Privacy law education and awareness crucial for SMEs: COSBOA
The SME advocate has welcomed the government’s move to not rush new onerous privacy obligations for small businesses in the first tranche of laws, but has requested more transparency.
Australian small businesses are already under an extensive amount of pressure and red tape without the new imposed obligations, according to the Council of Small Business Organisations Australia (COSBOA).
COSBOA has called for the government to be more transparent with SMEs and to provide adequate educational tools and awareness programs to aid in privacy development.
SMEs and microbusinesses with less than $3 million annual turnover are already nuanced compared to the expectations of large multinational companies with the current exemption in the Privacy Act.
COSBOA CEO Luke Achterstraat said small businesses are already actively processing data with appropriate care and concern.
“The rapid introduction of complex and expanding obligations would have undermined the viability of small businesses already facing a laundry list of more red tape and regulation,” he said.
According to COSBOA, removing the Privacy Act exemption would also impact 1.1 million sole traders who are self-reliant and do not have internal compliance or legal teams.
The costs would have been significant during a time when many SMEs are already on the “brink of collapse”.
A survey conducted by the organisation revealed more than half of small businesses expect the operating conditions to get worse over the next 12 months.
“There is never a good time to hoist higher costs onto small businesses, but to do so in this environment would be reckless,” Achterstraat said.
Achterstraat said COSBOA has welcomed the commission of a dedicated cost-benefit modelling report, but said more transparency is required.
“The failure of government to release its own taxpayer-funded modelling is disappointing, especially considering the time and effort spent by small business in the process,” he said.
“Small business impact statements must be mandatory and the unique small business experience must be rigorously considered at the Cabinet table.”
The government made the right decision in deciding against enforcing new obligations on SMEs, Achterstraat said.
“Ultimately the right decision has been made here however we look forward to working with government on training and awareness programs that provide practical support to small business,” he said.
“With the right tools, resources and guidance the small business sector can continue to develop its privacy and cyber resilience.”