Privacy laws

Privacy Law in Australia

PRIVACY-LAWS-AUSTRALIA

This page provides access to Australian laws relevant to privacy, and to many resources that point to yet more laws.

Australia is a federation of 6 States and 2 Territories. This document is concerned with laws of those 8 jurisdictions.

Note: 2014 Privacy law reform

new-privacy-laws-2014

The Privacy Amendment (Enhancing Privacy Protection) Act 2012 (Privacy Amendment Act) made many significant changes to the Privacy Act 1988 (Privacy Act). These changes commenced on 12 March 2014.
The Privacy Regulation 2013, made under the Privacy Act, also commenced on 12 March 2014.

The Privacy Amendment Act is a part of a privacy law reform process that began in 2004. The ‘Previous Privacy Reviews’ section below, includes more information about that process.

What’s changed?

Australian Privacy Principles

The Privacy Act now includes a set of 13 new harmonised privacy principles that regulate the handling of personal information by Australian and Norfolk Island Government agencies and some private sector organisations. These principles are called the Australian Privacy Principles (APPs). They replace both the Information Privacy Principles (IPPs) that applied to Australian Government agencies and the National Privacy Principles (NPPs) that applied to some private sector organisations.

A number of the APPs are significantly different from the existing principles, including APP 7 on the use and disclosure of personal information for the purpose of direct marketing, and APP 8 on cross-border disclosure of personal information.

For more information on the APPs and the OAIC’s APP guidelines, see Australian Privacy Principles. The 2014 reforms do not apply to Australian Capital Territory government agencies. Instead, the Privacy Act, as in force on 1 July 1994 (and as modified by the Australian Capital Territory Government Service (Consequential Provisions) Act 1994 (Cth)), continues to apply to those agencies.

office-autralian-privacy-commissioner

Read more on the website of the office of the Australian Information Commissioner

Victoria – Privacy laws

privacy-laws1In 2006, Victoria became only the second Australian jurisdiction to provide a degree of generic protection of human rights in the form of the Charter of Human Rights and Responsibilities Act. Under s.13, “a person has the right (a) not to have his or her privacy, family, home or correspondence unlawfully or arbitrarily interfered with; and (b) not to have his or her reputation unlawfully attacked”. The statutory protection is quite weak, and whether this will actually help at all in stemming the tide of privacy-invasive behaviour is unclear

  • An emergent tort of invasion of privacy was heralded by a County Court decision in 2007, Jane Doe v ABC and ors [2007] VCC 281. The ABC reported a woman’s name as part of a radio news item about the sentencing of her husband, who was convicted of her rape. The Judge found that that the publication induced post traumatic stress disorder. It does not appear that the judgement has been published.
  • There is also a modern statute regulating devices that enable surveillance, including listening devices, optical surveillance devices, tracking devices and data surveillance devices: Surveillance Devices Act 1999

Note that most agencies’ governing statutes include provisions that intentionally or incidentally provide privacy protections.
Note that the common law includes features that intentionally or incidentally protect privacy, including dimensions of privacy other than information privacy.

NSW – Privacy laws

privacy-laws1

  • The primary legislation is:
  • Then, in late 2010, the Privacy and Government Information Legislation Amendment Act 2010 combined the two Commissioners into the Information and Privacy Commission (IPC)

The following are additional sources of relevance to various aspects of privacy:

  • Summary Offences Act ss.21G-H 2004-08, re ‘filming for indecent purposes’. This was repealed in 2008, but presumably moved into the Crimes Amendment (Sexual Offences) 2008 – whose text is difficult to find
  • Local Court of New South Wales Practice Note 1 of 2008 re Identity theft prevention and anonymisation policy, which contains policy and recommendations to magistrates on how to suppress personal details from judgments and transcripts to minimize risks of identity theft and to protect privacy

Note that most agencies’ governing statutes include provisions that intentionally or incidentally provide privacy protections
Note that the common law includes features that intentionally or incidentally protect privacy, including dimensions of privacy other than information privacy

