Privacy Law and Policy Reporter
Anne Pickles, Brigades Information Co-ordinator for the NSW Fire Brigades, describes how the NSW Fire Brigades is planning to manage personal information under the Privacy and Personal Information Protection Act 1998 (NSW), and discusses issues such as provision of information to the insurance industry, management of personnel data and sharing information between agencies during emergencies. This is one of the first case studies of the operation of the NSW legislation. It was presented at the Australasian Fire Authorities Council (AFAC) Conference in Adelaide, September 2000 — General Editor.
Developments in information technology are making it easier and easier to collect, store, manipulate and disseminate information. Emergency services are taking advantage of these developments and interlinking incident data, geographic information, personnel data and resource management information to improve the quality of their services to the community. The community, however, is becoming aware of how much data government and private organisations hold on individuals and is showing a growing concern about the potential for invasion of privacy and misuse of personal information. While emergency services want to use every resource available to them to prevent and combat emergencies, no one wants to be regarded as ‘Big Brother’.
The NSW Fire Brigades (NSWFB) is a government department that provides fire prevention, protection, mitigation and suppression services to major metropolitan areas, regional centres and rural towns in NSW. The NSWFB also provides rescue services and is responsible for managing hazardous materials incidents throughout NSW. To provide these services, the NSWFB maintains a network of 330 fire stations and employs some 3000 full time firefighters, 3300 part time firefighters and 280 support staff. In 1998/1999, the NSWFB responded to over 110,000 fire, hazardous materials or rescue emergency calls.
The NSW Privacy and Personal Information Protection Act 1998 (PPIPA) upgrades the NSW Government’s arrangements for the regulation of privacy by introducing a set of privacy standards for the management of personal information in the NSW public sector and establishing the Office of the Privacy Commissioner to conduct research, give advice and handle complaints. NSW has had a Privacy Committee since 1975, which gives advice on privacy issues, but the PPIPA introduces more rigorous review processes and allows for the imposition of penalties by the Administrative Decisions Tribunal. The PPIPA came into force on 1 July 2000, but financial penalties will not apply for breaches of the Act until 1 July 2001.
The PPIPA is modelled on the Privacy Act 1988 (Cth), allowing NSW to draw on the experience of the Federal Government in managing these matters. The Federal Act currently only sets standards for the Federal and ACT public sectors, but the Federal Government is drawing up privacy legislation that will apply to the private sector throughout Australia.
Under the PPIPA, personal information is any information that relates to an identifiable person. This definition covers not only paper records, but also such things as genetic material, electronic records, video recordings, photographs and biometric information such as fingerprints.
Names, addresses, phone numbers, tax file numbers, bank account numbers, vehicle registration numbers and inform-ation or opinions on a person’s ethnic or racial origin, political opinions, religious or philosophical beliefs, trade union membership, health or sexual activities are all personal information. Information about a government department’s dealings with a particular individual is also personal information.
The person’s name need not be included in the information to make it personal information — if the person can be reasonably identified from the information, then it is personal information. For example, the information that a fire occurred at a particular address at a particular time can be considered to be personal information as it is generally fairly easy to identify the occupant or owner given this information.
Twelve Information Protection Principles (IPPs) relating to the collection, use and disclosure of personal information form the basis of the PPIPA. The following summary is taken from Privacy NSW’s website:
A summary of the 12 NSW Information Protection Principles
Personal information must be collected:
(1) for lawful purposes directly related to a function or activity of the agency and where the collection is necessary for that purpose;
(2) from the individual to whom the information relates, unless otherwise authorised or the information is collected under an applicable exception;
(3) in circumstances where the individual from whom it is collected is made aware of the fact that it is being collected, the purpose for collecting it, intended recipients of the information, whether the supply is mandatory or voluntary, relevant rights to access and correct the information and the name and address of the collecting agency and any holding agency;
(4) taking reasonable steps to ensure the information is relevant, accurate, not excessive, and up to date and that the collection does not unreasonably intrude on the individual’s personal affairs.
Where agencies store personal information they must:
(5) ensure that it is kept no longer than necessary and disposed of appropriately, is protected by reasonable security safeguards, and protected from unauthorised use or disclosure when made available to a third party for a provision of a service to the agency;
(6) provide individuals with sufficient information about the agency’s holdings of personal information to enable the individual to exercise relevant rights;
(7) provide individuals with access to personal information about themselves without unreasonable delay and expense;
(8) comply with individual requests to amend their personal information to ensure that it is relevant, up to date, complete and not misleading.
