AustLII Home | Databases | WorldLII | Search | Feedback

Privacy Law and Policy Reporter

Privacy Law and Policy Reporter (PLPR)
You are here:  AustLII >> Databases >> Privacy Law and Policy Reporter >> 1996 >> [1996] PrivLawPRpr 72

Database Search | Name Search | Recent Articles | Noteup | LawCite | Help

Federal Office of Road Safety --- "Intelligent Transport Systems" [1996] PrivLawPRpr 72; (1996) 3(8) Privacy Law & Policy Reporter 155

Intelligent Transport Systems

Draft Principles from the Federal Office of Road Safety

The Federal Office of Road Safety released the following Draft Australian Privacy Principles For Intelligent Transport Systems on December 2 1996. They would like comments on the principles by January 1997. For further details contact TLawrenc@email.dot.gov.au (General Editor).

What are ITS?

Intelligent Transport Systems (ITS) represent the application of advanced computing and communications technology to transport management and operating systems to achieve increases in efficiency and safety, with reduction in negative environmental impacts.

Examples of ITS applications include:

Privacy and ITS

Many ITS applications raise few, if any, privacy issues, particularly where the applications cannot or do not specifically identify a vehicle or driver. However, some ITS applications pose a significant threat to the privacy interests of individuals. There are two dimensions to privacy which are relevant to the ITS context. These are: the threat to autonomy posed by surveillance and loss of anonymity, and the resulting loss of information privacy.

Personal autonomy

The concept of privacy incorporates notions of personal autonomy and freedom from intrusion. Individuals have the reasonable expectation that they can choose to conduct themselves with some degree of anonymity in their day to day lives, and can do so free from surveillance and routine monitoring. Some ITS applications have the potential to intrude upon these privacy expectations where the driving habits and journey patterns of private citizens may be subject to routine scrutiny by outside interests such as government or private organisations. There should be strong social justification for any ITS applications which involves any degree of monitoring of individuals' movements. ITS developers should recognise individual's rights to anonymity in travelling on public roads and consideration should be given to whether it is necessary to the purpose of the ITS application that individuals and their vehicles be identified. Any proposal to develop an ITS application should take as its starting point the individual's right to voluntary informed participation in that scheme.

Information privacy

The most obvious way in which ITS applications may result in privacy intrusion is through the recording of information about vehicle movements and the actual or potential linkage of this information to individual owners and drivers. Notions of privacy also incorporate the individual's interest in controlling or participating in decisions about the use of their own personal information.

The development of new technologies to support ITS applications, give rise to the greater capacity to collect, store and aggregate large amounts of personal information which may be used to monitor individuals as they go about their lawful day to day activities. It is important that, as a starting point, ITS developers consider whether collecting identifying personal information is necessary to the efficient and effective functioning of the application.

Standards Australia Privacy Principles for ITS

The following principles have been developed in recognition of the privacy issues raised by ITS applications. They specifically deal with the second aspect of privacy threat, that is, the potential for ITS applications to intrude on the information privacy rights of individuals. The ITS Privacy Principles cover a range of issues including fair collection, storage and security of data, access by individuals to their personal information, accuracy of information, limits on the use of personal information and its disclosure to third parties. These principles are based on internationally recognised privacy guidelines as developed by the OECD in 1980.

The principles are intended to provide guidance only as to the minimum privacy standards that should be adopted for any ITS application which involves the collection of identifying information about individuals. Compliance with and implementation of these principles would require the development of codes of practice or memoranda of understanding between parties.

It is noted that the ITS Privacy Principles will have to be compatible with the national privacy regime which is currently under discussion at the federal level. That regime is likely to require compliance with standards set out in the Commonwealth Privacy Act 1988, which is based on the OECD Guidelines.

Public confidence in ITS applications

It is important to note that the success of any ITS application is reliant on the public's confidence that they these applications will be managed responsibly, that ITS operators are accountable and that citizens will be given an opportunity to exercise their rights to voluntary participation. As has been demonstrated overseas, the extent to which ITS developers and operators respond appropriately to the legitimate fears that people have about the impact of ITS applications on their privacy, will determine the level of societal acceptance for this application of new technology.

The Principles

Collection limitation (Principle 1)

Only minimal amounts of personal information sufficient for the needs of a particular ITS application should be collected by ITS operators. Any such information should be obtained by lawful, fair and non-intrusive means and with the knowledge or consent of the individual concerned.

Data quality (Principle 2)

Personal information collected by ITS operators should be relevant to the purposes for which it is to be used and, to the extent necessary for those purposes, should be accurate, complete and kept up-to-date.

Purpose specification (Principle 3)

The purposes for which personal information is collected by ITS operators should be specified at the time of collection and the subsequent use limited to the fulfilment of those purposes or other directly related purposes. Personal information collected by ITS operators should be destroyed once it is no longer necessary for the purposes for which the information was originally collected.

Use limitation (Principle 4)

Personal information collected by ITS operators should not be disclosed, made available or otherwise used for purposes other than those specified in accordance with the purpose specification principle except:

(a) with the informed consent of the individual concerned;

(b) by the authority of law; or

(c) in situations involving serious imminent threat to the life or health of the individual concerned or another person.

Security (Principle 5)

Personal information collected by ITS operators should be protected by reasonable security safeguards against such risks as loss or unauthorised access, destruction, use, modification or disclosure of data.

Openness (Principle 6)

ITS operators should have a general policy of openness about developments, practices and policies with respect to personal data. ITS operators should establish means of telling people(where possible before collection):

(a) what terms of personal information are collected;

(b) the main purposes for which their personal information will be used;

(c) whether the collection is authorised by law;

(d) details of any person to whom the information is usually disclosed;

(e) how to gain access to the data and correct it if necessary; and

(f) how to make a complaint if the principles are breached.

Individual participation (Principle 7)

An individual should have the right to have access to personal information held by ITS operators about him or herself. A person should be able to have incorrect personal information held by ITS operators corrected.

Anonymity (Principle 8)

Wherever possible, ITS operators should give people the option of entering into transactions which do not require them to identify themselves.

Accountability (Principle 9)

ITS operators should be accountable for complying with measures which give effect to the principles stated above.

Implementation

In order to implement these Principles, it will be necessary for ITS operators to establish legal, administrative or other procedures such as a code of practice or a memorandum of understanding. The implementing framework should provide for adequate sanctions and remedies in the event of non-compliance with the Principles.

Definition -- `personal information'

Information or an opinion (including information or an opinion forming part of a database), whether true or not, and whether recorded in a material form or not, about an individual, whose identity is apparent, or can reasonably be ascertained, from the information or opinion. Personal information includes vehicle identification numbers.


AustLII: Copyright Policy | Disclaimers | Privacy Policy | Feedback
URL: http://www.austlii.edu.au/au/journals/PrivLawPRpr/1996/72.html