Home > Legal Insights > Newsletters
Search
In this section
- Alerts
- Articles
- Newsletters
- Reports and Guides

Publications Library
To find our publications on a particular topic, you can use our search function in the black bar above or select a timeframe below:


Subscribe
Click here to subscribe to any of our newsletters
Privacy Update

The Privacy Update focuses on increasing awareness of developments in the law relating to privacy.

This article summarises the recent Draft Voluntary Information Security Breach Notification Guide issued by the Office of the Privacy Commissioner.

In light of the imminent public release of the Australian Law Reform Commission's (ALRC) Final Report on Privacy, this article outlines the reform suggested by the ALRC in their Discussion Paper 72 on the "Review of Australian Privacy Law" in relation to anti-money laundering and counter-terrorism financing.

As we reported in our March 2008 edition, the APEC Data Privacy Pathfinder has been endorsed by APEC members. This article discusses how Australian businesses should approach the transfer of data to international entities, in particular to APEC and EU countries.

This article discusses the aftermath of the recent decision of the Victorian County Court in relation to whether a common law duty of care exists between a broadcaster and member of the public.

Click here to print out all of the articles in this edition

Previous issues:

As we reported in the November 2007 edition of the Privacy Update, submissions in response to the Australian Law Reform Commission's 'Review of Privacy' closed on 7 December 2007. According to the ALRC website at the time of issue of this edition, the ALRC's final report and recommendations were due to be delivered to the Attorney-General on or before 31 March 2008.

This article summarises three recent cases that came before the Privacy Commissioner late last year and recent news from the Office of Privacy Commissioner.

The APEC Data Privacy Pathfinder (Pathfinder) was formally endorsed by APEC members when they met in Sydney last year. The purpose of the Pathfinder is to develop a framework to regulate the transfer of personal information by business across national borders, which aims to ensure that an individual's personal information is protected no matter which APEC country the information is transferred from or to.

The Australian Law Reform Commission has recommended a major overhaul of Australia's federal privacy laws, putting forward more than 300 sweeping changes to the current regime under the Privacy Act 1988. Many of the proposals focus on greater protection for individual privacy, reflecting the advances in technology since the Act was passed in 1988. What does this mean for businesses?

The Privacy Commissioner has recently considered three important cases regarding privacy breaches and disclosure of information by various organisations.

The Federal Privacy Commission recently conducted an investigation into the disclosure of personal information of its members by one of the country's largest private health funds to a third party involved in its Helping Hand Program.

The new Privacy Protection for Off-shoring Bill which aims to regulate the transmission of 'personally identifiable information' for processing outside Australia has been introduced into the House Representatives. Specifically, the Bill would insert new provisions the Trade Practices Act to increase measures for the protection of personally identifiable information.

The Privacy (Private Sector) Amendment Regulations 2007, that come into operation on 1 December 2007, will bring small businesses, which operate a residential tenancy database and which undertake certain related acts and practices, into the scope of the term 'organisation' for the purposes of the Privacy Act.

Democrats Senator, Natasha Stott-Despoja, has introduced a private member's Bill into parliament seeking immediate amendments to the Privacy Act to further tighten existing privacy laws. The proposed Bill will require all private organisations and Commonwealth Government agencies, which are subject to the Act, to notify individuals if their data security has been breached.
The New South Wales Law Reform Commission has put forward its recommendations for the introduction of a statutory tort of privacy in NSW. If the recommendations are introduced, NSW will be the only state in Australia with a statutory tort of privacy. Such a move will have a sweeping effect on the entire business sector and has the potential to cause many difficulties relating to compliance.

In this article we consider the implications of three recent cases which came before the Privacy Commissioner.

Western Australia has introduced the Information Privacy Bill 2007 into parliament which, if enacted, will follow the lead of NSW, Victoria and the ACT to give effect to an undertaking by Australian health ministers to introduce Health Privacy Principles specifically for private sector handling of health information.

In submissions to the Australian Law Reform Council (ALRC), the Privacy Commissioner has recommended a raft of amendments to the credit reporting provisions of the Privacy Act, including the repeal of Part IIIA, but remains unconvinced that Australia needs to introduce a comprehensive credit reporting scheme.

In Jane Doe v the ABC & Ors, the Victorian County Court has held that the alleged invasion or breach of privacy is an actionable wrong which gives right to recover damages in the normal way. The decision has been heavily criticised and is currently on appeal. If the appeal is unsuccessful, it may affect the potential liability of organisations for disclosing personal and private information without good reason and without taking proper care.

Following the success of Operation Wickenby, the Federal Government is looking to introduce legislation that will allow the Australian Taxation Office to release private taxpayer information to other government agencies such as the Australian Crime Commission, the Australian Securities and Investments Commission and the Australian Federal Police.

