Trust Mark Online Directory Helps Companies Mitigate Data Breaches and Avoid Fines of up to $1.7M

Online Directory launch to coincide with privacy law amendments

The Association of Market and Social Research Organisations (AMSRO) today launched an online directory for its Trust Mark in the wake of a significant amendment to the Privacy Act regarding data breaches.

“Data breaches are now happening on a daily basis around the world, and it’s incumbent on our industry to continue to provide the highest level of protection to companies using research services and, in turn, to consumers. The AMSRO Trust Mark is a seal of endorsement and assures business and government organisations they are buying research that is quality-tested and meets not only ethical standards but also goes over and above minimal privacy legislation. As managers or owners of research businesses we also need to minimise our own corporate risk,” AMSRO President, Craig Young said.

The directory helps to guide companies seeking market and social research to choose a research company that protects its reputation and minimises risk and only includes providers that are certified to AMSRO’s Trust Mark.

The Privacy Act has been amended – effective February 22 – to include a Notifiable Data Breaches (NDB) scheme, which requires private and public entities with an annual turnover of $3 million or more, to notify individuals likely to be at risk of ‘serious harm’ by a data breach.

The amendment has been introduced to improve transparency in reporting procedures and reinforce privacy obligations by companies working with personal information.  A data breach occurs when personal information held by an organisation is lost or subjected to unauthorised access or disclosure.

The scheme also toughens up privacy obligations of companies working with personal information with fines of up to $1.7 million for a privacy breach.

The biggest data breach ever recorded was in 2013 when Yahoo saw 3 billion user accounts attacked and exposed: names; email addresses; dates of birth; telephone numbers; some unprotected passwords; and security questions and answers of 500 million users. In Australia, the Red Cross Blood Service recorded the biggest local data breach in 2016 when the records of 550,000 donors were exposed.

A recent ASX study found that eight in 10 Australian companies expect an increase in cyber risk but only 11% are taking a pro-active approach to reassure customers about cyber security and less than half are confident that they have the ability to detect, respond and manage a cyber intrusion.

“The new privacy legislation will help focus corporate Australia’s attention on data protection and the Trust Mark gives research buyers and users an additional level of assurance. Notwithstanding the significant fines involved for data breaches, the financial and reputational damage to companies can be just as detrimental. The fact that we have a 14-year record without a single privacy breach upheld demonstrates the success of AMSRO in protecting the industry,” AMSRO Executive Director, Sarah Campbell, said.

AMSRO first launched the Trust Mark in 2014 to coincide with the introduction of the Australian Privacy Principles (APPs) and the redevelopment of AMSRO’s own award-winning Privacy Code.

There are three Trust Mark criteria:

  1. PRIVACY: Trust Mark members must operate under AMSRO’s Privacy (Market and Social Research) Code. This Code is the first, and only, industry APP Privacy Code registered on the Federal Register of Legislative Instruments and is adjudicated by the Australian Information Commissioner.
  2. QUALITY: Trust Mark members comply with the International Standard for Market, Opinion and Social Research certification (ISO 20252 or ISO 26363). Members are required to undergo an independent annual audit.
  3. ETHICS: Trust Mark members abide with the Industry Code of Professional Behaviour.

In addition to the Privacy Code, AMSRO also offers a “Ten steps to privacy compliancy” guide for member companies looking to improve and safeguard their customer data, which can be found at

The new Trust Mark online directory is available at:

Be the first to comment

Leave a Reply

Your email address will not be published.


%d bloggers like this: