Australia

Australia's federal privacy law establishing the Australian Privacy Principles, which govern the collection, use, disclosure, storage, and cross-border transfer of personal information. It was significantly reformed in 2022 with increased penalties. Applies to Australian government agencies and private organizations with annual turnover over A$3 million.

Governs cybersecurity obligations for critical infrastructure sectors in Australia, including communications, data storage, financial services, and technology. It requires risk management programs, incident reporting, and allows government intervention during cyber emergencies. Applies to owners and operators of critical infrastructure assets in Australia.

Prohibits sending unsolicited commercial electronic messages -- email, SMS, and MMS -- without consent in Australia. Messages must include sender identification and a functional unsubscribe mechanism. Applies to any organization sending commercial messages with an Australian link, whether through the sender, recipient, or infrastructure.