New guidelines aim to address privacy violations
The Office of the Australian Information Commissioner (OAIC) has released new guidelines to help private sector organisations meet privacy obligations when using third-party tracking pixels on their websites. The guidance, prompted by industry demand and growing public interest, clarifies the application of the Australian Privacy Act to tracking technologies widely used across websites, social media, and other digital platforms.
Tracking pixels are snippets of code provided by third-party companies, often social media or advertising platforms, which are embedded into websites to gather data on user behaviour. These pixels allow for detailed tracking and profiling, providing valuable insights for businesses aiming to optimise advertising, assess customer engagement, and measure return on investment. However, Australian Privacy Commissioner Carly Kind cautioned that such technologies are often invasive and pose significant privacy risks.
“Many of these tracking tools are harmful, invasive, and corrosive of online privacy,” Kind stated, referencing the Australian Community Attitudes to Privacy Survey 2023.
According to the survey, 69% of adults do not support the use of their personal information for online tracking and targeted advertising, a figure that jumps to 89% when the content targets children.
In its guidance, the OAIC stresses that organisations using third-party tracking pixels bear responsibility for ensuring their use complies with privacy laws. This includes understanding the pixel’s functionality, evaluating privacy risks, and actively implementing protective measures. The guidance discourages a “set and forget” approach to pixel implementation, emphasising that due diligence is essential to avoid privacy violations and associated legal repercussions.
A news release highlighted the OAIC’s guidance on tracking pixels aligns with its broader push to provide organisations with comprehensive resources on privacy compliance, including recent publications on generative AI. According to the OAIC, this expanded guidance aims to support businesses in fostering community trust while adhering to evolving privacy standards.