Differences Between APA and GDPR in Australian Context
VerifiedAdded on 2022/08/27
|8
|2533
|37
Essay
AI Summary
This essay critically examines the Australian Privacy Act (APA) and the General Data Protection Regulation (GDPR), focusing on their differences and the implications for data privacy. It begins by introducing the context of modern technology and the increasing concerns surrounding data protection, particularly in Australia, where data breaches are on the rise. The essay provides a detailed comparison of APA and GDPR, highlighting similarities such as their shared goals of reducing cyber-attacks and ensuring data security. However, it emphasizes the key differences, including risk management policies, consent requirements (express vs. implied), and direct marketing regulations. The analysis points out the gaps in APA, such as the lack of mandatory risk assessment policies, the recognition of implied consent, and less stringent marketing rules. The essay argues for improvements to APA, including mandatory data protection policies, the removal of implied consent, and stricter marketing regulations. The potential benefits of these changes for Australian citizens are also discussed, emphasizing increased protection against spam and phishing, and greater transparency in the operations of organizations handling personal data. The conclusion summarizes the key differences between APA and GDPR and reiterates the need for improvements to enhance data privacy in Australia.

Running Head: APA AND GDPR 0
PROFESSIONAL COMPUTING PRACTICE/ADVANCED PROFESSIONAL DEVELOPMENT
Assignment 1 Essay
Student name:
Student number:
Topic:
PROFESSIONAL COMPUTING PRACTICE/ADVANCED PROFESSIONAL DEVELOPMENT
Assignment 1 Essay
Student name:
Student number:
Topic:
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

APA AND GDPR 1
Introduction
In today’s era of modern technology, it has become easier for organisations to access and
exploit private data of the users since there are different ways from which they can collect
their private information. The use of personal information allows companies to improve their
products and services by customizing them as per the demands and requirements of their
customers. However, this has increased a major concern relating to protection of data privacy
and confidential information of users on a global scale. It is also a threat in Australia since the
number of data breach attacks has increased by 19 per cent between July and December 2019
as per the reports given by the “Office of the Australian Information Commissioner (OAIC)”.
In this regards, the government has introduced many amendments in the “Australian Privacy
Act (APA) 1988”1. Furthermore, “General Data Protection Regulation (GDPR)” is a part of
EU digital privacy protection legislations that are targeted towards imposing accountability
on organisations by giving control to individuals regarding their personal data and
simplifying the overall regulations relating to data privacy. There are many similarities
between APA and GDPR; however, there are many noticeable differences which show the
gaps in regulations of APA and the requirement of the Australian government to introduce
necessary changes in order to improve data privacy of individuals in Australia2. The
objective of this essay is to identify noticeable differences between APA and GDPR and
necessary improvements which should be made in APA for the protection of data privacy of
Australian citizens. This essay will also evaluate the benefits of these changes on Australian
citizens.
Differences between APA and GDPR and need for improvements
The role of both APA and GDPR is to introduce regulations which are focused on reducing
the threat of cyber-attacks by ensuring that the private data of individuals is protected and
transparency is maintained throughout the operations of corporation3. APA is also referred as
the privacy act which was first introduced in 1988 that provides regulations that deals with
privacy of Australian citizens and companies. Different privacy rights are introduced in this
act under Section 14 which is also called the “APPs (Australian Privacy Principles)”. The
regulations of this act govern how personal information is collected by government agencies
as well as private sector organisations and they also impose obligations in case such data is
lost or exploited. Similarly, GDPR is the part of EU regulations that are also followed by
Introduction
In today’s era of modern technology, it has become easier for organisations to access and
exploit private data of the users since there are different ways from which they can collect
their private information. The use of personal information allows companies to improve their
products and services by customizing them as per the demands and requirements of their
customers. However, this has increased a major concern relating to protection of data privacy
and confidential information of users on a global scale. It is also a threat in Australia since the
number of data breach attacks has increased by 19 per cent between July and December 2019
as per the reports given by the “Office of the Australian Information Commissioner (OAIC)”.
In this regards, the government has introduced many amendments in the “Australian Privacy
Act (APA) 1988”1. Furthermore, “General Data Protection Regulation (GDPR)” is a part of
EU digital privacy protection legislations that are targeted towards imposing accountability
on organisations by giving control to individuals regarding their personal data and
simplifying the overall regulations relating to data privacy. There are many similarities
between APA and GDPR; however, there are many noticeable differences which show the
gaps in regulations of APA and the requirement of the Australian government to introduce
necessary changes in order to improve data privacy of individuals in Australia2. The
objective of this essay is to identify noticeable differences between APA and GDPR and
necessary improvements which should be made in APA for the protection of data privacy of
Australian citizens. This essay will also evaluate the benefits of these changes on Australian
citizens.
Differences between APA and GDPR and need for improvements
The role of both APA and GDPR is to introduce regulations which are focused on reducing
the threat of cyber-attacks by ensuring that the private data of individuals is protected and
transparency is maintained throughout the operations of corporation3. APA is also referred as
the privacy act which was first introduced in 1988 that provides regulations that deals with
privacy of Australian citizens and companies. Different privacy rights are introduced in this
act under Section 14 which is also called the “APPs (Australian Privacy Principles)”. The
regulations of this act govern how personal information is collected by government agencies
as well as private sector organisations and they also impose obligations in case such data is
lost or exploited. Similarly, GDPR is the part of EU regulations that are also followed by

