AustLII Home | Databases | WorldLII | Search | Feedback

Privacy Law and Policy Reporter

Privacy Law and Policy Reporter (PLPR)
You are here:  AustLII >> Databases >> Privacy Law and Policy Reporter >> 1997 >> [1997] PrivLawPRpr 15

Database Search | Name Search | Recent Articles | Noteup | LawCite | Help

Credit Union Services Corporation (Australia) Ltd (CUSCAL) --- "Unions support IPPs, national approach" [1997] PrivLawPRpr 15; (1997) 3(10) Privacy Law & Policy Reporter 193

Unions support IPPs, national approach

Extracts from the submission by Credit Union Services Corporation (Australia) Ltd (CUSCAL)

CUSCAL's lengthy submission supports most aspects of the proposals in the discussion paper, and the content of the IPPs. The extracts here emphasise those elements where CUSCAL had suggestions or criticisms (General Editor).

Australian credit unions are significant participants in the retail banking market. There are 284 credit unions in Australia with in excess of $15 billion in assets and nearly 3.5 million members. One in five adults has all or part of their financial requirements met by credit unions.

...

Role of CUSCAL

CUSCAL (Credit Union Services Corp (Australia) Ltd) is a Special Service Provider (SSP) which is wholly-owned by credit unions. Its role is to provide treasury and a range of other business related services to member credit unions. CUSCAL also has several wholly owned subsidiaries which provide services such as funds management and superannuation ...

...

National scheme

CUSCAL reiterates our strong preference for a single uniform system of privacy regulation under Commonwealth legislation ... CUSCAL is aware that state and territory governments are also currently developing proposals to extend privacy regulation to the private sector. If such proposals are implemented independently of the development of Commonwealth legislation, the certain results will be non-uniform requirements governing the collection, use and disclosure of personal information and significant compliance problems for industry.

...

Support for IPPs

CUSCAL notes the proposal to proceed with the establishment of data protection standards by the application of Information Privacy Principles (IPPs). It is understood that the establishment of a similar system in NZ has been regarded broadly as successful by both government and industry participants.

CUSCAL supports in principle this proposal and urges the government to ensure the drafting of the IPPs reflects a sensible `plain English' approach. It is also vital that the consultative approach of the government involving industry in the development of the privacy regime continues as the IPPs are refined.

CUSCAL supports in principle the application of a set of IPPs and makes the following comments on the discussion paper.

[IPP 1] limits the uses which may be made of collected information to the intended purpose and not for undisclosed secondary purposes. CUSCAL would support the application of this principle if credit unions were able to use a consent mechanism in the collection of the information. Such a mechanism would indicate to the credit union member how such information would be used in the credit union at the time of collection and in the future and seek the member's consent to those uses.

[IPP 2] ensures the collection of personal information directly from the person concerned. CUSCAL notes that this principle has the potential to limit a credit union's capacity to attain information from a partner or second person involved in a loan or account joint application. In ensuring that data can be used to assess the needs of members, provide the best service for members and advise members of the most appropriate products for their use, credit unions would again seek the member's consent as outlined above. CUSCAL also notes that with regard to access to data from organisations such as the Credit Reference Association of Australia, credit unions will need to continue to obtain such access as is currently the case.

...

As a matter of effective administration, staff training on the requirements of IPPs 4 and 5 would be required to ensure awareness and effective implementation of the security requirements for personal information. Credit unions would also be required to make formal appointments of `record keeper(s)' as necessary. In the event that CUSCAL acts in the role of record keeper (in retail banking etc) CUSCAL would also maintain appropriate records and establish restrictions on access as required under the IPP. It is noted that if there is a requirement to track both changes to, and access to, data CUSCAL does not support a requirement for system modification but rather appropriately amended internal controls.

...

The application of [IPP 6] giving access to `personal information' is supported. CUSCAL would however note that this should be access to personal information as opposed to evaluative material used by the credit union in the course of making a commercial judgment. We also note that the provision of access to all records of an individual may, on occasion, present a heavy administrative burden and the credit union may need to seek some recompense for the work involved.

...

Repeal Pt IIIA

Given the Government's broad review of privacy regulation in Australia we believe it is critical to repeal Pt IIIA of the Privacy Act to bring regulations governing the collection and use of credit information into line with those which will be applied to the rest of the private sector. It would seem inconsistent to exclude this aspect of business from the uniformity the government otherwise seeks to achieve. CUSCAL believes that the new uniform regime should be uniform in its application across the private sector. ...

In further development of the Government's proposal for privacy regulation in the private sector, we would suggest that after receipt of comments on the discussion paper that the Government convene a meeting with industry to progress discussions. It is suggested that this occur before the release of any further proposals, to facilitate the ongoing involvement of industry in the consultative process.


AustLII: Copyright Policy | Disclaimers | Privacy Policy | Feedback
URL: http://www.austlii.edu.au/au/journals/PrivLawPRpr/1997/15.html