Agencies proposing to use or disclose personal information must:
(9) take reasonable steps to ensure its accuracy before use;
(10) use it only for the purpose for which it is collected, or for a directly related purpose, for a purpose to which the individual has consented, where the use is necessary to prevent or lessen a threat to life or health or subject to an applicable exemption;
(11) only disclose it for a purpose directly related to a purpose of collection and where the individual is unlikely to object, where the individual has been put on notice that information is usually disclosed to the relevant person or body, where the disclosure is necessary to prevent or threaten a threat to life or health, or subject to an applicable exception;
(12) not disclose personal information about a person’s ethnic or racial origin, political opinions, religious or philosophical beliefs or trade union membership unless disclosure is necessary to prevent or lessen a threat to life or health or is subject to an applicable exception; and
(13) only disclose information to individuals or organisations outside New South Wales under approved circumstances (this will only become operative after 1 July 2001).
To comply with the PPIPA, the NSWFB has prepared a privacy management plan that includes strategies for bringing the NSWFB into line with the IPPs by 1 July 2001 (note that complaints about the NSWFB’s handling of personal information can be made under the PPIPA from 1 July 2000, but financial penalties do not apply until 1 July 2001). A Privacy Project Team was formed and Xamax Consultancy was contracted to assist with the audit, the legal review, preparing the management plan and the development of associated policies and procedures.
In order to produce the plan, the NSWFB has undertaken an audit of all its personal information sets, assessed the management of each collection against the IPPs, researched the legal authorities for the collection, use and disclosure of these personal information sets, and developed strategies for dealing with issues that have arisen from this work.
Over the next year, the challenge will be to implement those strategies to ensure that the NSWFB is compliant with PPIPA, or that the Privacy Commissioner has approved codes of practice that exempt the NSWFB from compliance with the IPPs. In addition, the NSWFB has established an internal review process, and will be conducting awareness and training programs to inform staff about the PPIPA and the changes to policies and procedures.
Over the past few years the NSWFB has undertaken a number of reviews of its information systems and collections, so we were in a good position to identify collections of personal information that we hold.
Our collections of personal information fell into a number of broad categories:
There has always been an obligation on the NSWFB to treat personnel information as confidential information, and there are security measures in place to protect this information. Privacy is not the same as confidentiality, as confidentiality only restricts the use or disclosure of information in any way contrary to the interests of the person who provided it, while privacy applies to any information related to an individual, no matter who provided it. In most cases, however, the existing restrictions on access and use were considered to be sufficient to meet both obligations, given an overhaul of policies and procedures to include information about privacy protection.
An issue that has arisen relates to the employment of consultants or contractors in the areas of personnel and occupational health and safety management. For example, the NSWFB employs a medical officer on a contract basis to provide advice on fitness, workers’ compensation, rehabilitation and occupational health. There is also a contractual arrangement with an external agency to provide employees with drug and alcohol counselling and other forms of counselling. The NSWFB will be obliged under the PPIPA to review all its contracts with such service providers to include clauses ensuring that they abide by the information protection principles.
The contracts issue also affects the NSWFB from another angle, as the NSWFB has contracts to provide personnel, payroll and records management services to the NSW Department of Transport. We expect the Department of Transport will be asking us to review the terms of their contract with us along the same lines within the next 12 months.
At first glance, the collection and use of personal information for call taking and emergency response would appear to present problems with compliance with the PPIPA. When an operator takes a 000 call and passes the information to a firefighting crew so that they can respond to and combat the emergency, the information:
which means that some of the most basic requirements of the PPIPA are not met.
Additionally, the process of call taking may involve accessing calling number identification information from Telstra, which is personal information about the caller.
However, where the NSWFB is lawfully authorised or required not to comply with the IPPs on collection of information directly from the individual or with their knowledge, exemptions are available under s 25 of the PPIPA. The Telecomm-unications Act 1997 (Cth) makes special provision for the disclosure of information by Telstra to members of a fire service. The White Pages carries a warning that ‘when reporting an emergency by 000, the telephone number and address you are calling from may be given to the emergency service’.
The legislation relating to the recording of calls is not quite so clear. The advice we have received from Xamax is that the recording of telephone calls is subject to the Telecommunications (Interception) Act 1979 (Cth) and the Listening Devices Act 1984 (NSW). Australian Communications Industry Forum Guideline 516 (1998), Participant monitoring of communications, provides an overview of the complex interaction of these laws. Emergency service organisations have relied on an exception in s 6(2) of the Telecomm-unications (Interception) Act 1979 to record emergency calls without the knowledge or consent of the user. It is likely that the NSWFB’s recording of calls is lawfully authorised by these Acts, but the NSWFB plans to seek the advice of federal government agencies to confirm whether this practice is lawful. As this is an area of legal risk for any emergency service that records calls, whether or not privacy legislation applies, a national approach to clarifying this area of the law may be appropriate.