APA AND GDPR 2
many other countries targeted towards regulating data transfer and storage to make sure that
transparency is maintained throughout the operations and individuals have complete control
over their private data4. Based on the understanding of these two regulations, it is clear that
both of them emphasises on protection of private data of users by simplifying the process.
There are many similarities between APA and GDPR in terms of ensuring how personal
information is secured by organisations and both of them imposes mandatory methods which
are compulsory to be followed by parties that deal with private data of individuals. Both of
these laws introduce a range of general obligations in order to ensure data security. There are
different steps in both of these regulations that are necessary to be taken by organisations in
order to ensure that the private or sensitive data which they collect must be protected from
any sort of misuse, loss or interference. Both of them also provide policies for ensuring that
the private data is securely erased by organisations when necessary5. Furthermore, data
breaches are also treated in a similar manner in both of these regulations. Both of them
enforce the parties that deal with data breaches to report those incidents to relevant authorities
as soon as possible. They also enforces them to ensure sufficient seriousness while reporting
these breaches to make sure that necessary actions are taken right away for protection of such
data. As per both of these laws, personal information that is encrypted needs not to be
reported by organisations. Along with similarities, there are many differences between APA
and GDPR which shows key limitations and gaps that are necessary to be fulfilled in the
Privacy Act of Australia6.
One of the key differences between APA and GDPR is in relation to policies and procedures
for managing data privacy risks. As per the guidelines of GDPR, companies are required to
have certain policies and procedures that allow them to assess and manage risks are relating
to handling personal information of users. These guidelines are introduced especially for
those companies that are planning to engage in practices relating to high risks data
processing7. These companies have to ensure that they undertake a “Data Protection Impact
Assessment (DPIA)” when they use sensitive data in their operations. Along with this risk
assessment, companies are also subject to have a mandatory Data Protection Policy in which
they have to set out the expectations for their staff members in order to make sure that they
treat the confidential data securely. Moreover, companies that suffer a data breach are also
bound under these protection policies to notify authorities along with individuals who might
be affected as a result of cyber-attack8. There is a strict limit of 72 hours within which the
companies have to notify relevant parties for a data breach. The mandatory policies and
many other countries targeted towards regulating data transfer and storage to make sure that
transparency is maintained throughout the operations and individuals have complete control
over their private data4. Based on the understanding of these two regulations, it is clear that
both of them emphasises on protection of private data of users by simplifying the process.
There are many similarities between APA and GDPR in terms of ensuring how personal
information is secured by organisations and both of them imposes mandatory methods which
are compulsory to be followed by parties that deal with private data of individuals. Both of
these laws introduce a range of general obligations in order to ensure data security. There are
different steps in both of these regulations that are necessary to be taken by organisations in
order to ensure that the private or sensitive data which they collect must be protected from
any sort of misuse, loss or interference. Both of them also provide policies for ensuring that
the private data is securely erased by organisations when necessary5. Furthermore, data
breaches are also treated in a similar manner in both of these regulations. Both of them
enforce the parties that deal with data breaches to report those incidents to relevant authorities
as soon as possible. They also enforces them to ensure sufficient seriousness while reporting
these breaches to make sure that necessary actions are taken right away for protection of such
data. As per both of these laws, personal information that is encrypted needs not to be
reported by organisations. Along with similarities, there are many differences between APA
and GDPR which shows key limitations and gaps that are necessary to be fulfilled in the
Privacy Act of Australia6.
One of the key differences between APA and GDPR is in relation to policies and procedures
for managing data privacy risks. As per the guidelines of GDPR, companies are required to
have certain policies and procedures that allow them to assess and manage risks are relating
to handling personal information of users. These guidelines are introduced especially for
those companies that are planning to engage in practices relating to high risks data
processing7. These companies have to ensure that they undertake a “Data Protection Impact
Assessment (DPIA)” when they use sensitive data in their operations. Along with this risk
assessment, companies are also subject to have a mandatory Data Protection Policy in which
they have to set out the expectations for their staff members in order to make sure that they
treat the confidential data securely. Moreover, companies that suffer a data breach are also
bound under these protection policies to notify authorities along with individuals who might
be affected as a result of cyber-attack8. There is a strict limit of 72 hours within which the
companies have to notify relevant parties for a data breach. The mandatory policies and
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.

