Privacy Law and Policy Reporter
The extension of the Act to the private sector justifies a reconsideration of the approach taken in Information Privacy Principle 6 (IPP 6 -- the individual access principle), which is, at present, too blunt in that its exceptions simply exclude individuals from access to their records without providing any alternative of mediated access. A right to complain to the Commissioner about refusals of access is no substitute, as it only goes to the question of whether the exemption was properly invoked.
The general defect in the current approach arises from the fact that individuals usually want access to their records not merely to satisfy their curiosity as to what is held about them, but also so as to satisfy themselves whether the information is inaccurate, incomplete, out-of-date, irrelevant, used or disclosed for an improper purpose, or deficient in some other way. If so, their ancillary purpose for access is then to obtain other remedies including correction. In other words, they are attempting to assess whether IPPs 8-11 may have been breached, whether they need to use IPP 7, and whether some other remedy may also be needed.
Therefore, if a person is denied any access to information held about them, they are usually also effectively denied the benefits of all the IPPs. This unjust result must be avoided wherever possible, including where there is some legitimate reason for denying the person the normal right of direct access to their record.
The general answer to this dilemma is a recognition that `access' may be either `direct' or `individual' access (the normal, default, situation), or may be `indirect' or `mediated' or access (where another interest must be accommodated). In almost all situations (one can argue about extreme national security exceptions) it will be possible to find an intermediary who can protect the interests of the record-holder while being able to assess, on behalf of the individual, whether there are any deficiencies in the records held, and then to take appropriate steps or give appropriate assurances. The exercise will often be a delicate and difficult one, but that is no reason for its avoidance -- the `no remedy' alternative is worse.
The appropriate intermediary will depend on the circumstances. In many cases there will be an obvious `industry' party which could have the confidence of both sides and expertise in the type of records. Industry ombudsmen, such as in the telecommunications and banking industries, may be appropriate. In other cases, particularly with government records, the Privacy Commissioner will be appropriate. In many cases, including with medical records, the parties will often be able to agree on an intermediary that they both trust. In some cases, the solicitor for the applicant, on giving a non-disclosure undertaking, will be acceptable to the record keeper.
Consequently, I recommend alteration of IPP 6 in its operation to both the private sector and the public sector so that it provides:
(i) a general right of mediated access wherever an exception to individual access applies;
(ii) the Privacy Commissioner to be the intermediary, in default of any other being provided;
(iii) Codes of Conduct to provide for procedures for choice of intermediaries, or even nominated intermediaries, suitable to the industry/information concerned;
(iv) otherwise, the parties to an access dispute to agree on an intermediary, with the Privacy Commissioner to nominate same in event of disagreement;
(v) the Commissioner to have power to award costs concerning intermediaries, where the circumstances justify this; the organisation denying access should normally bear the cost of intermediary access.
Furthermore, the clearly serious nature to the individual concerned of the circumstances involved in some of these cases (safety, mental health, safe custody etc) means that these are precisely those cases where the individual needs protection against the very serious consequences of defective records. These examples are a list of where privacy rights are needed, not where they should be denied.
The danger of such potentially broad exceptions is their abuse by being invoked not because of the ostensible reason, but simply because the information embarrasses the organisation. In my view, the availability (and added complexity) of mediated access, coupled with the risk of costs awarded against them, will ensure that organisations will only refuse individual access in exceptional and well-justified instances of available exceptions.
Graham Greenleaf, General Editor.