Since all calls made to telephone numbers in the NSWFB’s Communication Centres are recorded, the NSWFB also needs to warn its staff that any internal or external calls made to or from these number are recorded. We already have in place strict security guidelines that restrict the disclosure of this information outside the NSWFB to people authorised by the NSW Police.
The requirements of the Fire Brigades Act 1989 (NSW) for the NSWFB to take measures to prevent and combat fires, and hazardous materials incidents, and the NSWFB’s rescue function under the State Emergency and Rescue Management Act 1989 (NSW) also provide the NSWFB with an argument for an exemption under s 25 of the PPIPA. The collection and use of personal information is necessary to carry out these functions; it is not reasonable to seek the permission of the person concerned when there is an emergency.
Early in the life of this project it became evident that there were issues arising from the need for emergency services to co-operate during incidents, and also to share information with other government agencies such as the Department of Health, the Department of Community Services and local councils, and other organisations such as utilities and charities. It is probable that the community would not find the sharing of information between these agencies unreasonable, so long as measures were taken to ensure that only relevant information is collected, used and disclosed, and it is not disclosed to anyone who does not have a need to know directly related to the emergency.
Major incidents in urban areas, or affecting infrastructure such as the supply of gas or electricity, increasingly require a sophisticated response from emergency services, who will often be in the position of having to ration resources, particularly in extended recovery phases. Data matching of personal information held by a number of different agencies can be an accurate and effective way of targeting resources to those most in need. For example, information from health and welfare agencies on aged and disabled people living in an emergency area can be matched with call taking information to prioritise requests for assistance. Emergency services these days have access to the technology needed to use information this way, but care must be taken to ensure the value added information is not misused, for example by the release of sensitive information to the media.
The PPIPA has provisions that allow agencies to apply to the Privacy Commissioner to have a code of practice approved that sets out the conditions and procedures for agencies to modify the application of the IPPs. Recognising that co-operative arrangements during emergencies will be an issue for all the agencies involved in emergency response and recovery, the NSWFB has convened a series inter-departmental meetings of NSW emergency service organisations on this issue. It is likely that the agencies concerned will present a joint case to the Privacy Commissioner for a code of practice for the transfer of personal information between NSW agencies and associated organisations during emergencies. Transfer of information to agencies in different jurisdictions may also involve a code of practice or possibly changes to the agencies’ legislation.
The NSWFB’s Australian Incident Reporting System (AIRS) database holds over a million records of incidents dating back to 1987. For each call that the NSWFB attends, an AIRS form is filled in by the firefighters. This form includes information on the time, place and nature of the call, the people involved, the resources used, the time and methods used to combat the incident, the cause of the problem and the type of infrastructure or equipment involved. This information is used for planning and prevention purposes. In most cases, the information would be depersonalised before use in statistical analysis. Where more detailed reports on incidents exist, for example Fire Investigation and Research Unit reports, it will be necessary to take steps to ensure that disclosure to parties outside the NSWFB does not breach the IPPs (note that disclosure to law enforcement agencies is exempt from these provisions).
The disclosure of information from AIRS reports to insurance industry organisations is a major issue for the NSWFB in relation to the PPIPA. Although there is a funding relationship between the NSWFB and the insurance industry and a longstanding practice of providing this information — which has not generated complaints about privacy from the public — this practice is not specifically covered in the Fire Brigades Act 1989 and falls outside the IPPs. Insurance industry representatives may not be acting for the person to whom the information relates, and there is currently no guarantee given by the insurance industry representatives that the people concerned have given their consent to the disclosure of this information. It is not practicable for the NSWFB to contact the people concerned before disclosing this information, nor is it practicable to inform 000 callers that the information they provide may be used in this way.
The NSWFB does not want to damage its relationship with the insurance industry, and believes that using AIRS information to facilitate the processing of insurance claims expedites the process of recovery from emergencies and disasters, which is in the community’s interests. We are aware that the insurance industry is considering these issues, and have issued a voluntary set of privacy principles that are based on the Federal legislation. The NSWFB will therefore be seeking to work with the insurance industry to find ways of providing this community benefit without going against the spirit of the PPIPA or upcoming Federal private sector privacy legislation.
Specific advice from the Privacy Commissioner will be sought on the best way to resolve this issue. A code of practice jointly agreed to by the insurance industry and the NSWFB may be sufficient, or changes to the NSWFB’s legislation may be necessary. Another approach could be to put the onus on the insurance companies to warrant that they have notified the claimant at the time of making the claim and have obtained their consent to the disclosure. The NSWFB is aware that other fire services around Australia have similar dealings with the insurance industry, and we would be interested in hearing from other services who might like to enter into similar arrangements. The insurance industry is going to have to deal with these issues when the Federal legislation on privacy in the private sector comes into force in the next few years, so a national approach is likely to be the most efficient one for insurance companies.