Trusted by 1+ million students worldwide

APA AND GDPR 3
procedures for risk assessment is not available in APA which is a key difference and it shows
the act is not prepared to govern those companies that deals with high risks data processing9.
There is a key difference between APA and GDPR in relation to recognition of consent of the
parties since APA recognizes both express and implied consent whereas GDPR only
recognizes express consent. Provisions regarding consents are given under APPs 3, 6, 7 and 8
and in the case of GDPR; Article 7 particularly deals with consent. In both APA and GDPR,
consent is an important factor; however, it is possible under both of these laws that personal
information of users is shared without their consent in specific circumstances10. Although
the Privacy Act recognises both express and implied consent, neither of them is defined in its
provisions. The express consent can be referred as an expression of individual wish whereas
implied consent is more complicated to understand. In this regards, provisions are given
under the Spam Act 2003 to make sure that organisations did not violate or misuse implied
consent of parties11. For example, if individuals have share their contact details online on
request of organisations or they have an existing relationship with the business, than it is
considered as implied consent. However, provisions regarding implied consent are not
recognised in GDPR and it defines consent which must be given freely and unambiguously as
per the wishes of the individuals and it must be given through clear affirmative action for
sharing of personal data. As per GDPR, the consent for cookies is mandatory while delivering
personalised marketing by organisations12. Furthermore, it also provides that it should be
easy for individuals to withdraw their consent. These options are not available in the case of
APA which shows the significant gap.
Another key difference between APA and GDPR is relating to direct marketing requirements
since GDPR has adopted a much stricter approach than compared to APA. There are multiple
circumstances in which businesses are able to send promotional or marketing material
directly to people. As per APA, businesses can directly collect contact details of people and
they can directly send them marketing materials13. If they collect their details from third
parties than it is important for them to collect express consent of individuals and their
attention must be drawn through a prominent statement. On the other hand, GDPR requires
businesses to almost always collect express consent from individuals before sending them
marketing materials. Businesses can only send marketing material without express consent if
they have a strong pre-existing relationship with individuals. This shows that GDPR is much
stricter with spam marketing techniques of businesses than compared to APA14.
procedures for risk assessment is not available in APA which is a key difference and it shows
the act is not prepared to govern those companies that deals with high risks data processing9.
There is a key difference between APA and GDPR in relation to recognition of consent of the
parties since APA recognizes both express and implied consent whereas GDPR only
recognizes express consent. Provisions regarding consents are given under APPs 3, 6, 7 and 8
and in the case of GDPR; Article 7 particularly deals with consent. In both APA and GDPR,
consent is an important factor; however, it is possible under both of these laws that personal
information of users is shared without their consent in specific circumstances10. Although
the Privacy Act recognises both express and implied consent, neither of them is defined in its
provisions. The express consent can be referred as an expression of individual wish whereas
implied consent is more complicated to understand. In this regards, provisions are given
under the Spam Act 2003 to make sure that organisations did not violate or misuse implied
consent of parties11. For example, if individuals have share their contact details online on
request of organisations or they have an existing relationship with the business, than it is
considered as implied consent. However, provisions regarding implied consent are not
recognised in GDPR and it defines consent which must be given freely and unambiguously as
per the wishes of the individuals and it must be given through clear affirmative action for
sharing of personal data. As per GDPR, the consent for cookies is mandatory while delivering
personalised marketing by organisations12. Furthermore, it also provides that it should be
easy for individuals to withdraw their consent. These options are not available in the case of
APA which shows the significant gap.
Another key difference between APA and GDPR is relating to direct marketing requirements
since GDPR has adopted a much stricter approach than compared to APA. There are multiple
circumstances in which businesses are able to send promotional or marketing material
directly to people. As per APA, businesses can directly collect contact details of people and
they can directly send them marketing materials13. If they collect their details from third
parties than it is important for them to collect express consent of individuals and their
attention must be drawn through a prominent statement. On the other hand, GDPR requires
businesses to almost always collect express consent from individuals before sending them
marketing materials. Businesses can only send marketing material without express consent if
they have a strong pre-existing relationship with individuals. This shows that GDPR is much
stricter with spam marketing techniques of businesses than compared to APA14.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

