Australians bear soaring cost of managing online privacy

Joseph Brookes
Senior Reporter

Lax privacy and data laws mean Australians need to spend more than two minutes to adjust privacy settings on individual websites and apps, compared to just three seconds for Europeans, while terms and conditions would take 14 hours to actually read.

The difference is highlighted in new analysis of sites and services like Google, online retailer The Iconic and streaming service Binge by the Consumer Policy Research Centre (CPRC).

It has been released as the Albanese government prepares to overhaul privacy law and while Parliament probes the influence of social media.


“You would need to set aside at least 30 minutes a day, on average, just to manage your privacy settings for the apps and websites that you use within a day,” CPRC deputy chief executive Chandni Gupta said.

Actually reading the privacy policies users must sign up to would take most of their day, Ms Gupta told Parliament’s current inquiry into social media on Wednesday.

“What we found was just the privacy policies of just one day, on average, it would take 14 hours for you to consume all that information.”

The policies are often to complex for users to understand, while some providers only offered a “take it or leave it” notice that by using the site users had agreed to its terms and conditions, the CPRC analysis found.

The barrage of information and lack of genuine consent applies in Australia, while other jurisdictions have forced service providers to implement active consent models and the ability to opt out of sharing their information.

“You can see that businesses are only pivoting [in other jurisdictions] when there’s an absolute obligation for them to do so, as opposed to just doing it out of goodwill. That’s just not going to happen [in Australia] at this stage,” Ms Gupta said.

The advocate told Parliament’s wide-ranging social media inquiry that meaningful progress in online privacy has only gotten going in Europe because of strong data protections, requiring large platforms to have a duty of care for customers and by curbing their use of ‘dark patterns’.

The patterns are deceptive design features that steer users towards certain options that favour the online provider, like agreeing to its terms and conditions and the collection of personal information.

Australia’s privacy regulator this week released the results of a global privacy sweep of more than 1,000 sites and apps, finding almost all of them used dark patterns.

In another key difference with Australia, Europe and US also have unfair business practices laws that are being strengthened and enforced against online businesses, Ms Gupta said.

It leaves Australian users with less protections, she said.

“Basically, we have a situation where Australians are using the same service provided by the same platform, but someone in Copenhagen has more protections and someone sitting in Canberra.”

The Albanese government is expected to unveil legislation next month that could make the biggest changes to Australian privacy law in decades.

It follows multi-year reviews sparked by the consumer and competition watchdogs concerns about digital platforms it laid out in 2019.

The Albanese government has agreed to implement almost all of the recommended changes to privacy law but won’t remove current carve outs for political parties or give consumers an option for a blanket opt out of targeted advertising.

Treasury has also been asked to design a legislative framework for a new digital competition regime tipped to follow Europe’s Digital Markets Act.

Do you know more? Contact James Riley via Email.

Leave a Comment

Related stories