Privacy
Electronic communications and technologies raise many significant information privacy and surveillance issues.
Information privacy may be defined as the claim of individuals, groups or institutions to determine when, how and to what extent information about them is communicated to others. In essence, information privacy is the individual's right to control what happens with personal information about them.
Privacy issues relating to personal data arise from insecure electronic transmissions, data trails and logs, online transactions and tracking and surveillance technologies. Privacy invasion issues arise from data matching (the process of wholesale cross checking of data from one source against another source such as tax and social security data) and personal profile extraction processes that use this data alone or in combination with other publicly available data.
The Laws
In Australia, there is no general right of an individual to privacy. Laws such as confidential information and trespass may sometimes be used to protect privacy.
In the public sector, Australia has had privacy legislation since 1988. The Privacy Act 1988 (Cth) provides a system for the enforcement of privacy and a guideline for the use of personal information by the public sector, through its quintessence of 11 Information Privacy Principles (IPPs) and 10 National Privacy Principles (NPPs) that form privacy standards which some private sector organisations need to comply with in relation to personal information they hold. These Principles deal with the manner and purpose, collection, solicitation, storage, security, access, alteration, use and the disclosure of personal information. In addition the Act sets out the role of the NSW Privacy Commissioner.
The Privacy and Personal Information Act 1988 (NSW), provides the way all NSW public sector agencies manage personal information and contains 12 Information Protection Principles (IPPs), which include the collection, storage, access and accuracy, use, and disclosure of personal information. In addition, the Act sets out the role of the NSW Privacy Commissioner and creates a system for the enforcement of privacy in regard to how personal information is handled with the power to investigate and resolve complaints when personal information has been mishandled or misused.
The anti-spam legislation, Spam Act 2003 was passed by the Australian Federal Parliament to specifically deal with unwanted commercial electronic messages, also known as spam or 'junk mail'. The Spam Act was introduced as an answer to fears about the impact of spam on the efficiency of electronic communication and the costs forced on end-users. Furthermore, the Act prohibits the sending of spam, also known as a commercial electronic message sent without the consent of the addressee via email, short message service (SMS), multimedia message service (MMS) or instant messaging. The provisions under the Spam Act apply to all commercial electronic messages, including both bulk and individual messages.
The Australian Communications and Media Authority (ACMA) has enforcement responsibility for the Spam Act deals with the collection of evidence and gives support in protecting Australians from computer fraud and identity theft. In addition, ACMA regulates internet content issues, deals with internet content complaints and provides information about mobile premium services.
With the advance in technology, including the internet, there have been amazing changes to the way we collect and use personal information and to the rapid transmission of personal information. It appears natural that these changes have influenced the way we look at privacy and the protection of personal information.
The Telecommunications Act 1997 (Cth) sets out strict rules for carriers, carriage service providers and others in their use and disclosure of personal information with industry codes and standards in a range of consumer protection and privacy areas. The Privacy Commissioner must be consulted on any privacy codes and while the codes are voluntary, breaches of the code can be enforced by the Australian Communications and Media Authority (ACMA).
The Privacy Commissioner has the role under the Telecommunications Act of monitoring compliance with Part 13, Division 5 of the Act, where carriers and carriage service providers are required to keep accounts of all disclosures of personal information with only some exceptions. The Act also requires disclosure to law enforcement agencies only in specified circumstances.
State Laws
The invasion of privacy, as well as the mistreatment of personal information, is against the law under several state and federal laws in New South Wales and the entire of Australia.
Moreover, in NSW, the main laws that deal with the protection of privacy are: the Federal Privacy Act 1988 (Cth); the Privacy and Personal Information Protection Act 1998 (NSW); Workplace Surveillance Act 2005 (NSW); Surveillance Devices Act 2007 (NSW) and Telecommunications (Interception and Access) Act 1979 (Cth).
The Privacy Act 1988 (Cth) sets privacy standards for dealing with personal information and applies to Australian Government (Commonwealth) and ACT government agencies, the private sector organisations across Australia and is administered by the Office of the Federal Privacy Commissioner
The Privacy and Personal Information Protection Act 1998 (NSW) sets privacy standards for dealing with personal information, in all NSW state and local government and is administered by Privacy NSW. While the Act pertains mainly to the New South Wale public sector, it bestows upon New South Wales Privacy Commissioner the power to investigate and conciliate privacy breaches by organisations and individuals who are not public sector agencies.
