Privacy Law and Policy Reporter
Attempts to censor the Internet, if mis-conceived, pose considerable and various dangers to the privacy of Internet communications. Australia appeared poised to enter draconian Internet censorship, with a draft national censorship law which imposed severe liabilities on Internet service providers and users, prepared by the ` government, due for consideration at a July meeting of the Standing Committee of Attorneys-General (SCAG).
However, in the week before the SCAG meeting, the Australian Broadcasting Authority (ABA) released its Internet censorship report (Investigation Into The Content Of Online Services -- Report To The Minister For Communications And The Arts, 30 June 1996 -- see annexure for extracts relevant to privacy issues). The ABA Report, while avoiding direct condemnation of the NSW-sponsored approach, took an entirely different line as to what was necessary or feasible, and in particular accepted the approach of many Internet users and industry representatives that those responsible for children must take a large part of the responsibility for protecting them from exposure to undesirable content.
The Attorneys-General decided to dump the NSW approach -- at least for now. At the SCAG meeting on 12 July, according to ACT Attorney-General, Gary Humphries, `the arguments put by the ACT, Commonwealth and a number of other states saw the `Government agree to defer introduction of legislation to regulate service providers on the Net', pending full consideration of the ABA Report.
However, it must be remembered that SCAG has not yet formally endorsed any alternative (or uniform) approach, Victoria already has its own (less draconian) law (see 2 PLPR 148), and the ABA has not even formally recommended against the type of approach in the NSW Bill. The Internet censorship issue still has a long while to run in Australia, but for the time being Internet privacy has had a reprieve.
Four findings and recommendations in the ABA Report are of particular relevance to privacy.
The ABA recommends that communications which are intended to be essentially private in nature, such as e-mail, should be exempt from content regulation. It recognises that there are some problems of boundary definition, such as large e-mail lists, or publicly-readable e-mail facilities. Consistent with this, any content classification or labelling initiatives should apply only to material available to the general public, which in most cases would exclude e-mail communication. This approach would apply to `Objectionable' (or `banned' or `refused classification') material, not just age-restricted material.
The ABA rejects proposals raised in its issues paper for a Refused Access List (RAL) of `Objectionable' material on sites world-wide, which would have accompanied some obligation on service providers to block access to that material. It accepted that the likely ineffectiveness of such an approach did not justify the possible `collateral damage' to the Internet. Instead, it proposed that the ABA convene an `Online Technical Task Force' of industry experts and government representatives `to investigate further the methods that may be utilised by the industry for dealing with such material'. This is very significant for privacy, because any attempt to enforce such a Refused Access List necessarily involves the development of an enormous amount of routine surveillance of Internet communications, which could easily be turned to other ends.
The ABA recommends that Internet access providers should only provide Internet accounts to adults (with verification methods provided in an industry Code of Conduct), and access should be password-controlled. This does not mean that Internet content providers or service providers will be liable if minors access their services or content, only that adults must assume responsibility for allowing minors to have Internet access, and controlling it. This is a far cry from requiring content or transaction providers to age-verify who is using their services (even if this was possible), and avoids routine collection of fully identifying details in cyberspace transactions, thus lowering the risk of secondary uses of such information.
The ABA recommends that a complaints handling regime should be developed specifically for online services. As part of its role in monitoring the effectiveness of codes of practice, it says the ABA should perform an independent appeals function for any unresolved complaints. The ABA may therefore have a finger in the pie of resolving privacy complaints concerning the Internet.
The NSW Parliamentary Counsel's Office prepared a draft Internet censorship Bill, at the request of Censorship Officers of all jurisdictions, based on the recommendations of the 1995 DoCA Consultation Paper and taking into account the provisions in the Victorian Classification (Publications, Films and Computer Games) (Enforcement) Act 1995 and the WA Censorship Bill 1995 (see the (leaked) text of the draft bill at http://www.efa.org.au/Campaigns/nsw.legislation.html).
Although the draft Bill has now been `deferred' by SCAG, it is worth noting some of its main deficiencies, in case they are revived. The draft Bill essentially made it an offence for any `online service provider' to allow any user to access `Objectionable' material, or any minor to access age-restricted material, anywhere on the Internet. Through its very broad definitions of `online service' and `online service provider', it prima facie imposed these obligations equally on everyone from Telstra (as carrier) to access providers, to content hosts, and to content creators, irrespective of their roles in relation to particular content. It then attempted to ameliorate this by providing two main defences which could potentially differentiate in their operation between different types of `online service providers'.
The first defence, compliance with a `industry code of practice' (cl 5) (misnamed, really just regulations issued by `participating Ministers') in effect meant that the real nature of the offences were unknown until the content of the `Code defence' became known. It was a licence to create serious criminal offences by regulation.
The second defence available to providers of `online services', that of taking `reasonable steps' to avoid offences (cl 4), would have encouraged, by the matters that it says a Court may take into account in considering reasonableness, four types of practices which in many contexts would be undesirable, particularly in relation to privacy:
(a) undertakings by users can only be obtained where identifiable details of users are obtained, reducing the anonymity of Internet transactions;
(b) random monitoring of material transmitted, including e-mail, encourages disdain for the privacy of employees, students and others -- and could, of course, be illegal where they conflict with the Telecommunications (Interception) Act 1979 ;
(c) requiring identification and age verification by those accessing age-restricted material, as well as being unreasonable in many contexts, will encourage the commercial re-use of such identification details collected at considerable expense (and with no privacy laws applying to the private sector to stop this);
(d) encouraging server operators to delete content following complaints (irrespective of whose content it is) encourages arbitrary and unchallengeable censorship by those who control the most resources, to the detriment of content providers.
In the absence of an easy-to-comply with, liberal, and guaranteed watertight Code of Practice, any online service provider providing access to content that they do not create would inevitably `play safe' and take the maximum steps available to it to ensure that a `reasonable steps' defence would be upheld. This would hasten the demise of both freedom of expression on the net, and what remains of any anonymity there is in using the net. It will increase the extent of surveillance in cyberspace, and the commercial use of such surveillance.
In relation to material which might be `refused classification' (RC), the draft Bill also criminalises genuinely `private' (person to person) communications in a way which is not done for voice telephony or the post (snail mail). There is no `RC' classification for what consenting adults say or write to each other, nor should there be. NSW Attorney-General Jeff Shaw made it clear that the draft Bill was intended to cover e-mail.
The definition of `transmit' in the Bill included both sending and receiving, opening up the possibility of Police searching individual users' hard disks to see if they have received any `refused classification' material via Internet. While the community accepts that such `possession' offences are necessary in exceptional areas such as paedophilia, they are not in keeping with general censorship laws concerning other media.
ACT Attorney-General, Gary Humphries, said that the `proposal from ` to regulate Internet service providers and effectively make them responsible for what their customers view or communicate to others on the Internet is a dangerously simplistic way of addressing a deeply complex issue', and that `the ACT Government will not condone measures which invade the personal privacy of individual computer users to achieve a quick fix' (press releases 10 and 14 July 1996). After describing the outcome of the SCAG meeting as `sensible' , Mr Humphries said `The outcome of taking a step back and working with the Australian Broadcasting Authority to examine the question, and range of possible outcomes, in the national context is much more sensible than proceeding on a state by state basis'. Humphries' views reflected those of most Internet users and service providers that the NSW draft Bill deserves to be dead and buried in its entirety.
Graham Greenleaf, General Editor.