Privacy Law and Policy Reporter
Reprieve for NSW Privacy Commissioner
The NSW Legislative Council has blocked the Government’s legislation to transfer the functions of the NSW Privacy Commissioner to the NSW Ombudsman and to abolish the office of Privacy Commissioner (criticised in (2003) 10(6) PLPR 101 as risking a ‘significant dimunition of privacy protection in NSW’). The Opposition and the majority of Independents opposed the legislation and debate on the Bill was then adjourned.
Consequent on this reversal, the NSW Government has extended the appointment of John Dickie as acting Privacy Commissioner until April 2004.
EU reviews transfer of Australian passenger data
The European Union’s working party of Data Protection Commissioners (the Article 29 Committee) has issued an opinion on an Australian Government request to assess the adequacy of privacy protection for passenger name record data required by Australian Customs from international airlines.
This request was presumably made to avoid the possibility of one or more of the European Data Protection Authorities blocking the transfer of passenger data on the grounds that privacy protection in Australia is not adequate (given that there has been no overall finding of adequacy for Australian privacy law, and that the European Commission (EC) has expressed concerns about weaknesses in the Privacy Act 1988). The issue arises in the context of worldwide concern about increased demands by governments for access to airline passenger data as a response to fears of terrorism. The Article 29 Committee gave an opinion in 2003 on the adequacy of privacy protection by the US Government in relation to airline passenger data.
While the EC has yet to make a final finding on the Australian Government request, the positive opinion of the Article 29 Committee means that approval is likely. The opinion relies heavily on assurances from the Australian Government about the relationship between the customs laws and the Privacy Act, and on an undertaking made by Customs to the Australian Parliament. It is also conditional on a commitment by the Government to address the weakness in the Privacy Act that prevents non-citizens/residents from seeking correction through the Privacy Commissioner (s 41(4)), a matter which the Government has stated it will address in amendments to the Act. l
Source: Opinion 1/2004 (WP85) — see <http://europa.eu.int/comm/internal_ market/privacy/index_en.htm>.
Grosse v Purvis appeal dropped
The appeal against the decision of the Queensland District Court in Grosse v Purvis  QDC 151 (see (2003) 10(3) PLPR 41), the first Australian decision to hold that there is a common law right of privacy, will not proceed.
Hustinx new EU privacy supervisor
Peter Hustinx, currently President of the Dutch Data Protection Authority, has been appointed European Data Protection Supervisor for a period of five years. Joaquín Bayo Delgado from Spain has been appointed Assistant Supervisor. The appointments were made by decision of the European Parliament and the Council of the European Union of in December 2003, The office will supervise the observance of privacy laws by European institutions.
Identity fraud report out
Standards Australia has published a report entitled Identity Fraud in Australia: An evaluation of its Nature, Cost and Extent. The report is by SIRCA and was commissioned by the Commonwealth anti-money-laundering agency AUSTRAC on behalf of the Commonwealth Steering Committee on Proof of Identity.
The report estimates that identity fraud in Australia cost the community $1.1 billion in 2001/02. This is considerably less than previous estimates, and it should be noted that a large part of the total is the cost of anticipatory security measures, which would arguably be required whatever the level of fraud. Estimates of actual losses from fraud are only $420 million, with a further $132 million of reactionary expenditure.
The report is likely to be a key resource document for the many identity related initiatives currently under consideration by governments and the private sector. l
Source: <www.austrac.gov.au/ text/recent_news/index.htm>.
Canadian privacy law challenged
On 17 December 2003 the Quebec Government initiated a constitutional challenge to Canada’s national privacy law, the Personal Information Protection and Electronic Documents Act 2000, just days before it was scheduled to take full effect. The challenge is to be heard before the Quebec Court of Appeal early in 2004 and make its way up to the Canadian Supreme Court either very late in 2004 or early in 2005. l
Source: Michael Geist, Toronto Star Law Bytes column, <http://shorl.com/dukuhagytrasu>.
Privacy for art’s sake
From March to May 2004 the Auckland Art Gallery is staging the 2nd Auckland Triennial, on the theme Public/Private: Tumatanui/Tumataiti. Thirty-nine artists from NZ, the US, the Netherlands, Australia, the UK, USSR, Taiwan, Japan, the Republic of South Africa, Denmark, Mexico and Germany will ‘open up, probe and consider the very idea of privacy, creating a dynamic experiential dimension for audiences to enjoy, challenge and discuss’.
Full details are at <www.auckland artgallery.govt.nz/triennial/>.
Headed by Dr Ian Kerr, Canada Research Chair in Ethics, Law & Technology at the University of Ottawa, Faculty of Law, 23 researchers have embarked on a project that will examine the impact of information and authentication technologies and its effect on our identity, and on our right to be anonymous. There will be three strands of work:
• the Nature and Value of Identity, Anonymity and Authentication;
• Constitutional and Legal Aspects of Anonymity; and
• Technologies that Identify, Anonymize and Authenticate.
Further information from Stephanie Perrin, Research Coordinator <email@example.com>.