Implementing Privacy Principles: After 20 Years, it's Time to Enforce the Privacy Act
105 Pages Posted: 23 May 2007
Date Written: May 20, 2007
This is a response to the Australian Law Reform Commission (ALRC)'s Issues Paper 31, Review of Privacy, which is the first stage in the ALRC review of the extent to which the Privacy Act and related laws provide an effective framework for the protection of privacy in Australia.
The submission addresses not only the privacy principles themselves but also some definitional and threshold issues, exemptions and questions of enforcement. A single set of core principles is favoured, but consistency should not come at the expense of higher standards. Some principles need to be revised to remove uncertainty in their application and to overcome the unexpected effect of narrow interpretations by Commissioner's tribunals and courts. The definitions and principles combined should aim to ensure maximum coverage, and exemptions should be strictly limited to where competing public interests can clearly be demonstrated. The submission also makes a case for strengthening principles in relation to purpose justification, anonymity, security breach notification and automated decision making. The problems of forced and bundled consent need to be addressed. There should be a greater emphasis in enforcement on achieving systemic changes with more proactive monitoring and enforcement and encouragement of representative complaints.
Keywords: privacy, privacy principles, law reform
Suggested Citation: Suggested Citation