Australia Data Removal Guide (2026)
Australians are protected by the Privacy Act 1988 and its 13 Australian Privacy Principles, strengthened by major 2024 reforms. Like Canada, Australia has fewer people-search sites than the UK because the electoral roll is not public.
At a glance
- Governing law
- Privacy Act 1988
- Response deadline
- 30 days (OAIC benchmark for APP 12 access requests)
- Regulator
- Office of the Australian Information Commissioner (OAIC)
- Private right of action
- Yes — statutory tort for serious invasions of privacy (in force since 2025)
Privacy Act 1988 (Cth) + Australian Privacy Principles (amended 2024)
The Privacy Act 1988 and the 13 APPs govern federal agencies and businesses with turnover over AUD $3M (plus any business that trades in personal information). The Privacy and Other Legislation Amendment Act 2024 (Royal Assent 10 December 2024) introduced a statutory tort for serious invasions of privacy (enabling class actions), tiered civil penalties with a new mid-tier (~AUD $3.3M for companies), automated-decision-making transparency, and stronger OAIC enforcement powers.
Read the full Privacy Act 1988 explainer →Scope, penalties, private right of action, enforcement history.
What rights do Australia residents have?
- →Right to access personal information held (APP 12)
- →Right to correct personal information (APP 13)
- →Right to opt out of direct marketing (APP 7)
- →Right to deal anonymously or by pseudonym where practicable (APP 2)
- →Right to complain to the OAIC
- →Right to sue under the statutory tort for serious invasions of privacy (2024)
Who holds your data in Australia?
Australia has a smaller native people-search ecosystem than the US/UK because the electoral roll is not public. The main data activity is in credit reporting/identity (Equifax Australia, illion, Experian) and marketing-list brokers. US/global people-search sites still surface some Australian data. Brokers fall under the Privacy Act if turnover exceeds AUD $3M or they trade in personal information.
Public-record sources brokers scrape
- Electoral roll — NOT public; the AEC does not sell or publish it for marketing
- ASIC company register — directors and officers (Director ID required; residential-address access tightening)
- State land titles registries (NSW LRS, etc.) — property ownership, for a fee
- Court and bankruptcy records (AFSA)
How to remove your data in Australia
- 1Register on the national Do Not Call Register (donotcall.gov.au) for telemarketing.
- 2Send APP 12 access + APP 13 correction requests to any organisation holding your data.
- 3Use the APP 7 direct-marketing opt-out — it must be honoured.
- 4Place credit-reporting bans/freezes with Equifax/illion/Experian after suspected fraud.
- 5Use the statutory tort (since 2025) for serious misuse, and escalate complaints to the OAIC.
Ready to remove
Opt out of 500+ brokers for $7
Much of Australia residents' data is held by US-based people-search brokers. OfflistMe drafts a legally structured deletion email for each one, sent from your own inbox — no account, no ID upload. Pair it with the Australia-specific steps above.
Request Removal NowWhat if a company ignores your request?
File a complaint with the Office of the Australian Information Commissioner (OAIC). The maximum penalty in Australia is Up to AUD $50M / 30% of turnover / 3× benefit (top tier); new mid-tier ~AUD $3.3M, and you may have a private right of action (Yes — statutory tort for serious invasions of privacy (in force since 2025)).
File a complaint with the Office of the Australian Information Commissioner (OAIC) ↗FAQ: Australia data removal
Is the Australian electoral roll public?+
No. Unlike the UK, the AEC does not publish or sell the electoral roll for marketing; access is restricted to specific authorised purposes. This is a major reason Australia has fewer people-search sites.
What did the 2024 Privacy Act reforms change?+
Royal Assent on 10 December 2024 introduced a statutory tort for serious invasions of privacy (enabling class actions), tiered civil penalties with a new mid-tier (~AUD $3.3M for companies), automated-decision-making transparency, and stronger OAIC enforcement powers.
How do I stop direct marketing in Australia?+
Use the APP 7 opt-out with any organisation, and register on the national Do Not Call Register for telemarketing.
Can I sue for a privacy breach in Australia?+
Since 2025, yes — the statutory tort for serious invasions of privacy allows individuals (and class actions) to claim where the invasion is serious and outweighs competing public interest.