Privacy Law and Policy Reporter
Compiled by Graham Greenleaf and Nigel Waters
Australia’s second Privacy Commissioner, Moira Scollay, is to leave the job in January after only two years of a five year term. Federal Attorney General Daryl Williams announced on 13 November that Ms Scollay has been appointed Chief Executive Officer of the Australian National Training Authority, based in Brisbane. A detailed assessment of Ms Scollay’s term will appear in a future issue. She has indicated her intention to complete her review of her National Principles for the Fair Handling of Personal Information and issue a revised version before she leaves the job. No announcement has yet been made about a replacement.
The 10th Annual report of the Federal Privacy Commissioner, covering the 1997-98 financial year, was released in Nov-ember, and is available both as a printed document and on the Commissioner’s Web Site at http://www.privacy.gov.au. It will be reviewed in a forthcoming issue.
Negotiations between the EU (DGXV) and the US Department of Commerce about the impact of the EU Data Protection Directive have intensified in recent weeks. An EU announcement on 27 October referred to arrangements for a so-called ‘safe harbour’, which would involve US businesses signing up to a set of privacy principles to be issued by the US Department of Commerce. A more detailed account of the negotiations was published on the same day by a Washington news service. This reported Undersecretary of Commerce David Aaron as saying that the EU member states had endorsed EU Commission efforts to reach a negotiated understanding with the US on data privacy. While implying that the EU would not seek to block data transfers to and from the US, Aaron reiterated the US premise that the United States already has effective privacy protections, although he also acknow-ledged that the privacy situation in the US has evolved dramatically since the US-EU discussions began. He confirmed that the Commerce Department plans to issue general guidance on what sort of principles it favours, but emphasised that these would be voluntary and would not have the force of regulations. The two main areas that need to be addressed, according to Aaron, are access and enforcement. Aaron subsequently wrote to industry representatives setting out the ‘Safe Harbour Principles’ which he is asserting will satisfy the Europeans. These principles have been criticised by privacy lobbyists the Electronic Privacy Information Centre as not even meeting the 20 year old OECD Guidelines to which the US is already notionally committed.
The safe harbour concept remains hazy, and is not yet confirmed as acceptable to the EU, although both sides say they hope discussions will be concluded before the end of the year.
 BNA Daily Report for Executives, No 207, October 27 1998.
 EPIC News 5.16 at http://www.epic.org.
The Canadian federal Privacy Bill has received a second reading, and was due to go to Committee for hearings at the end of November. Both Industry and Justice Ministers are solidly behind the proposal, and there doesn’t seem to be any significant opposition in Parliament. But there have been constitutional objections — provincial Justice Ministers issued a statement in late October, objecting to what they see as the federal government’s intrusion into the jurisdiction of the provinces.
(Source — Colin Bennett, University of Victoria, BC.)
On 10 November, the Senate passed the Data-matching Program (Assistance and Tax) Amendment Bill 1998, which lifts the sunset clause which has been a feature of the data-matching legislation since its controversial inception in 1990. As a result, the regulated data-matching program involving Centrelink, DSS, DEETYA, DVA and the ATO is now established as a permanent part of the administration of taxation and Federal Government benefits. The opposition voted with the government, accepting the claims of substantial net savings, and it was left to the Democrats to support the Privacy Commissioner’s argument for the sunset clause to be retained, ensuring that the program is subject to periodic parliamentary review. The reporting requirements in the legislation remain in place, with agencies making annual reports to the Privacy Commissioner which are tabled in Parliament, and a direct report to Parliament every three years (the first such reports were due in 1998). Unfortunately, the Privacy Commissioner’s Annual Report for 1997-98 only includes material on the 1996-97 agency reports, which limits the value of the report, not least to Parliament in making the important decision on the sunset clause.
The NSW Privacy and Personal Information Protection Bill (see (1998) 5 PLPR 61) was debated again in the lower house (Legislative Assembly) on 18 November. Two of the key amendments made by the Legislative Council were rejected — the attempted removal of the exemption for state owned corporations, and the role for the Privacy Commissioner in approving any Codes issued by the Minister that exempts an agency from compliance. As the Opposition pointed out, these two amendments, if passed as the government desires, will significantly weaken the legislation. The Bill was sent back to the upper house for further consideration.
The Press Council News (Vol 10 No 4, November 1998) includes the Council’s submission to the Victorian Justice Department’s Surveillance Devices Bill Discussion Paper (see (1998) 5 PLPR 60), and an article by Chairman Professor Dennis Pearce entitled ‘Is Privacy Dying?’. Both the submission and the article reflect a defeatist view of privacy which puts the interests of news gathering and unfettered freedom of the press ahead of legitimate concerns about privacy intrusion. Professor Pearce’s article is particularly disappointing in that if seems to devalue privacy not so much on arguments of principle as on the grounds that the print media cannot afford to be ‘left behind’ by other media. He argues for damping down public expectations about the ability of the Press Council to uphold privacy in the face of changes in news gathering practice. He asserts, without citing any evidence, that the public acceptance of media invasions of privacy has increased, and suggests that for Press Councils to stay with the language of privacy is to adopt a criterion that is fast losing any credibility. A suitable rejoinder is that it this will become a self-fulfilling prophecy if bodies such as Press Councils shrink from the admittedly difficult task of balancing privacy concerns against other public interests.