Privacy Law and Policy Reporter
The Australian Privacy Charter was launched by Justice Michael Kirby and Janine Haines in the NSW Parliament House on 5 December 1994. The Charter (see (1994) 1 PLPR 136), a voluntary code for business and government, sets out 18 principles covering all aspects of privacy and freedom from surveillance. The Charter is the product of over two years' work by the Privacy Charter Council, a group drawn from a cross-section of professional, academic and business experts in privacy. The Council is now undertaking a strategy to see the Charter adopted by organisations throughout Australia as a benchmark for observing best practice in protecting privacy.
Debate over the status of public registers in the information age has been inflamed by the establishment of a massive database of personal information on 2.5 million Australians. The sources of the Oracle Library read like a private investigator's information dream: royal commission reports, records from professional body disciplinary hearings, industry warning lists, consumer affairs reports, court judgments, summonses, writs, newspaper articles, bankruptcies since 1960 and reports from bodies such as the NSW Independent Commission Against Corruption and the Qld Criminal Justice Commission.
The existence of the Oracle Library highlights the inconsistent coverage of privacy laws in Australia, and has re-ignited calls for comprehensive privacy legislation. Although the database holds some of the most sensitive personal information possible, it falls outside the coverage of Commonwealth or State privacy legislation, and effectively undermines provisions aimed to protect privacy such as the spent convictions scheme ( (1994) 1 PLPR 103). Individuals named in the database have no access or correction rights and there are serious concerns that slurs, unproven allegations, and charges subsequently thrown out of court may now revisit innocent individuals.
The operators of the Oracle Library argue that because the information on the database is all publicly available, privacy concerns are not relevant. It is an argument that has been heard before and was explicitly rejected in a Public Interest Determination on the Electronic White Pages service from the Australian Privacy Commissioner, Kevin O'Connor, in 1990. In that instance he stated that information matching capabilities actually change the nature of the information and demand a different standard of protection from public registers accessible through manual files. Similarly, the 17th Principle of the Australian Privacy Charter, released in December 1994, states that notwithstanding specific exceptions for individual access to the data, public registers should have the same level of privacy protection as is applied to files within organisations.
According to the operators of the CD-ROM database, businesses interested in the service might include legal firms, banks, media organisations, insurance companies, personnel departments and recruitment agencies.
The WA Attorney-General withdrew a long-standing privacy reference from the WA Law Reform Commission in September 1993, on the grounds that proposals for a Privacy Bill were being developed by officers of the Ministry of Justice. The previous Attorney had directed the Commission to examine specific aspects of privacy rather than report comprehensively, as originally envisaged. During the duration of the reference, the Commission had touched on privacy in reports on confidentiality of medical records and medical research; professional privilege for confidential communications, and Police Act offences, and had issued a working paper on privacy and statutory powers of intrusion (WA Law Reform Commission Annual Report 1993/94).
Privacy and data protection legislation has been known to be under review by officers in various WA government departments since the late 1980s, but nothing has yet emerged publicly. Perhaps the WA Information Commissioner will feature in future legislation.
(Information provided by Nigel Waters)
The Indian Chief Electoral Commissioner has threatened to cancel elections in five states unless over 100 million photo-ID cards are printed by February 28. If the elections are cancelled, Presidential rule can be imposed from New Delhi. Three States have applied to the Indian Supreme Court to rule that the Commissioner cannot deprive voters of the right to vote. Bihar Chief Minister LP Yadav claims that the ID cards are part of an 'international conspiracy' by multinational companies supplying the computers, cameras, film etc necessary to make the cards. (Source: Nelson Graves, Reuters)
The Victorian Law Reform Committee Report, Curbing the Phoenix Company, released last June, contains a less than novel suggestion that the government could overcome the 'problems of minor variations in directors' details ... if everyone wishing to have the privilege of being a director of a corporation with limited liability were required to have a unique once-for-a-lifetime identity.' The Victorian Government is recommended to encourage the ASC to give a higher priority to developing computer systems aimed at detecting disqualified persons in company management positions. The Government is also urged to seek Ministerial Council support to give company directors a unique identity number. Perhaps aware that this might attract some criticism, the report argues (3.3.11): 'Because becoming a director is a matter of choice, and truly voluntary, the privacy issues which ID numbers generally raise are not of concern'.
Move over PIN numbers. The world of biometrics - identification systems based on elements of the human body - is known already to have expanded into sophisticated fingerprints and retina scans. Researchers at Leeds University are now working on taking it one step further: smell. The sensitivity of equipment has developed to a point where machines are able to personally identify and remember our natural body odours. The technology, which is apparently 90 per cent accurate at the moment, is able to detect the underlying body odour regardless of perfumes and even after eating garlic.
Over two million Australians had joined the Fly Buys program by the beginning of 1995, making it 'the most powerful database in Australian commercial history', according to Steve Enright, account manager at the company providing the Fly Buys computer system, Tandem Computers. While the operators of the scheme, Loyalty Pacific, have stated that personal information will not be on-sold to third parties outside of the scheme, any of the companies within the scheme will apparently be able to access information on members who have been customers. The database is also linked to the Census Collection District database, creating the future potential for highly-specific information collection and dispersal.
Although estimates on the level of spending disagree, the latest figures have suggested that Commonwealth Government spending on information technology exceeded $1 billion in 1994, a substantial lift on the $620 million spent in 1993. While analysts believe that most of the increase reflects more accurate reporting procedures, real IT spending has lifted significantly in the past year. Some estimates suggest that the real level of spending may still be 20 per cent higher. The largest reported spenders were the Defence Department ($305 million), Social Security ($115 million), and Administrative Services ($68.4 million).
(Australian Financial Review 6 February 1995)
Those old friends of privacy, the Health Insurance Commission, now have responsibility for the Childcare Cash Rebate Scheme. The Medicare number is used to verify identity. You can't keep a good number down!
The Federal Government has deferred the announcement of its preferred position on whistleblowing. The Senate Select Committee on Public Interest Whistleblowing tabled its report In the Public Interest on 30 August 1994. It recommended a legislative scheme to encourage and protect the exposure of a range of 'acts of wrongdoing' in both the public and private sectors. Whistleblowers would be granted a range of protections and immunities provided they followed officially-sanctioned reporting procedures (disclosure to the media would only attract immunities if it was 'excusable in all the circumstances'). The Committee recommended the establishment of a Public Interest Disclosures Agency to receive disclosures, arrange for their investigation, protect whistleblowers and publicise the scheme.
The Federal Government tabled an interim response to the Committee's report on 29 November. It simply states that a full response needs to be co-ordinated with the Gibbs Committee recommendations on the disclosure of official information, which are still under consideration after more than two years. The Government promised the Committee a comprehensive response by February 1995 (Senate Hansard 29 November 1994, p 3485).
There are important privacy issues involved in any whistleblowing scheme - in relation to both the protection of the whistleblower, and the protection of individuals identified either purposely or incidentally in any allegations of wrongdoing. The Committee acknowledged some of these issues and recommended that the Privacy Commissioner nominate a member of the PIDA Board. It remains to be seen how the competing interests are handled in the government response. (Information provided by Nigel Waters).