APA AND GDPR 4
Based on the gaps in APA, there is clear need of improvements in the provisions of APA in
relation to imposition of mandatory policies and procedures, removal of implied consent and
stricter marketing policies for protection of Australian citizens’ private data. The government
should make it mandatory for each business to have policies and procedures for data
protection under which they must specify steps and actions for data protection and guidelines
should be given for employees to take precautions to avoid violation or misuse of data. The
provisions regarding implied terms should be removed from APA since businesses can
misuse the ambiguity of its definition in order to send spam mails to individuals15. Stricter
guidelines should also be imposed on businesses that send direct marketing materials to
individuals without their express consent since they can send phishing mails or collect their
sensitive data without their knowledge.
Australian citizens will be benefited from introduction of these improvements since they will
receive less spam mails and their private data such as financial information and contact
details will be protected. Compliance with the strict positions of GDPR will enable the
Australian government to improve the overall effectiveness of APA in governing the
operations of organisations which are directly related with collection, storage, or use of
private data of individuals. The number of cases relating to data breaching will reducing
drastically in the country and it will also provide a key protection to users from spam or
phishing mails16. These improvements will promote transparency in operations of
organisations and it will hold them accountable for their actions or the action of their
employees to make sure that they take proactive approach towards private data of individuals
which will reduce data breach attacks in the country.
Conclusion
In conclusion, there are key differences between APA and GDPR which shows that GDPR
has provided much stricter approach when it comes to protection of privacy of users by
making it mandatory for organisations to implement policies and procedures for data
protection, notification to authorities within specific time limit, identification of express
consent and easy removal, and restrictions of direct marketing. The provisions of APA lack in
these areas and the government needs to fill these gaps to improve these policies to cope up
with the changing environment. Improvements should include enforcement of mandatory
policies and procedures for data protection, removal of implied consent and strictness in
distribution of marketing materials. These improvements will be beneficial because
Based on the gaps in APA, there is clear need of improvements in the provisions of APA in
relation to imposition of mandatory policies and procedures, removal of implied consent and
stricter marketing policies for protection of Australian citizens’ private data. The government
should make it mandatory for each business to have policies and procedures for data
protection under which they must specify steps and actions for data protection and guidelines
should be given for employees to take precautions to avoid violation or misuse of data. The
provisions regarding implied terms should be removed from APA since businesses can
misuse the ambiguity of its definition in order to send spam mails to individuals15. Stricter
guidelines should also be imposed on businesses that send direct marketing materials to
individuals without their express consent since they can send phishing mails or collect their
sensitive data without their knowledge.
Australian citizens will be benefited from introduction of these improvements since they will
receive less spam mails and their private data such as financial information and contact
details will be protected. Compliance with the strict positions of GDPR will enable the
Australian government to improve the overall effectiveness of APA in governing the
operations of organisations which are directly related with collection, storage, or use of
private data of individuals. The number of cases relating to data breaching will reducing
drastically in the country and it will also provide a key protection to users from spam or
phishing mails16. These improvements will promote transparency in operations of
organisations and it will hold them accountable for their actions or the action of their
employees to make sure that they take proactive approach towards private data of individuals
which will reduce data breach attacks in the country.
Conclusion
In conclusion, there are key differences between APA and GDPR which shows that GDPR
has provided much stricter approach when it comes to protection of privacy of users by
making it mandatory for organisations to implement policies and procedures for data
protection, notification to authorities within specific time limit, identification of express
consent and easy removal, and restrictions of direct marketing. The provisions of APA lack in
these areas and the government needs to fill these gaps to improve these policies to cope up
with the changing environment. Improvements should include enforcement of mandatory
policies and procedures for data protection, removal of implied consent and strictness in
distribution of marketing materials. These improvements will be beneficial because

