Australia: Telecommunications, Media And Technology (TMT) Law Update – Volume 26

Last Updated: 3 April 2019
Article by Gordon Hughes and Andrew Sutherland

Key recent developments in the area of Technology, Media and Telecommunications are summarised below.


Ruling on how to calculate IT employee's commission
On 31 January 2019, the Supreme Court of New South Wales upheld an appeal by a software sales and services company against the method by which a magistrate had calculated an employee's entitlement to commission: Dialog Pty Ltd v Sklar [2019] NSWSC 15. The decision serves as a reminder that parties to an employment contract should ensure there is no ambiguity as to the manner in which sales commission is to be calculated. The dispute centred on whether, when calculating the employee's entitlement to commission on the "gross margin" of revenue which he generated for the company, his base salary and the cost incurred by the employer in providing technical services to clients should be deducted. The employment agreement provided no elaboration on what was intended by "gross margin". Fagan J determined the meaning of the expression in the context of a business by reference to the Oxford Dictionary, being the "difference between the sales revenue of a business and the costs of sales". As the employee's base salary and superannuation, along with the service costs of the company's technical staff and software engineers, were "specifically and directly a cost of generating the revenue", they were therefore to be deducted from the revenue generated by the employee's sales prior to the calculation of commission.

Penalty imposed on Optus for misleading billing information
On 6 February 2019, the Federal Court ordered Optus Mobile Pty Ltd to pay a $10 million penalty to the Commonwealth for making false and misleading representations about an Optus billing service: Australian Competition and Consumer Commission v Optus Mobile Pty Ltd [2019] FCA 106. The Optus billing service enabled Optus customers to purchase digital content from third parties and the associated charges would be billed to them via their Optus accounts. Over a long period of time, a significant number of customers unintentionally purchased digital content through the service and were billed by Optus without their consent. This was due to a range of factors, including Optus failing to implement adequate safeguards against unintentional purchases (customers were not required to verify their identity and/or the details of a purchase in all cases) and by Optus failing to adequately inform customers they had been automatically opted into the relevant service. By applying the associated charges to customer accounts, Optus admitted it made false and misleading representations to customers that they had agreed to acquire the service when that was not the case. Optus admitted it had contravened prohibitions against false and misleading representations in relation to a financial service under the Australian Securities and Investment Commission Act 2001 (Cth). In deciding whether to make the orders sought by the parties, the Court considered whether the amount of the penalty Optus had agreed to pay was appropriate in light of the relevant considerations, including the need for specific and general deterrence and the public interest in parties resolving matters with regulators. The Court considered that Optus was liable for a substantial penalty and ultimately decided $10 million was an appropriate amount. The Court took into account several matters, including that a portion of Optus' revenue earned through the billing service would have been earned from customers who had in fact agreed to be charged for relevant content (ie, not all customers charged were non-consenting), Optus has already paid around $8 million in refunds and Optus had begun to implement a customer refund program.

No privacy breach by government in its use of prisoner information
On 6 February 2019, the Victorian Civil and Administrative Tribunal (VCAT) dismissed a complaint that a State government department had misused sensitive information relating to a prison inmate: SET v Department of Health and Human Services [2019] VCAT 113. The complainant was concerned that personal information relating to his criminal history, contained in a report prepared by the Department for a conciliation conference relating to the placement of his grandchildren, had been provided to his son. He asserted that this contravened Information Privacy Principle 2.1(a) which limits the disclosure of personal information to the primary purpose of collection and, in the case of sensitive information, secondary purposes directly related to the primary purpose. The Tribunal concluded that the disclosure was in fact confined to the primary purpose of collection, namely, the welfare of the children. The Department's investigative role included reporting any welfare concerns to the Children's Court, and it was obliged to provide a copy of its report to the father of the children in accordance with Guidelines issued by the Court. The question of whether the disclosure amounted to use of the information for a secondary purpose accordingly did not arise.

Software copyright decision by Federal Circuit Court overturned
On 26 February 2019, the Federal Court of Australia remitted a software copyright infringement decision for rehearing by the Federal Circuit Court after finding that the primary judge's rulings were unsupported by sufficient evidence: CPL Notting Hill Pty Ltd v Microsoft Corporation (No 2) [2019] FCA 223. The matter concerned the award of $2.5m damages by the primary judge who found that the appellants had, amongst other things, reproduced certain unlicensed Microsoft software when selling computers with pre-installed Microsoft programs. O'Callaghan J determined that the primary judge had made findings of fact which were not open to the court. It followed that an award of damages by the primary judge under section 115(2) of the Copyright Act for infringement of copyright was not an available remedy, nor was the award of additional damages under section 115(4). In the latter regard, his honour observed that the discretion of the court to award "additional" damages meant damages which were "additional to damages assessed and awarded under section 115(2)" and hence, if no damages could be awarded under section 115(2), section 115(4) could not be enlivened. Noting that the primary judgement had been delivered ex tempore, his honour commented that whilst there were some occasions when the delivery of ex tempore reasons may be necessary or desirable, "this was not one of them".


