Dane met MPs Tracey Roberts (Labor) and Bridget Archer (Liberal), and the Senior Advisor to Independent MP Allegra Spender in pursing our policy agenda.

Charles meeting with Bridget Archer MP


2023–2030 Australian Cyber Security Strategy Submission — 14/04/2023

Media release

More robust governance recommended in RBA report — 21/04/2023


Directors' access to company books: Navigating statutory and common law requirements in Australia

Next article