Kay Lam-MacLeod
HWL Ebsworth
Kay is an IT law specialist. She is experienced in providing advice and assistance with negotiating and drafting technology-centric contracts, and advising on intellectual property matters. She holds qualifications in law, business and IT, and was the principal of a boutique IT law firm acting for private sector technology companies for many years. Her hands-on experience in this area enables her to provide practical and commercial legal advice. Kay assists clients on the drafting terms of trade for service providers across a wide range of IT service including software, mobile app and game developers, web designers, managed services, hosted services, infrastructure providers (telephony, connectivity, data centres), digital agencies (SEO, social media management and online marketing services), copywriters, graphic designers and photographers, penetration testers and general consulting. Kay also assist clients drafting various contracts agile, waterfall or hybrid software development, use of open source or third party plugins or modules, congruence with agreements with upstream service providers or subcontractors, compatibility with third party software or equipment, intellectual Property ownership, cross-licensing and sublicensing issues, implementation, ongoing support, warranties and maintenance, scope creep, variations and new feature requests, testing and acceptance procedures and termination, source code release and transition out requirements. Kay has also assisted numerous clients with drafting website terms and conditions and privacy policies across a range of business models which include subscription or registered membership granting access to information or resource, Sale of goods (physical and digital), XaaS, online bookings, matching customers to resources or other people, general discussion forums and information aggregators. She regularly presents on current IT law topics, in conjunction with IT industry and startup organisations such as iLab, Barcamp, River City Labs and various technology-focused groups. Kay has also spoken as a guest lecturer at the University of Queensland, on topics such as ethics in IT for students, UQ Business School’s MBA program (IT contracts), and was a panel speaker at ISMG's IT Security Summit in 2017. Qualifications include:
  • Bachelor of Business (Accountancy)
  • Bachelor of Laws (Hons)
  • Masters of Laws
  • Graduate Certificate in Information Technology

Mandatory Breach Notification: Are You Ready to Air Your Dirty Breaches?

The presenter will provide a broad overview of Australia's privacy laws by way of background, and summarise the new mandatory breach notification requirements:
  • Who's obliged to comply with the Privacy Act;
  • What is personal information (also looking at Ben Grubb's case about whether metadata is personal information);
  • What are the basic requirements of the Privacy Act;
  • What is an 'eligible data breach'; and
  • What are the basic notification requirements.The presenter will then look at specific issues in implementing the new regime:
  • What are the limitations of the new data breach notification regime?
  • How can you ensure that your service provider will disclose a breach to you, if it happens to them, even if that service provider isn't obliged to comply with the Privacy Act?
  • How do the timeframes work?
  • Who manages (and pays for) the notification process?
  • Will your insurance cover it?
  • What if you've made the wrong call on whether something is a notifiable breach?Finally, time permitting, the presenter will do a quick comparison of Australia's privacy regime and the new EU General Data Protection Regulation which is applicable from 25 May 2018.