Australia's privacy laws have failed the European Commission's adequacy test for trade.
The EU working party examining the Privacy Amendment (Private Sector) Bill 2000, which comes into effect later this year, has identified "some areas that need to be addressed before a full adequacy rating can be considered."
A spokeswoman for the Attorney General Daryl Williams confirmed talks will continue between Australia and the EU to address the issues and said data may continue to flow uninhibited provided that adequate safeguards are in place.
"These talks are only the first step in the process of examining our privacy laws; if the EU gives an adequacy rating it means Australian companies do not require extra clauses in their contracts or have to meet extra conditions when trading with the EU," media spokeswoman Catherine Fitzpatrick said.
While the EU working party has expressed concern about Australia's ability to protect employee data and secondary use of published data, the Attorney General said he did not accept the findings that more work needed to be done to meet the adequacy test.
Williams said the legislation sets minimum standards without forcing unnecessary costs on business.
"Many of the [working party's] comments display an ignorance about Australia's law and practice and do not go to the substance of whether our law is fundamentally adequate from a trading point of view; it seems that the prescriptive approach taken in many EU member states is assumed to be the only acceptable way to go in many areas of privacy protection," he said.