Privacy Act 1988: Difference between revisions

The Privacy Act 1988 is an Australian law dealing with the privacy of personal information. Part III Division I sets out what are interferences with privacy.

Section 14 of the Act stipulates a number of privacy rights known as the Information Privacy Principles. These principles apply to Australian Government and Australian Capital Territory agencies or private sector organisations contracted to these governments. The principles govern when and how personal information can be collected by these government agencies. The information must only be collected if relevant to the agencies' functions. Australians have a right to know why such information about them is being acquired, and who will see the information. Those in charge of storing the information have obligations to ensure such information is neither lost nor exploited. An Australian will also have the right to access the information unless this is specifically prohibited by law.

The Privacy Act was amended in 2000 to cover the private sector. Schedule 3 of the Privacy Act sets out a significantly different set of privacy principles (the National Privacy Principles) which apply to private sector organisations (including not for profit organisations) with a turnover exceeding $A3 million, other than health service providers or traders in personal information. These principles extend to the transfer of personal information out of Australia.

Privacy principles substantially the same as the NPPs are also included in the legislation applying to the public sectors of some Australian States and Territories, namely the Information Privacy Act 2000 (Victoria), Information Act 2002 (Northern Territory), and Personal Information Protection Act 2004 (Tasmania).

Australia's privacy principles, both IPPs and NPPs, depend upon the meaning of "personal information" (as defined in Privacy Act 1988 s6). This term has not yet been interpreted in a restrictive way as has been "personal data" in the UK Durant case (Durant v FSA [2003] EWCA Civ 1746).

The Privacy Act creates an Office of the Privacy Commissioner and a Privacy Commissioner [1] in Australia. Section 36 of the Act states that Australians may appeal to this Commissioner if they feel their privacy rights have been compromised, unless the privacy was violated by an organisation that has its own dispute resolution mechanisms under an approved Privacy Code. The Commissioner, who may decide to investigate complaints and in some cases must investigate, can under section 44 obtain relevant evidence from other people. There is no appeal to a Court or Tribunal against decisions of the Commissioner except in very limited circumstances. Section 45 of the Privacy Act allows the Commissioner to interview the people themselves, and the people might have to swear an oath to tell the truth. Anyone who fails to answer the Commissioner may be subject to a fine of up to $2,000 and/or year-long imprisonment (under section 65). Under section 64 of the Privacy Act, the Commissioner is also given immunity against any lawsuits that he or she might be subjected to for the carrying out of their duties.

If the Commissioner will not hear a complaint, an Australian may receive legal assistance under section 63. If a complaint is taken to the Federal Court of Australia, in certain circumstances others may receive legal assistance.

Even though the Privacy Act has been in force for nearly 20 years, there is as yet little case law interpreting it. The only significant Federal Court decision is Seven Network (Operations) Limited v Media Entertainment and Arts Alliance [2004] FCA 637 involving a dispute between a trade union and a media company which confirmed that s98 of the Privacy Act did allow 'any person' to seek an injunction to prevent breaches of the Act. The only recent High Court decision to consider privacy issues, ABC v Lenah 208 CLR 199, did not interpret the Privacy Act.

The Australian Law Reform Commission[2] is inquiring into privacy law in Australia and is due to report to the Australian Government in May 2008.

• Full text of the Privacy Act 1988, Australasian Legal Information Institute, URL accessed 6 May 2006.
• National Privacy Principles, Office of the Privacy Commissioner, URL accessed 24 May 2009.
• Information Privacy Principles, Office of the Privacy Commissioner, URL accessed 24 May 2009.