Bill seeks to curb exemptions for unwanted direct marketing activity
On 13 February 2019, legislation was tabled the Senate by Senator Stirling Griff of the Centre Alliance Party which sought to address mounting customer complaints about two existing exemptions from direct marketing communications – unwanted calls from politicians and charities, Under the Spam Act 2003, unsolicited commercial electronic messages (that is, emails and text messages) are prohibited unless categorised as a "designated electronic message" under Schedule 1, and this category includes communications from a "registered political party". Under the Do Not Call Register Act 2006, an exemption applies to telemarketing calls made by registered charities to numbers listed on the Do Not Call Register. Under the Telecommunications Legislation Amendment (Unsolicited Communications) Bill 2019, all electronic messages containing electoral matter, as defined in section 4AA of the Electoral Act 1918, would be required to contain a functional unsubscribe facility, whilst consumers would be given the ability to specifically "opt out" of telemarketing calls from registered charities by specifying that their number is not a "charity-contactable number".

Legislation tabled to introduce Consumer Data Right
On 13 February 2019, the Treasury Laws Amendment (Consumer Data Right) Bill 2019 was tabled in the House of Representatives. As previously reported, the CDR will give both individual and business consumers expanded rights of access to data held about them by businesses. It will also give such consumers access to data about products and enable them to share such data with accredited third party recipients. The CDR is a mechanism for enabling individual and business consumers to access information about themselves and about their service providers' products, and to direct their existing service provider to share that information with other service providers. It is proposed that initially the CDR will be confined to the banking sector, with telecommunications providers and energy companies to follow. The CDR enables consumers to access a broader range of information than is currently provided for by Australian Privacy Principle (APP) 12 in the Privacy Act 1988 (Cth). While APP 12 allows individuals to access "personal information" about themselves, the CDR applies to data that relates to businesses as well as individuals and provides access to information about a service provider's products as well. As the CDR embraces competition and consumer matters, the new scheme would be regulated jointly by the Australian Competition and Consumer Commission and the Office of the Australian Information Commissioner. The Bill was referred to the Economics Legislations Committee for report by 18 March 2019.

Queensland criminalises "revenge porn"
On 21 February 2019, the Criminal Code (Non-consensual Sharing of Intimate Images) Amendment Act 2019 came into effect in Queensland, amending the Criminal Code by introducing a range of new offences relating to what is loosely described as "revenge porn". A new section 223 establishes a misdemeanour of "distributing intimate images" which attracts a maximum penalty of 3 years' imprisonment, whilst penalties are increased by sections 227A and 227B for the existing offences of relating to "observations or recordings in breach of privacy", and the distribution of "prohibited visual recordings". A new section 229A penalises threats to distribute intimate images or prohibited visual recordings. The term "intimate image' is defined in section 207A, and extends to photoshopped images and section 223(2) expressly provides that a person under the age of 16 years is incapable of providing consent for the distribution of intimate images.


Treasury Issues Paper seeks feedback on "Initial Coin Offerings"
In January 2019, the Treasury released its Initial Coin Offerings Issues Paper. The paper emphasised the Australian government's aspiration of becoming a global leader in financial innovation, including with respect to the regulatory aspects of an Initial Coin Offering (ICO). Although ICOs have some parallels with Initial Public Offerings, venture capital and crowdfunding, the ways in which they are structured can be quite distinct from existing forms of capital raising. These distinctions are seen to be testing regulatory frameworks around the world. The Issues Paper sought the views of interested parties on the opportunities and risks posed by ICOs for Australia; whether Australia's regulatory framework is well placed to allow those opportunities to be harnessed whilst appropriately managing the associated risks; and, whether there are other actions that could be taken to best position Australia to capitalise on new opportunities. Specifically, the Issues Paper posed questions relating to the categorisation of ICO tokens, the drivers of the ICO market (including distributed ledger technology, investor speculation and the growth of digital token exchanges), and the opportunities and risks for industry, consumers, investors, and the economy at large. Responses to the Issues Paper were sought by 28 February 2019.

