Maintaining the privacy of information collected, exchanged and stored on the Internet is becoming increasingly difficult as technologies supporting intrusive practices such as data mining, data matching and spyware become progressively more sophisticated and subtle. The challenge for law makers is to formulate laws that both address presently identified threats and have the capacity to encompass future technological evolution. The new Australian Privacy Principles, due to take effect from March 2014, adopt a principles-based and technology-neutral approach that promises to support the longevity of the enacted laws. The Act introduces a variety of new provisions that have the effect of significantly strengthening online privacy protection by addressing the threats to privacy presented by data mining, data matching and direct marketing practices. It is submitted that the new, expanded and prescriptive Australian privacy laws evidence a shift towards the European governance philosophy that is premised on societal protection norms that conceive the State as having primary responsibility for ensuring information practices serve individual identity.