APA AND GDPR 5
Australian citizens will receive spam or phishing mails and accountability will be imposed on
organisations that will reduce the cases of misuse and violation of private data.
(Total Word Count: 1780)
Australian citizens will receive spam or phishing mails and accountability will be imposed on
organisations that will reduce the cases of misuse and violation of private data.
(Total Word Count: 1780)
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.

Trusted by 1+ million students worldwide

APA AND GDPR 6
References
x
[1] Leon Spencer. (2020, March) Data breach notifications on the rise. [Online].
https://www.arnnet.com.au/article/671452/data-breach-notifications-rise/
[2] Nick Ismail. (2018, March) GDPR vs Australian data privacy regulations: 5 key
differences. [Online]. https://www.information-age.com/gdpr-aus-data-privacy-
regulations-123471003/
[3] Jawad Hussain Awan, Shazad Memon, Sheeraz Memon, Kamran Taj Pathan, and Niaz
Hussain Arijo, "Cyber Threats/Attacks and a Defensive Model to Mitigate Cyber
Activities.," Mehran University Research Journal of Engineering and Technology, vol.
37, no. 2, pp. 359-366, 2018.
[4] Fleur Prins. (2018, October) GDPR versus the Australian Privacy Act. [Online].
https://www.epiuselabs.com/data-security/gdpr-vs-australian-privacy-act
[5] Joshua Yuvaraj, "How about me? The scope of personal information under the
Australian Privacy Act 1988.," Computer law & security review, vol. 34, no. 1, pp. 47-
66, 2018.
[6] Anna Johnston, "2018: A year of significant changes to privacy law.," LSJ: Law Society
of NSW Journal, vol. 41, p. 84, 2018.
[7] Anna Johnston, "2018: A year of significant changes to privacy law, affecting legal
practices and clients.," Brief, vol. 45, no. 2, p. 28, 2018.
[8] Beatrice A. Walton, "Duties Owed: Low-Intensity Cyber Attacks and Liability for
Transboundary Torts in International Law.," Yale LJ, vol. 126, p. 1460, 2016.
[9] John Moran, Richard Berkahn, and Reece Corbett-Wilkins. (2019, June) Privacy Down
Under - how do antipodean privacy regimes stack up against the GDPR? [Online].
https://www.lexology.com/library/detail.aspx?g=4368ddcd-f87e-475d-afd3-
dc0283314f08
[10] Tim de Sousa. (2017, October) GDPR matchup: Australia's Privacy Act 1988. [Online].
References
x
[1] Leon Spencer. (2020, March) Data breach notifications on the rise. [Online].
https://www.arnnet.com.au/article/671452/data-breach-notifications-rise/
[2] Nick Ismail. (2018, March) GDPR vs Australian data privacy regulations: 5 key
differences. [Online]. https://www.information-age.com/gdpr-aus-data-privacy-
regulations-123471003/
[3] Jawad Hussain Awan, Shazad Memon, Sheeraz Memon, Kamran Taj Pathan, and Niaz
Hussain Arijo, "Cyber Threats/Attacks and a Defensive Model to Mitigate Cyber
Activities.," Mehran University Research Journal of Engineering and Technology, vol.
37, no. 2, pp. 359-366, 2018.
[4] Fleur Prins. (2018, October) GDPR versus the Australian Privacy Act. [Online].
https://www.epiuselabs.com/data-security/gdpr-vs-australian-privacy-act
[5] Joshua Yuvaraj, "How about me? The scope of personal information under the
Australian Privacy Act 1988.," Computer law & security review, vol. 34, no. 1, pp. 47-
66, 2018.
[6] Anna Johnston, "2018: A year of significant changes to privacy law.," LSJ: Law Society
of NSW Journal, vol. 41, p. 84, 2018.
[7] Anna Johnston, "2018: A year of significant changes to privacy law, affecting legal
practices and clients.," Brief, vol. 45, no. 2, p. 28, 2018.
[8] Beatrice A. Walton, "Duties Owed: Low-Intensity Cyber Attacks and Liability for
Transboundary Torts in International Law.," Yale LJ, vol. 126, p. 1460, 2016.
[9] John Moran, Richard Berkahn, and Reece Corbett-Wilkins. (2019, June) Privacy Down
Under - how do antipodean privacy regimes stack up against the GDPR? [Online].
https://www.lexology.com/library/detail.aspx?g=4368ddcd-f87e-475d-afd3-
dc0283314f08
[10] Tim de Sousa. (2017, October) GDPR matchup: Australia's Privacy Act 1988. [Online].
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