Queensland – Privacy laws

privacy-laws1

  • The Office of Information Commissioner (OIC) has existed since 2005, although the appointment was made only 4 years later, on 30 July 2009. It took until May 2010 for a Privacy Commissioner to be appointed, subordinate to the Information Commissioner
  • Invasion of Privacy Act 1971 (Part 4 covers Listening Devices, Part 2 deals with Inspectors and Part 4A deals with invasion of the privacy of the home. The old provisions relating to credit reporting have been rescinded)
  • There is no state telecommunications interception power, despite a Parliamentary Report tabled in December 1999

Note that most agencies’ governing statutes include provisions that intentionally or incidentally provide privacy protections
Note that the common law includes features that intentionally or incidentally protect privacy, including dimensions of privacy other than information privacy
Note too that Queensland is the only jurisdiction in Australia that has unequivocally recognised the existence of a tort of invasion of privacy, albeit only at the level of the District Court, in Grosse v Purvis [2003] QDC 151

Western Australia – Privacy laws

privacy-laws1

  • No data privacy laws of any significance appear to be in place
  • An election commitment resulted in the release of a discussion paper in 2003 (no longer available), but nothing more. Privacy went unmentioned during the election campaign in early 2005. The Attorney-General tabled an extremely weak Information Privacy Bill in March 2007, but a series of scandals relating to Brian Burke’s influence in Government have slowed everything down since then
  • On the other hand, there is a modern statute regulating devices that enable surveillance, including listening devices, optical surveillance devices, tracking devices and data surveillance devices: Surveillance Devices Act 1998

Note that most agencies’ governing statutes include provisions that intentionally or incidentally provide privacy protections
Note that the common law includes features that intentionally or incidentally protect privacy, including dimensions of privacy other than information privacy

South Australia – Privacy laws

privacy-laws1

  • No privacy laws of any significance are in place.
  • A Privacy Committee of S.A. exists, but it’s unclear whether it actually does anything other than approve exemptions to the non-statutory principles! It’s even unclear whether the Administrative Instruction applies to local government

Note that most agencies’ governing statutes include provisions that intentionally or incidentally provide privacy protections
Note that the common law includes features that intentionally or incidentally protect privacy, including dimensions of privacy other than information privacy

Tasmania – Privacy laws

privacy-laws1

  • Until September 2005, no privacy laws of any significance were in place. A mere set of Information Privacy Principles existed
  • The very weak Personal Information Protection Act 2004 commenced on 5 September 2005. It establishes a set of a set of 10 Personal Information Protection Principles (PIPPs). They apply to Tasmanian government agencies, but with many exemptions and exceptions. The Act empowers the existing Ombudsman to manage complaints. But in late November 2005 the Ombudsman’s website didn’t even mention privacy, and anyway the outcomes of complaints are unenforceable. It does not appear that this piece of legislation has improved the privacy of Tasmanians at all

Note that most agencies’ governing statutes include provisions that intentionally or incidentally provide privacy protections
Note that the common law includes features that intentionally or incidentally protect privacy, including dimensions of privacy other than information privacy

ACT – Privacy Laws

privacy-laws1

Note that agencies may have governing statutes that include provisions that intentionally or incidentally provide privacy protections
Note that the common law includes features that intentionally or incidentally protect privacy, including dimensions of privacy other than information privacy

Northern Territory – Privacy Laws

privacy-laws1

  • As befits a small jurisdicition, there is a combined FOI and privacy instrument called the Information Act 2002 (passed 8 November 2002). Among many other things, this created an Information Commissioner
  • There is also a modern statute regulating devices that enable surveillance, including listening devices, optical surveillance devices, tracking devices and data surveillance devices: Surveillance Devices Act 2000

Note that most agencies’ governing statutes include provisions that intentionally or incidentally provide privacy protections
Note that the common law includes features that intentionally or incidentally protect privacy, including dimensions of privacy other than information privacy

Other Resources

 

 

updated 4 June 2014

2 Responses to “Privacy laws”

  1. I love this post. I read your blog often. I share this on my
    face book and my followers loved it. Keep up the good work