Consultation paper on "Software as a Medical Device"
The Therapeutic Goods Administration (TGA) recently issued a consultation paper outlining proposed regulatory reforms to software used as a medical device which is not associated with a physical device. Software of this kind is known as "Software as a Medical Device" or "SaMD". SaMD operates on general computing platforms (including mobile devices) and is used for a purpose which is consistent with the definition of a "medical device" in the Therapeutic Goods Act 1989 (Cth). A SaMD product may be used, for example, to analyse medical images and provide information to assist a clinician diagnose and treat a patient. SaMD may be contrasted with medical device software which is embedded into and/or which controls a physical medical device. The proposed reforms seek to address several regulatory problems, including the ability of individuals to currently acquire SaMD products from overseas suppliers which are not included in the Australian Register of Therapeutic Goods (ARTG) and which do not therefore have a local sponsor with responsibility for the product. The TGA proposes a new classification system for SaMD products based on their associated risk of harming patients, excluding SaMD products from the personal importation exemption provisions (which would require all SaMD to be included on the ARTG and have a local sponsor), and clarifying the relevant regulatory requirements for demonstrating the safety and performance of SaMD products. We have reported in more detail on the TGA's proposed reforms here. The consultation period is due to end on 31 March 2019.

Queensland Information Commissioner assesses the adequacy of privacy training for government employees
On 12 February 2019, the Office of the Information Commissioner in Queensland issued a report under section 135 of the Information Privacy Act 2009 (Qld) on the adequacy of privacy training by three Queensland government agencies – the Department of Communities, Disability Services and Seniors, TAFE Queensland and the Public Trustee: Awareness of Privacy Obligations: How three Queensland Government Agencies Educate and Train their Employees about their Privacy Obligations. The Commissioner concluded that the effectiveness of training varied amongst the agencies concerned, reflecting different training content, different requirements for completing the training and different processes for ensuring that employees completed the training. The content of training I formation was accurate in the case of each agency, but did not necessarily include all relevant elements. Furthermore, whilst the agencies ran various internal awareness campaigns, their ultimate utility was questionable in the absence of mandatory, periodic refresher training. The Commissioner's findings contain a relevant message not only for Australian governments but also for the private sector in relation to the need for appropriate and effective privacy awareness training.

ACCC releases discussion paper on extension of Consumer Data Right to the energy sector
On 25 February 2019, the Australian Competition and Consumer Commission (ACCC) issued a discussion paper as part of the consultation process on how best to apply the new Consumer Data Right (CDR) to the energy sector: Consumer Data Right in Energy: Consultation paper – Data Access Models for Data Energy. As we have previously reported, and as mentioned also in this Update, the CDR data portability scheme will be phased into the banking sector over a period of two years from 1 July 2019, to be followed by a CDR applicable to the energy and telecommunications sectors. The ACCC is now seeking comments on three proposed models for consumers to access their data in the energy market, noting that one complication unique to the energy sector is that energy data relating to an individual may be held by a number of organisations and it may not be possible for a single entity to provide sufficient data alone. "Model 1" proposed by the ACCC contemplates a centralised model under which the Australian Energy Market Operator (AEMO) would be the sole holder of a centralised data set, to be shared by AEMO with accredited data recipients via Application Programming Interfaces. Model 2 contemplates AEMO performing a gateway function, acting as a pipeline for the provision of CDR data from data holders which may include retailers and potentially also distributors, to accredited data recipients. Model 3 is described as "the economy-wide CDR model", involving existing data holders (e.g. retailers) being responsible for providing CDR data directly to accredited data recipients and/or consumers (this is in effect the model used for the banking sector). Submissions on the options were due to close on 22 March 2019.

Treasury releases Privacy Impact Assessment on proposed Consumer Data Right
On 1 March 2018, the Treasury released the second version of its Privacy Impact Statement for the proposed CDR in accordance with the Privacy (Australian Government Agencies – Governance) APP Code 2017 and the Office of the Australian Information Commissioner's Guide to Undertaking Privacy Impact Assessments (PIA). In addition to our comments above, we have commented previously on the CDR and the Commonwealth agencies' APP Code. Whilst acknowledging that the CDR offered individuals a range of benefits relating to privacy, competition, convenience and choice, the PIA also highlighted a number of potential threats which "could lead to substantial financial, personal and emotional loss" if not carefully monitored. The PIA contained 10 recommendations, emphasising the need for ongoing behavioural research and consumer testing regarding the design of the CDR system (Recommendation 1), the creation of rules which would ensure that consent is genuine and protects vulnerable individuals (Recommendation 3), the importance of rules and standards remaining across sectors as the scheme progresses beyond the banking industry (Recommendation 5) and the need to ensure that CDR data held by data recipients is not inappropriately accessed by the data recipient's employees (Recommendation 6).