APA AND GDPR 7
https://iapp.org/news/a/gdpr-matchup-australias-privacy-act-1988/#
[11] Peter Leonard. (2014, March) Privacy law in Australia: an overview. [Online].
https://www.lexology.com/library/detail.aspx?g=f508c927-860b-43a4-832a-
aabea4169037
[12] Susan Bennett, "GDPR: Change to European privacy laws and its impact on Australian
businesses.," Governance Directions, vol. 70, no. 2, p. 85, 2018.
[13] Robert Bateman. (2020, February) GDPR vs Australian Privacy Principles. [Online].
https://www.termsfeed.com/blog/gdpr-vs-australian-privacy-principles/
[14] Beverley Head. (2019, June) Australia’s Notifiable Data Breaches scheme drives
compliance but issues remain. [Online].
https://www.computerweekly.com/news/252464371/Australias-notifiable-data-breach-
scheme-drives-compliance-but-issues-remain
[15] Julian Wagner and Normann Witzleb, "Personal Information in the Australian Privacy
Act and the Classification of IP Addresses.," Eur. Data Prot. L. Rev., vol. 3, p. 528,
2017.
[16] Andrada Coos. (2018, August) Australia’s Answer to the GDPR: The Notifiable Data
Breaches Scheme. [Online]. https://www.endpointprotector.com/blog/australias-answer-
to-the-gdpr-the-notifiable-data-breaches-scheme/
x
https://iapp.org/news/a/gdpr-matchup-australias-privacy-act-1988/#
[11] Peter Leonard. (2014, March) Privacy law in Australia: an overview. [Online].
https://www.lexology.com/library/detail.aspx?g=f508c927-860b-43a4-832a-
aabea4169037
[12] Susan Bennett, "GDPR: Change to European privacy laws and its impact on Australian
businesses.," Governance Directions, vol. 70, no. 2, p. 85, 2018.
[13] Robert Bateman. (2020, February) GDPR vs Australian Privacy Principles. [Online].
https://www.termsfeed.com/blog/gdpr-vs-australian-privacy-principles/
[14] Beverley Head. (2019, June) Australia’s Notifiable Data Breaches scheme drives
compliance but issues remain. [Online].
https://www.computerweekly.com/news/252464371/Australias-notifiable-data-breach-
scheme-drives-compliance-but-issues-remain
[15] Julian Wagner and Normann Witzleb, "Personal Information in the Australian Privacy
Act and the Classification of IP Addresses.," Eur. Data Prot. L. Rev., vol. 3, p. 528,
2017.
[16] Andrada Coos. (2018, August) Australia’s Answer to the GDPR: The Notifiable Data
Breaches Scheme. [Online]. https://www.endpointprotector.com/blog/australias-answer-
to-the-gdpr-the-notifiable-data-breaches-scheme/
x
1 out of 8
Related Documents

Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.