    Thumb up 0 Thumb down 0

  2. I cannot receive any treatment as there is no doctor/patient confidentiality when you make a claim with the Victorian Workcover Authority… every single health record from your entire life becomes available to anyone in connection with your workcover claim simply by filling out the claim form and submitting it, regardless of the status of your claim after lodgement. I have had my basic human right to life and health taken from me at the hands of a workcover Agent in relation to a claim I lodged (Injury was stress and anxiety.. incident the caused injury was Disciplined for answering an emergency call from my daughters school) I received no communication from the VWA, WorkSafe, the insurer/agent or employer, no interview, no investigation, one IME appointment 60 days after lodging claim, no return to work coordinator, no payments made and no medical treatment received under VWA. My claim was rejected 67 days after lodging for reasons: your claimed injury was caused wholly or predominantly by management actions taken on reasonable grounds in a reasonable manner. With only my claim form and the IME report as evidence to support the decision the decision was unsupported and a opposes legislation being the Equal Opportunity Act 2010 Part 3 sec 19. Unbeknown to me the agent had used my claim form and workers declaration signature on the form to obtain two complete clinical medical records from two separate gp clinics of which contain records amounting to 7 years of medical and mental health consultations and services, one such record from a clinic that I had not been a patient at since 2015 and the practitioner no longer practiced from, contationed detailed descriptive highly sensitive details about a sexual assault, that I had been the victim of at the hands of a male medical practitioner at a clinic that I had been a receptionist at. This detailed recount of the assault contained in the record was then summarised by the agent in which he alluded to the assault as being ‘false allegations against an employer who hade terminated my employment for making mistakes’, and a consultation 5 years ago with a mental health nurse after gynaecological disease, surgery and resulting infertility summarised as ‘A long history of mental health problems including a mental and psychiatric assessment in 2012’ this summary was then communicated to the IME (and the full clinical record from that clinic and not the record from my current clinic who have treated me for the duration of my employment) forwarded to other agents involved in assessing liability for my claim, recorded to my claim file as supporting evidence then transported with my claim file when my employer changed insurers to the new agent and my employer. I was only made aware of this and that my personal health information and documents had been obtained by this agent without any authority, when my request for documents under foi, sec 9 and the hpp health Records Act, we’re finally granted 4 months after I made the first request for documents. When I contacted the WorkSafe Advisory I was given false legislative reasoning and hung up on, I then contacted each of the medical clinics to ask how this was allowed to happen, the nurse from one clinic hung up on me. I was so distraught I made a call to LifeLine as I felt I my human rights to control my health had been stripped from me. Later that night the police showed up at my door to force me into a Mental Health unit because the nurse from the gp clinic rang and said I was attempting suicide, I was being denied even more human rights. The next four hours was spent explaining to the CAT team and the officers my situation and why I was understandably emotional but in no way had I self harmed. The officers were speechless as I took them into my bedroom and showed them my queen size bed completely covered, at least ten pages deep with documents preparing for conciliation. The male officers words ‘In all the call outs I have received about a possible suicide, what we usually walk into is a socially deprived, violent and drug related suicide risk… I have never seen anything like this!’ The female officer as she was walking out said ‘my job sucks when I meet people like you, who are clearly a victim of an injustice and we are not in a position to assist’.
    I have made hundreds of complaints to every organisation in connection with my employment, the workcover authority, Work Safe, the agents and every one of them has been ignored and I have no one to turn to, no where I can receive medical treatment and no one who owes me a duty of care has honoured that duty. I have a 9 year old daughter, who I am a single mum to, who is my dependant, yet I have no access to basic health services now. Who can seek assistance from? Because I now have a genuine fear that any assistance, treatment or counselling I receive or even seek, could be at anytime time, even in years from now, accessed by any person and used for a purpose other than I intended, to cause me harm. What do I do? Who is going to give me back my ability and confidence in trusting a medical practitioner? The abuse of power by the authority, it’s agents and worksafe has removed a liberty every Australian should have, the affect of this could see the health system in Australia collapse. A patient should have complete faith in doctor/patient confidentiality so as to openly communicate illness and injury and as such receive the best medical treatment available. Take away that confidence and the effect is devastating.

    Thumb up 0 Thumb down 0

    Everything To Gain November 12, 2017 at 1:40 pm
read-before-u-commentThis is a statement pointing you to our seriously injured but esteemed and honourable Social Networking Sites Warning and our comment policy. A must read in the context of a very adversarial workcover system! Remember to mention in which state you reside if you seek advice.

Leave a Reply

Your email address will not be published. Required fields are marked *