The national 'Do Not Call Register' will be introduced shortly, and is expected to commence operating in May of this year. The Australian Communications and Media Authority, which will oversee the $33 million project, has announced that Melbourne-based Service Stream Solutions Pty Ltd will develop and operate the Register.

The increasing use of 'e-health' initiatives raises concerns about protecting patients' privacy when their medical information is electronically transferred to organisations in other countries.

The Boxing Day tsunami in 2004 gave rise to a raft of privacy-related practical problems concerning the disclosure of personal information about individuals caught up in the tragedy. Existing Privacy Act provisions restricted the ability of government agencies and companies to provide the large-scale, timely response necessary for dealing with mass casualties and missing persons.

The Privacy Legislation Amendment Act 2006 has picked up a range of recommendations made by the Australian Law Reform Commission and Australian Health Ethics Committee report in 2003 relating to genetic information.

The Privacy Commissioner recently released new case notes concerning privacy complaints and investigations. The case notes provided illustrative and useful examples of how the Commissioner will apply the National Privacy Principles in particular factual circumstances.

The Australian Law Reform Commission released an issues paper on 9 October that outlines the scope of their inquiry into the Privacy Act and the extent to which it continues to provide an effective framework for the protection of privacy in Australia.

The Office of the Privacy Commissioner has released its Annual Report for 2005-06, which outlines the Office’s performance over the last 12 months.

The Federal Court has fined Clarity1 Pty Ltd and its managing director a total of $5.5 million for breaches of the Spam Act 2003 (Cth). This case sends a strong message to organisations and individuals who spam that substantial penalties can be awarded against them.

The Privacy Commissioner, Karen Curtis has announced her Office's adoption of a multi-layered privacy policy.

The Victorian Government passed the Charter of Human Rights and Responsibilities Act 2006 (Vic) on 25 July 2006, which comes into effect on 1 January 2007.

Privacy Commissioner Karen Curtis announced her approval of the Biometrics Institute Privacy Code on 19 July 2006. The Privacy Code is intended to cover the biometrics industry in Australia and those organisations that sell or use biometric services and products.

The Privacy Commissioner has made some submissions on privacy issues in relation to the Anti-Money Laundering and Counter-Terrorism Financing Bill.

A report on the ' Review of the Privacy Guidelines for the Handling of Medicare and Pharmaceutical Benefits Scheme (PBS) claims information' was released recently. Read more for the key findings from the Report.

The Privacy (Private Sector) Amendment Regulations 2005 (No. 1), made by the Commonwealth on 15 December 2005, provide a limited exemption from National Privacy Principle (NPP) 7 of the Privacy Act 1988 to particular organisations dealing with Centrelink customers.

The Federal Government has announced a funding increase of approximately $8.1 million over four years to the Office of the Federal Privacy Commissioner.

The Privacy Commissioner recently released a series of case notes of finalised complaints, which are considered to be of interest to the general public.

A 'smart card' to be used for accessing health and welfare services, will be introduced according to an announcement by the Prime Minister on 26 April 2006.

The Australian Communications and Media Authority (ACMA) has succeeded in proceedings brought against Clarity1, an Australian company, and its Managing Director, Mr Wayne Mansfield, under the Spam Act 2003.

London's High Court of Justice recently indicated that even high profile celebrities have a right to privacy.

Google has refused to comply with a subpoena from US Government prosecutors defending the Child Online Protection Act (Act), which requires Google to grant the Bush administration access to its search query database.

The Victorian County Court recently released a discussion paper concerning the proliferation and ease of online access to Court records and privacy considerations.

As a result of recent amendments to the Ombudsman Act 1976, Commonwealth agencies are protected against a breach of Information Privacy Principle (IPP) 11 under the Privacy Act 1988 when they give information to the Ombudsman for the purpose of an investigation.

The Australian Government released its draft Anti-Money Laundering and Counter-Terrorism Financing Bill 2005 on 16 December 2005.

The Commonwealth Government will introduce amendments to the Privacy Act 1988 (Cth), designed to enhance the exchange of information in a disaster or emergency, into Parliament later this year.

The General Insurance Information Privacy Code (the Privacy Code) will be revoked effective 30 April 2006, meaning all general insurance companies will be required to comply directly with the National Privacy Principles ('NPPs').

The terms of inquiry into the review of a national identity card will soon be announced.

The Office of the Privacy Commissioner has issued a submission in response to the Department of Communications, Information Technology and the Arts' 'Do Not Call' discussion paper.

The ALRC will conduct a full review of the Privacy Act as a result of last year's review of the Act's private sector provisions.
© Minter Ellison 2008

Further Information
 > 
 > 
 > 
 > 
 > 
 > 
 > 
 > 
 > 
 > 
 > 
 > 
 > 
 >