• Featured Events
        • Make an application for event endorsement

        • Featured Events
        • Make an application for event endorsement

Home Events AIIA Queensland GDPR Briefing – Impact of the new EU privacy law (GDPR) on Australian Businesses

AIIA Queensland GDPR Briefing – Impact of the new EU privacy law (GDPR) on Australian Businesses

Wednesday, 30 May 2018


A new piece of legislation that will come into force in the EU on May 25, 2018 that provides individuals with a new set of privacy rights. This new law will reach beyond the shores of the EU and will extend to any person who markets or sells goods or services (including for free) to any EU country (including the UK) and/or who monitors the behaviour of EU individuals within the EU (e.g. tracking activities of EU individuals on a website).

Unlike many other privacy laws where it is largely a legal compliance issue, the GDPR requires a complete organisational re-think of privacy.

In order to comply, this requires organisations to implement, among many things, the need to have documented procedures; the need to proactively conduct impact assessments of risky data privacy processing; in some cases, the need to appoint a Data Protection Officer; the creation of a ‘privacy by design’ approach to an organisation’s goods and services; amendments to be made to supplier agreements; and a comprehensive review of all marketing and administrative processes.

Whilst acknowledging that the cost of compliance is not insignificant, the penalties for non-compliance have been set deliberately high to ensure that the cost of compliance is less than the cost of non-compliance.

This law will be enforced with penalties for breach being up to 4% of global turnover or 20m Euro, whichever is the higher.

European companies will be prohibited from transferring personal information to any entity (including their local Australian subsidiaries) that cannot demonstrate its compliance with the new GDPR as of May 25, 2018.

The Opportunity for AIIA members

On the other hand, this new legislation provides significant opportunities – for IT companies in particular – to provide products and services that will assist companies all over the world to comply with the GDPR and enable the efficient use and flow of secure personal information into and out of the EU.

Whilst the GDPR is the talk of the town in Europe, studies have shown that there is little awareness or GDPR in Australia, and very few companies have an action plan to comply.

The reality is that with such large organisational wide impact it is probably to already too late to be ready for May 25, 2018 and companies will need to be implementing GDPR and managing their exposure at the same time.

Guest Speakers

Phil Green, Queensland Privacy Commissioner

Mike Pym, the CEO of Pym’s Technology Lawyers and Co-Chair of the AIIA National Board and Ben Robson, the lead partner of Oury Clark’s UK GDPR team will deliver presentations providing comprehensive advice regarding the impact of GDPR, offer insight into strategies to comply with the GDPR and implementation framework in order to assist them – and their clients – to step up to the GDPR challenge.


Phil Green
Queensland Privacy Commissioner

Appointed as the Queensland Privacy Commissioner in December 2015, Philip Green has an extensive career in the private and public sectors.

Mr Green’s legal career at Allens included commercial banking and finance/insolvency.  He has extensive central and agency experience in criminal justice legal and economic policy at the Department of the Premier and Cabinet in Queensland.

He most recently headed up the Small Business division for the Queensland Government.

He has a keen interest in innovation and technology law and was instrumental in establishing Queensland’s first administrative privacy regime.

Mike Pym 
CEO, Gordian Lawyers

Mike is the CEO of Gordian Lawyers, a law firm specialising in technology, commercial law and privacy.  Mike has been practising IT law for more than 25 years.

Prior to establishing Gordian Lawyers in 2006, Mike was Head of the Technology Group at one of the largest Australian law firms, and before that he had a number of roles as senior in-house counsel for global IT companies in Europe and Australia.

Mike’s clients include global ICT companies, ASX listed companies, as well as start ups, IT SMEs, Universities and Government Agencies.

With the arrival of the European GDPR legislation, Gordian Lawyers now offers GDPR training and awareness courses, as well as GDPR compliance programs.  Having teamed up with leading firm of UK lawyers and accountants, Oury Clark, Gordian can provide expert advice for Australian business wanting to comply with their GDPR obligations, enabling Australian businesses to understand and comply with their legal obligations under Australian privacy laws as well as the European GDPR.

Mike is also deeply involved in the peak national IT industry association in Australia, the Australian Information Industry Association, and has been Deputy Chair of the National Board for the past 2 years.

Photo©John Cassidy The Headshot Guy® www.theheadshotguy.co.uk 07768 401009

Ben Robson
Partner, Oury Clark Solicitors, United Kingdom

Ben is a Partner and Certified GDPR Practitioner within the Corporate and Commercial department of London law firm Oury Clark Solicitors and heads up the firm’s GDPR compliance team. Ben advises businesses across a wide range of sectors on their legal and commercial considerations when entering the UK market from overseas, with a sizeable proportion of his clients headquartered out of Australia.

As part of his broader commercial and corporate practice, Ben offers a unique level of practical insight into the core business and legal considerations faced by organisations day-to-day, against which increased regulatory compliance is simply an additional layer. In this context, Ben’s GDPR advisory expertise is focused upon providing proportionate and results-driven advice and strategic compliance program implementation that aims to empower businesses to use compliance as a means of improving systems and driving sales.

Recently featured in The Times for comment around GDPR in the wake of the Cambridge Analytica/Facebook data breach and a member of the UK Government’s All-Party Parliamentary Group on Artificial Intelligence, Ben is at the forefront of this rapidly developing area of the law and has delivered presentations and training to audiences within the UK and internationally on the topic of data protection and the practical steps that organisations should be taking before and after 25th May 2018.


Thank you to our Sponsors

National Platinum Sponsor



Host Sponsor



Terms and Conditions

By purchasing tickets to this event you agreed to the capture, storage and use of your data as detailed in the AIIA Privacy Policy. Refunds will be issued should the event be postponed and attendees cannot make the new date.

Submit a Comment