Privacy Law and Policy Reporter
Compiled by Graham Greenleaf and Nigel Waters
Queensland’s Criminal Justice Commission (CJC), established by the Criminal Justice Act 1989, has released its report on the corrupt disclosure of confidential information from the Queensland Police Service (QPS). The Report, Protecting Confidential Infor-mation (CJC, November 2000) ,makes many specific recommendations concerning the QPS, its computer systems, and regulation of other occupations such as private investig-ators. The CJC also recommends the creation of a criminal offence prohibiting people from ‘obtaining or trying to obtain from government records any confidential information about others, however it may be held’ (which is therefore wider than ‘computer crime’ legislation). The CJC also recommends that the Queensland Government revisit the recomm-endations of the Legal, Constitutional and Administrative Review Committee (LEARC) which were in favour of the creation of a Privacy Act (Qld) covering the Queensland public sector (see 5(2) PLPR 49 and 5(3) PLPR 72).
In August 1998 the CJC received information that officers stationed at the Nerang Police Station may have been unlawfully disclosing confidential information from the QPS computer systems to a cleaner who was employed at that station. During the course of an investigation into this matter, the CJC received other allegations of police officers unlawfully disseminating QPS information. At Nerang, 53 former and current officers were interviewed. The CJC concluded that there was ‘persuasive evidence that, of these 53 officers, 17 were involved in hundreds of instances of unlawful access to, and disclosure of, confidential information. One officer in particular was found to have conducted 1777 inquiries on 291 individuals over the three year period.’ Officers at four other stations were also disciplined.
The report is available at <http://www.cjc.qld.gov.au/cjc/pipereport.pdf>.
In October, California Governor Gray Davis signed into law six new privacy measures aimed at protecting consumers’ privacy and protecting against identity theft. One of the new laws establishes the first dedicated US privacy protection agency within the Department of Consumer Affairs. The new Office of Privacy Protection will operate as a central clearinghouse for privacy complaints and will provide information, advice and referrals to consumers to help resolve privacy disputes and concerns.
Another law requires businesses to destroy customer records containing personal information by shredding them, erasing them or otherwise making them unreadable. Two of the laws specifically address the growing problem of identify theft. The first allows victims of identity theft to seek the assistance of the courts in clearing their names and restoring their identities. The second allows those victims to join law enforcement in accessing a statewide database documenting identity theft crimes. Under the fifth law, credit card companies will have to give consumers an opportunity to ‘opt out’ annually of having their personal information shared. The final law prohibits consumer credit reporting agencies from including medical information, provided for insurance purposes, in consumer credit reports.
This new package of laws, coupled with the state’s strong constitutional right to privacy, clearly establishes California as the leading US state in the protection of individual privacy.
A press release from the California Department of Consumer Affairs discussing the new legislation is available at <http://www.dca.ca.gov/press_releases/20001030.htm>.
Source: EPIC Alert.