The Privacy Commissioner has announced their first-ever compliance sweep, which will involve a targeted review of selected businesses’ privacy policies to ensure they meet strict rules.

The compliance sweep, which will begin in the first week of January 2026, will scrutinise the privacy policies of businesses that collect information in person. For example, account opening by banks, real estate agents asking for phone numbers at open houses, or car rental agencies presenting customers with lengthy forms.

Entities found to have non-compliant privacy policies may face compliance and infringement notices and penalties of up to $66,000.

If you found this article helpful, then subscribe to our news emails to keep up to date and look at our video courses for in-depth training. Use the search box at the top right of this page or the categories list on the right hand side of this page to check for other articles on the same or related matters.

Author: David Jacobson
Principal, Bright Corporate Law
Email:
About David Jacobson
The information contained in this article is not legal advice. It is not to be relied upon as a full statement of the law. You should seek professional advice for your specific needs and circumstances before acting or relying on any of the content.