From 1 July 2001, NSW agencies will only be allowed to transfer information to other jurisdictions that have similar privacy legislation. In Australia only information transfers to the Commonwealth and the ACT would be allowable, although Victoria is currently working on privacy legislation. New Zealand has a comparable Privacy Act. These transborder restrictions may affect the management of the AIRS national database. After 1 July 2001, the NSWFB may be unable to provide personal information from the AIRS national database to enquirers from other jurisdictions. The NSWFB will be discussing this issue with AFAC and exploring avenues such as the depersonalising of AIRS data before entry to the national database, revisions to legislation, or the making of a code of practice to cover this situation.
Fire prevention is a major function of the NSWFB. As well as running community safety campaigns and undertaking local risk management programs, the NSWFB’s Fire Safety Division provides advice to councils on building fire safety under the Environmental Planning and Assessment Act 1979 (NSW). The most sensitive fire prevention information held by the NSWFB is probably in complaints received by the Fire Safety Division about unsafe premises. Many complainants are nervous that their identity may be revealed to the owner or occupier of the building about which they are complaining, who may be an employer or someone else in a position to do them harm. The NSWFB always handles these complaints confidentially, but procedures will be reviewed to explicitly include privacy safeguards.
The Privacy Commissioner is preparing guidelines on the use of NSW government information for research purposes. The NSWFB will use these guidelines for making decisions about allowing access by external researchers to AIRS or other NSWFB records, and will also ensure that any research work by NSWFB staff, such as surveys of members of the public, is vetted by someone familiar with the IPPs so that unnecessary personal information is not collected or retained and data is depersonalised as much as possible. This sort of work is not done under emergency conditions, and it should be possible to ensure that the person concerned gives consent to the collection, use and disclosure of any personal information.
Fire prevention programs that involve direct contact between firefighters and the community may also generate sensitive collections of personal information. Smoke alarm campaigns may be more effective in reducing the risk of loss of life if they are targeted at high risk groups such as the elderly or disadvantaged, but firefighters must be aware that personal information collected in order to conduct such programs is subject to the PPIPA. Special care will be required for programs targeting children or people with medical or psychological conditions, in relation not only to the PPIPA but also under child protection Acts and other relevant legislation. The NSWFB cannot collect personal information without lawful reason; that is, the NSWFB must be sure that its programs are within the functions of the Fire Brigades Act 1989 or authorised by other legislation.
Anyone (whether an employee or a member of the public) has the right under Pt 5 of the PPIPA to ask the NSWFB to conduct a review if they believe that the NSWFB has breached their privacy or might breach their privacy in future. The primary responsibility for conducting this review lies with the NSWFB, although the Privacy Commissioner can undertake the review for us if we request. If the person is not satisfied with the action taken by the NSWFB, they may complain to the Administrative Decisions Tribunal. The Administrative Decisions Tribunal may make orders requiring the NSWFB to change the way it does business, or may make an order requiring the NSWFB to pay damages of up to $40,000 for loss or damage suffered.
The NSWFB is committed to promoting ethical decision-making by its staff. To promote professional standards and conduct, the NSWFB established the position of Professional Standards and Conduct Officer in 1995. Complaints about the NSWFB’s handling of personal information will be managed by this officer in accordance with the principles of probity and confidentiality that have been developed for handling disciplinary complaints and complaints of corrupt conduct. Feedback from any complaints made will be used to improve information management processes and systems across the NSWFB.
Preparing a privacy management plan has given the NSWFB the chance to look at its operations from a different point of view. The following are some of the lessons we have learned from this exercise.
The PPIPIA is new legislation for NSW. There is no case law to guide us. As NSW government agencies publish their privacy management plans, an enormous amount of information will become available to the NSW community on the personal information held on them by the public sector. The NSW Fire
Brigades enjoys a very high level of esteem in the community, and we believe that we can balance the community’s right to immediate and effective response to emergencies with their right to privacy.
At the present time, we are still refining our strategies. Much work needs to be done over the next 12 months to bring our policies and procedures into line with the IPPs, and to seek the most appropriate arrangements for information sharing with other agencies involved in emergency response. Governments around the world are enacting privacy legislation similar to the Federal and NSW legislation, and it is likely that other Australian states will follow suit. We will work with the insurance industry to provide the best service possible for the victims of emergency incidents and we will be an encouraging a national approach to issues that potentially affect all emergency services. We are interested in hearing from any fire service that would like to work with us on these issues, or from anyone who would like more information.
Anne Pickles, Brigades Information Co-ordinator, NSW Fire Brigades.