Privacy Law and Policy Reporter
Commissioner Crompton eschews second term
Federal Privacy Commissioner Malcolm Crompton has announced that he has decided not to seek reappointment upon expiry of his five year term as Commissioner in April 2004, stating that ‘the best approach is to bring a fresh perspective to the position regularly’. The Government has advertised for applicants to succeed Mr Crompton.
Changes and reviews of Federal Act
The Federal Government has announced three initiatives in relation to the Privacy Act 1988. A Privacy Amendment Bill will aim to:
• ‘clarify the application of the Privacy Act to personal information of non-Australian citizens’;
• ‘permit voluntary industry codes to cover certain exempt matters’; and
• ‘address the use of government identifiers for the purposes of Commonwealth payroll’.
The Attorney-General says he ‘has consulted on the proposed amendments with the Federal Privacy Commissioner, the Privacy Advisory Committee and the Privacy Core Consultative Group which is convened by the Attorney-General and is comprised of privacy experts from business, the public and NGO sectors and academia. No further consultation is intended prior to introduction.’
The second initiative is that a discussion paper on children’s information privacy, prepared by the Department with assistance from a consultative group, will be released for broader public consultation in late 2003.
Third, an issues paper will be released for consultation ‘shortly’ as part of the review announced by the Government in November 2000 of existing Commonwealth, State and Territory laws to consider the extent of privacy protection for employee records ‘and whether there is a need for further measures’.
Both the children’s privacy and employee records reviews will be conducted during late 2003. The contact officer in Attorney-General’s is Colin Minihan. l
Source: Attorney-General’s Department web pages.
International Commissioners’ resolutions
At the 25th International Conference of Data Protection and Privacy Commissioners in Sydney in September, the Commissioners passed resolutions on the following:
• with regard to the transfer of passengers’ data, ‘in the fight against terrorism and organised crime, countries should determine their responses paying full regard to fundamental data protection principles, which are integral parts of the values being defended’, and that ‘where regular international transfers of personal data are necessary, they should take place within a framework taking data protection into account’;
• calling on ‘international and supra-national bodies to formally commit themselves to abiding by principles that are compatible with the principal international instruments dealing with data protection and privacy’, including ‘internal but operationally independent supervisory authorities with control powers’, and by taking privacy into account when they promulgate rules and standards affecting personal data in member states;
• calling on software companies ‘to offer procedures to update software online only at the user’s initiative or request, in a transparent way and without allowing unchecked access to the user’s computer’, to allow non-identified (but authenticated) downloads and to provide alternative offline means of obtaining updates; and
• endorsing the ‘development and use of a condensed format for presenting an overview of privacy information that is standardised world wide across all organisations’, but that ‘that such standardised and condensed format should be consistent with all national laws that may apply, and is to be in addition to, where necessary, and consistent with, any notices that an organisation is legally required to give an individual.’ l
Source: post-conference press releases at <www.privacy.gov.au/news/media/03_13.html>.
ID denial case in Beijing courts
The Beijing Daily reports that a Beijing court has ruled that a 98 year old woman will be paid damages for psychological injury inflicted by her daughter-in-law, who cancelled her identity registration card seven years ago. The defendant claims she cancelled the card to ensure her mother-in-law would not be cremated after she died. Cancelling the card made the woman non-existent in the eyes of the law. l
Source: South China Morning Post 26 September 2003.
ASIO veto right over carriage services
The Communications Legislation Amendment Bill (No 2) 2003 proposes to give the Attorney-General the power to direct carriers and carriage service providers (including ISPs) to cease using or supplying a carriage service of a particular kind, either generally or to a particular person. This is to be achieved by way of a new s 581(3) of the Telecommunications Act. In the version of the Bill introduced into Parliament, the Attorney-General (who is the Minister with responsibility for the Australian Security Intelligence Organisation (ASIO)) may only give a direction of this kind after consulting with the Prime Minister and the Minister administering the Telecommunications Act, and must be satisfied that the use or supply of the carriage service would be, or is, prejudicial to national security.
In August and September 2003 the Senate’s Environment, Communications, Information Technology and the Arts Legislation Committee inquired into the Bill and published a report in late September, after hearing evidence from representatives of the Attorney-General’s Department and the Department of Communications, IT and the Arts, and from Vodafone and the NSW Council for Civil Liberties. The Committee heard evidence that the government’s intention is to protect the telecommunications infrastructure and the ability to execute an interception warrant for communications being carried via a particular type of carriage service. The Committee’s report is published in three sections (one by the Liberal/National party members, one by the Labor party members and one by the Democrat member). Although the emphasis in each section of the report is different, it is clear that all Committee members recognised that an important issue for the government to reconsider is whether or not the Attorney’s powers should be limited to vetoing a particular type of service generally, or whether it is necessary to empower the Attorney to direct a service provider to cease providing a service to a particular individual (such as a suspected terrorist). As drafted, the Bill would allow the latter type of direction to be given, although evidence from officers of the Attorney-General’s Department was to the effect that they did not envisage using the power for that purpose. The government is, no doubt, considering the Committee’s report and the Bill may be modified to address this issue before it is put to the Senate as a whole.
If the Bill, or a modified version, is enacted all carriers and carriage service providers (including ISPs) will need to ensure they build interception capability into any new service before launching it on the market. In many respects, this position is not materially different from the existing obligations of a service provider under Pt 15 of the Telecommunications Act regarding interception capability. l
Contributed by Patrick Gunning, Mallesons Stephen Jaques.