Government releases data sharing guide
On 15 March 2019, the Department of the Prime Minister and Cabinet released a Best Practice Guide to Applying Data Sharing Principles. The guide is intended to assist government agencies in determining how to share public sector data under their control in a manner which maintains the requisite degree of privacy and security. The Guide draws upon five Data Sharing Principles developed by the Office of the National Data Commissioner and the Australian Bureau of Statistics, an initiative which in turn drew upon the internationally recognised Five Safes Framework. The five Data Sharing Principles are:

  1. Projects: Data is shared for an appropriate purpose that delivers a public benefit;
  2. People: The user has the appropriate authority to access the data;
  3. Settings: The environment in which the data is shared minimises the risk of unauthorised use or disclosure;
  4. Data: Appropriate and proportionate protections are applied to the data; and
  5. Output: The output from the data sharing arrangement is appropriately safeguarded before any further sharing or release.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

To print this article, all you need is to be registered on

Click to Login as an existing user or Register so you can print this article.

Some comments from our readers…
“The articles are extremely timely and highly applicable”
“I often find critical information not available elsewhere”
“As in-house counsel, Mondaq’s service is of great value”

Related Topics
Related Articles
Up-coming Events Search
Font Size:
Mondaq on Twitter
Mondaq Free Registration
Gain access to Mondaq global archive of over 375,000 articles covering 200 countries with a personalised News Alert and automatic login on this device.
Mondaq News Alert (some suggested topics and region)
Select Topics
Registration (please scroll down to set your data preferences)

Mondaq Ltd requires you to register and provide information that personally identifies you, including your content preferences, for three primary purposes (full details of Mondaq’s use of your personal data can be found in our Privacy and Cookies Notice):

  • To allow you to personalize the Mondaq websites you are visiting to show content ("Content") relevant to your interests.
  • To enable features such as password reminder, news alerts, email a colleague, and linking from Mondaq (and its affiliate sites) to your website.
  • To produce demographic feedback for our content providers ("Contributors") who contribute Content for free for your use.

Mondaq hopes that our registered users will support us in maintaining our free to view business model by consenting to our use of your personal data as described below.

Mondaq has a "free to view" business model. Our services are paid for by Contributors in exchange for Mondaq providing them with access to information about who accesses their content. Once personal data is transferred to our Contributors they become a data controller of this personal data. They use it to measure the response that their articles are receiving, as a form of market research. They may also use it to provide Mondaq users with information about their products and services.

Details of each Contributor to which your personal data will be transferred is clearly stated within the Content that you access. For full details of how this Contributor will use your personal data, you should review the Contributor’s own Privacy Notice.

Please indicate your preference below:

Yes, I am happy to support Mondaq in maintaining its free to view business model by agreeing to allow Mondaq to share my personal data with Contributors whose Content I access
No, I do not want Mondaq to share my personal data with Contributors

Also please let us know whether you are happy to receive communications promoting products and services offered by Mondaq:

Yes, I am happy to received promotional communications from Mondaq
No, please do not send me promotional communications from Mondaq
Terms & Conditions (the Website) is owned and managed by Mondaq Ltd (Mondaq). Mondaq grants you a non-exclusive, revocable licence to access the Website and associated services, such as the Mondaq News Alerts (Services), subject to and in consideration of your compliance with the following terms and conditions of use (Terms). Your use of the Website and/or Services constitutes your agreement to the Terms. Mondaq may terminate your use of the Website and Services if you are in breach of these Terms or if Mondaq decides to terminate the licence granted hereunder for any reason whatsoever.

Use of

To Use you must be: eighteen (18) years old or over; legally capable of entering into binding contracts; and not in any way prohibited by the applicable law to enter into these Terms in the jurisdiction which you are currently located.

You may use the Website as an unregistered user, however, you are required to register as a user if you wish to read the full text of the Content or to receive the Services.

You may not modify, publish, transmit, transfer or sell, reproduce, create derivative works from, distribute, perform, link, display, or in any way exploit any of the Content, in whole or in part, except as expressly permitted in these Terms or with the prior written consent of Mondaq. You may not use electronic or other means to extract details or information from the Content. Nor shall you extract information about users or Contributors in order to offer them any services or products.