In regards to privacy of communications, the Workplace Surveillance Act 2005 (NSW) (administered by the NSW Attorney General's Department) which prohibits the surveillance by employers of their employees at work except where employees have been given notice or where the employer has a covert surveillance authority. Among other prohibitions, the Act restricts and regulates the blocking by employers of emails and Internet access of employees at work. In particular it prevents employers from blocking access to emails or Internet sites because the content relates to business issues.
The Surveillance Devices Act 2007 (NSW) covers the installation, use and maintenance of listening, optical, tracking, and data surveillance devices and restricts the communication and publication of private conversations, surveillance activities, and information obtained from their use. Furthermore, the Act allows for surveillance devices to be used in crime investigations and to allow evidence to be obtained of the crime, identity or location of the person who has offended.
The Telecommunications (Interception and Access) Act 1979 (Cth) provides protection to the privacy of those who use the Australian telecommunications system and deals specifically with the situations where it is lawful for interception of, or access to, communications to take place. Moreover, the Act disallows the interception of transient communications over a telecommunications system and prohibits access to stored communications (i.e. email, SMS and voice mail messages stored on a carrier's equipment) except where there is authorization in certain circumstances.
Essentially, not all technologies are privacy invasive and if privacy is built into the design of new technologies such as blue tooth and smart cards among other further technological advances, they are able to be privacy enhancing.
Legislation
Privacy Act 1988
Privacy Amendment (Office of the Privacy Commissioner) Act 2000 (Cth)
Privacy and Personal Information Protection Act 1998 (NSW)
Privacy and Personal Information Protection Act 1998 (NSW)
Privacy and Personal Information Protection Regulation 1998 (NSW)
Spam Act 2003 (Cth) Surveillance Devices Act 2007 (NSW)
Telecommunications Act 1997 (Cth)
Telecommunications (Interception and Access) Act 1979 (Cth).
Workplace Surveillance Act 2005 (NSW)
ABC v Lenah Game Meats Pty Ltd [2001] HCA 63; 208 CLR 199; 185 ALR 1; 76 ALJR 1
Toomey v Mirror Newspapers [1985] 1 NSWLR 173
PN v Department of Education and Training [2006] NSWADT 122
SW v Forests NSW [2006] NSWADT 74
Waite v General Manager, Hornsby Shire Council [2004] NSWADT 93
Director General, Department of Education and Training v MT [2006] NSWCA 270
Vice-Chancellor Macquarie University v FM [2005] NSWCA 192
The Ombudsman v Koopman & Anor [2003] NSWCA 277
GQ v NSW Department of Education and Training (No 2) ([2008] NSWADT 319)
Seven Network (Operations) Ltd v Media Entertainment and Arts Alliance [2004] FCA 637
Resources
Australian Privacy and Surveillance Law Library
Getting in on the Act: The Review of the Private Sector Provisions of the Privacy Act 1988, Office of the Privacy Commissioner
Internet Industry Association
Australian Press Council: Privacy Standards
NOIE: Privacy Project
Federal Privacy Commissioner
Office of the NSW Privacy Commissioner
National Privacy Principles [pdf]
NSW Cases determined under the Privacy Legislation
Security in Government 2010 Conference: The AG's Department
Caslon Analytics Privacy Guide
Caslon Analytics Privacy law in Australia
General background and Information on The personal Information and Privacy Act 1998 (NSW)
Report on the operation of the 1998 NSW Act by Deputy Privacy Commissioner (2002)
Information Protection Principles
Privacy in Queensland Report
Attorney-General's Department - Information Paper on Privacy Protection in the Private Sector
Privacy and the Media - Executive Summary (Privacy)
Telecommunications Privacy (Privacy)
Telecommunications Privacy: Dept of Broadband Communications and the Digital Economy
Department of Broadband Australia's Digital Economy: Future Directions
Privacy: Are the Media a Special Case? (Privacy)
Privacy and Surveillance Electronic Frontiers Australia
Calling Number Display in Australia
What Price Privacy? Media Watch (18/08/2008)
Conference Papers Summary - The New Privacy Laws (Privacy)
"The Offices of the Information and Privacy Commissioners" - (2009) NSWLRC Report 125
"Access to personal information" - (2010) NSWLRC Report 126
Australian Government, Enhancing National Privacy Protection, Australian Government First Stage Response to the Australian Law Reform Commission
Report 108, For Your Information: Australian Privacy Law and Practice (October 2009) 24
Links
Australian Privacy Foundation
Australian Communications and Media Authority (ACMA)
Roger Clarke Home Page
Privacy Law and Policy Reporter
Oz NetLaw Privacy fact sheet
Hugh Mackay: Free Speech Comes at a Price
Federal Privacy Commissioner
Electronic Frontiers Australia: Privacy and Surveillance
