Privacy Law and Policy Reporter
The Privacy and Data Protection Bill 1994 (NSW) was referred on 5 May 1994 to a Select Committee of the upper house of the NSW Parliament (the Legislative Council) with terms of reference to report on:
(a) whether the Privacy and Data Protection Bill:
(i) provides appropriate data protection safeguards in connection with records containing personal information which are held by public authorities;
(ii) provides a cost-effective and manageable system for the protection of such personal information; and
(b) if not, to report upon any alternative legislative and/or administrative frameworks which may provide more appropriate protections, or a more cost-effective and manageable system.
The Committee, to be Chaired by Stephen Mutch (Liberal), comprises Richard Bull (National), Jennifer Gardiner (National), James Kaldis (ALP), Elisabeth Kirby (Democrat), Ian Macdonald (ALP), Rev Fred Nile (Call to Australia) and Ted Pickering (Liberal).
Attorney-General John Hannaford, in moving that the Bill be referred to the Committee, noted that it was based on the principle ''that information collected for one purpose should not generally be used for another related purpose without the consent of the data subject or the authority of law', and that the reference to the Committee was ''in order to ensure that NSW has the most comprehensive legislation possible regulating the storage, use and disclosure of personal information in the public sector'. Mr Hannaford's comments, and the terms of reference, make it clear enough that the Bill is essentially intended to regulate public sector uses of personal data, leaving the position in relation to the private sector largely unchanged (except for corrupt private sector misuse of public sector information). However, it seems that Mr Hannaford is open to proposed amendments to strengthen the Bill, at least in the public sector.
Ian Macdonald, speaking in the debate for the Opposition, welcomed the Bill but noted Opposition criticisms, the most detailed of which related to shortcomings in the offence provisions, cls 7 to 9. The Opposition also criticised the extent to which heads of departments could ''write their own exemptions' from the Data Protection Principles (DPPs): ''it would be open for a department head to decide that it is impracticable to comply with half the DPPs'. ''As it stands, the ... Bill unfortunately qualifies as probably the weakest attempt at data protection legislation for many years', he said (a view expressed in (1994) 1 PLPR 41). He also noted that ''Submissions before the Independent Commission Against Corruption also called for a procedure to elevate codes to the status of legally binding instruments. It is clear that we have to re-examine this issue to strengthen the powers of the Privacy Commissioner to scrutinise private sector codes.'
Elisabeth Kirby, speaking for the Democrats, stated that the Bill was ''deficient for three reasons: because the heads of public authorities have too much discretion in their preparation of data protection codes; the Privacy Commissioner does not have sufficient powers of enforcement; and the measures in relation to information exchange between agencies are too broad.' She quoted at length from the article in (1994) 1 PLPR 41 (continued in this issue) to support each of these propositions.
The Committee has called for submissions on the Bill by 30 June, and is expected to report on the Bill before the end of the year. The NSW Privacy Committee has already held a round-table discussion on the Bill, with about 30 participants, on 2 June.