In your use of the Website and/or Services you shall: comply with all applicable laws, regulations, directives and legislations which apply to your Use of the Website and/or Services in whatever country you are physically located including without limitation any and all consumer law, export control laws and regulations; provide to us true, correct and accurate information and promptly inform us in the event that any information that you have provided to us changes or becomes inaccurate; notify Mondaq immediately of any circumstances where you have reason to believe that any Intellectual Property Rights or any other rights of any third party may have been infringed; co-operate with reasonable security or other checks or requests for information made by Mondaq from time to time; and at all times be fully liable for the breach of any of these Terms by a third party using your login details to access the Website and/or Services

however, you shall not: do anything likely to impair, interfere with or damage or cause harm or distress to any persons, or the network; do anything that will infringe any Intellectual Property Rights or other rights of Mondaq or any third party; or use the Website, Services and/or Content otherwise than in accordance with these Terms; use any trade marks or service marks of Mondaq or the Contributors, or do anything which may be seen to take unfair advantage of the reputation and goodwill of Mondaq or the Contributors, or the Website, Services and/or Content.

Mondaq reserves the right, in its sole discretion, to take any action that it deems necessary and appropriate in the event it considers that there is a breach or threatened breach of the Terms.

Mondaq’s Rights and Obligations

Unless otherwise expressly set out to the contrary, nothing in these Terms shall serve to transfer from Mondaq to you, any Intellectual Property Rights owned by and/or licensed to Mondaq and all rights, title and interest in and to such Intellectual Property Rights will remain exclusively with Mondaq and/or its licensors.

Mondaq shall use its reasonable endeavours to make the Website and Services available to you at all times, but we cannot guarantee an uninterrupted and fault free service.

Mondaq reserves the right to make changes to the services and/or the Website or part thereof, from time to time, and we may add, remove, modify and/or vary any elements of features and functionalities of the Website or the services.

Mondaq also reserves the right from time to time to monitor your Use of the Website and/or services.


The Content is general information only. It is not intended to constitute legal advice or seek to be the complete and comprehensive statement of the law, nor is it intended to address your specific requirements or provide advice on which reliance should be placed. Mondaq and/or its Contributors and other suppliers make no representations about the suitability of the information contained in the Content for any purpose. All Content provided "as is" without warranty of any kind. Mondaq and/or its Contributors and other suppliers hereby exclude and disclaim all representations, warranties or guarantees with regard to the Content, including all implied warranties and conditions of merchantability, fitness for a particular purpose, title and non-infringement. To the maximum extent permitted by law, Mondaq expressly excludes all representations, warranties, obligations, and liabilities arising out of or in connection with all Content. In no event shall Mondaq and/or its respective suppliers be liable for any special, indirect or consequential damages or any damages whatsoever resulting from loss of use, data or profits, whether in an action of contract, negligence or other tortious action, arising out of or in connection with the use of the Content or performance of Mondaq’s Services.


Mondaq may alter or amend these Terms by amending them on the Website. By continuing to Use the Services and/or the Website after such amendment, you will be deemed to have accepted any amendment to these Terms.

These Terms shall be governed by and construed in accordance with the laws of England and Wales and you irrevocably submit to the exclusive jurisdiction of the courts of England and Wales to settle any dispute which may arise out of or in connection with these Terms. If you live outside the United Kingdom, English law shall apply only to the extent that English law shall not deprive you of any legal protection accorded in accordance with the law of the place where you are habitually resident ("Local Law"). In the event English law deprives you of any legal protection which is accorded to you under Local Law, then these terms shall be governed by Local Law and any dispute or claim arising out of or in connection with these Terms shall be subject to the non-exclusive jurisdiction of the courts where you are habitually resident.

You may print and keep a copy of these Terms, which form the entire agreement between you and Mondaq and supersede any other communications or advertising in respect of the Service and/or the Website.

No delay in exercising or non-exercise by you and/or Mondaq of any of its rights under or in connection with these Terms shall operate as a waiver or release of each of your or Mondaq’s right. Rather, any such waiver or release must be specifically granted in writing signed by the party granting it.

If any part of these Terms is held unenforceable, that part shall be enforced to the maximum extent permissible so as to give effect to the intent of the parties, and the Terms shall continue in full force and effect.

Mondaq shall not incur any liability to you on account of any loss or damage resulting from any delay or failure to perform all or any part of these Terms if such delay or failure is caused, in whole or in part, by events, occurrences, or causes beyond the control of Mondaq. Such events, occurrences or causes will include, without limitation, acts of God, strikes, lockouts, server and network failure, riots, acts of war, earthquakes, fire and explosions.

By clicking Register you state you have read and agree to our Terms and Conditions