FMA Consulting
-
Balancing Publisher Profit & Privacy: Lessons from Carly Kind & the EU AI Act
As Australia strengthens its privacy and AI oversight, publishers are navigating a delicate balance: monetising content and data, while meeting rising expectations for transparency, accountability, and harm prevention. This challenge is especially acute with the rise of agentic AI—systems capable of curating content, targeting ads, and engaging users autonomously. With Carly Kind, Australia’s first privacy…
-
Preparing for Automated Decisions Regulation in Australia
The grace period is ending. Under Australia’s Privacy Act reform, new rules governing automated decision-making (ADM) will come into full effect from December 2026—a move expected to bring the country in closer alignment with global standards like the EU GDPR and OECD AI principles. The two-year implementation window is designed to give organisations time to…
-
Indo‑Pacific Privacy Convergence: Singapore, Japan & South Korea Lead the Way
As global privacy regimes mature, a quiet but powerful transformation is underway across the Indo-Pacific. Countries like Singapore, Japan, and South Korea are emerging as leaders in data protection innovation—building agile, business-friendly frameworks that protect rights while enabling cross-border digital trade. For Australia, watching these neighbours isn’t just strategic—it’s essential. The trajectory of Asia Pacific…
-
Australia’s Privacy Tort Takes Effect: What You Need to Know
Australia’s Privacy Act amendment 2025 introduces a statutory tort for serious privacy invasions, allowing individuals to sue for unauthorized surveillance and misuse of personal data. This change aligns Australia with the UK and New Zealand, increasing legal risks for organizations. Companies must now prioritize privacy governance to mitigate exposure and build trust.
-
Harder Hits from OAIC: How Harms‑Focused Enforcement Is Changing Privacy Compliance
Australia’s privacy regulator is stepping into a new era—one defined by harm-based enforcement. Recent decisions, including the OAIC’s 2025 finding against Bunnings, have made it clear: compliance is no longer just about ticking boxes. It’s about demonstrably reducing the risks of harm to individuals—and if you don’t, expect to be held publicly accountable. This shift…
-
Agentic AI for Publishers: Breaking Down IAB’s Commercialisation Blueprint
Australia’s digital publishing landscape is undergoing a seismic shift—driven by the rise of agentic AI and strategically guided by the IAB agentic AI guide 2025. Drawing on the IAB State of Data 2025 report and accompanying commercialisation blueprint, this article dissects what agentic AI publishers really means and how publishers can capitalise while managing risks.…
-
Australia’s Privacy Act vs. GDPR, CPRA & APPI — What’s Missing?
Australia’s long-awaited Privacy Act reform is now well underway, with expanded Australian Privacy Principles (APPs), new rights for individuals, and enhanced enforcement powers under the OAIC. But as global regulation continues to accelerate—especially with the EU’s GDPR, California’s CPRA, and Japan’s APPI—it’s clear Australia is still catching up, not leading. For data-driven businesses and publishers…
-
Self‑Governance Spotlight: REA & Simplified Privacy Policies that Build Trust
As privacy laws tighten and consumer expectations rise, Australian businesses are being called to rethink how they communicate data practices. One company leading the charge is REA Group. With a bold shift toward clarity and user trust, REA is setting a new benchmark for privacy transparency in Australia. According to Mi3’s report, the $32 billion…
-
Australia’s Children’s Privacy Code: Key Impacts for Businesses
In a landmark move to protect young people online, Australia is introducing the Children’s Online Privacy Code, bringing sweeping changes to how organisations collect and use children’s data. Aligned with global momentum—such as the UK’s Age Appropriate Design Code—this new framework marks a significant shift in the country’s digital privacy landscape. At its core: stricter…
Adtech Agentic AI AI Concierge AI Governance AI Search APPI Australian Privacy Principles Automated Decision Making Consent Management COPC CPRA data governance GDPR harms-focused lens IAB State of Data 2025 IAB Tech Lab LLM OAIC OAIC Enforcement organizational accountability PDPA PIPA Privacy Act 1988 Privacy Act amendment 2025 Privacy Audit privacy by design privacy invasion privacy maturity & impact awareness Privacy Policies privacy tort Privacy UX Productivity Commission SEO statutory tort for serious invasion of privacy