• Home
  • /
  • Privacy update: Privacy — What does it mean? Why should I care?

Privacy update: Privacy — What does it mean? Why should I care?

Jan 18, 2012

As a result of the recent revelations of various news organisations’ practises of ‘phone hacking’ in the United Kingdom and elsewhere, the issue of privacy has been receiving significant attention. Additionally, anyone who has interacted with a bank, a website or a GP’s office has been asked to consent to the use of their information for ‘privacy purposes’ while those same organisations will often refuse to answer questions citing ‘privacy concerns’. And of course there is barely a day that passes in which a complaint of ‘a gross invasion of privacy and decency’ is not made through, or about, a media organisation.

Privacy is clearly an important issue that cuts across many aspects of our personal and commercial lives. As the world becomes evermore interconnected, privacy issues will only increase in importance.

Two aspects of privacy

Before the issues can be considered, however, it is important to understand that, at least as far as the law is concerned, there are two primary aspects to privacy.

  • The first, known as ‘information privacy’ relates to the rules and obligations that are imposed on organisations which collect information about people in order to do their business. It is this information privacy that is the subject of regulation by the Privacy Act 1988 (CTH) and which gives rise to the numerous requirements to give consent when applying for a loan or visiting a GP’s office.
  • The second aspect of privacy, and the one that is usually at the centre of high-profile media cases such as the phone hacking scandals in the UK, is the right for individuals to not have details of their personal lives publicised — a right that has, in other jurisdictions, been described as the right to be “left alone”.

Despite the existence of the Privacy Act in Australia, it may come as a surprise to discover that, in Australia, there is no ‘right to privacy’ which prevents the publication of personal details.

Invasions of privacy

Allegations of ‘blatant invasions of privacy’ are often included in condemnations of publications by media organisations or other individuals which are perceived to violate this innate sense of propriety regarding the desire to be left alone. There is, however, no such right and, accordingly, usually no basis in law for these objections.

This does not mean, however, that an individual is powerless in these circumstances. The laws of defamation, trespass and the prohibitions on the interception of telephone calls and computer hacking that apply in most Australian jurisdictions offer substantial protection, (and would, for example, criminalise the phone hacking by media organisations which gave rise to the most recent scandal).

Australian privacy law and practice

Privacy law has also been the subject of significant attention by government and law reform agencies in recent years. For example, in 2008 the Australian Law Reform Commission (ALRC) released a report into privacy law entitled, ‘For your information: Australian privacy law and practice’.

The report contained no fewer than 295 recommendations for reforming privacy law. The recommendations included the implementation of a new set of unified privacy principles that would apply equally to both government and private organisations. The report also recommended phasing out exemptions from information privacy obligations currently in place for small businesses and registered political parties.

Perhaps most interestingly in the current climate, however, is that the ALRC’s report also recommended the creation of a statutory cause of action for a serious invasion of privacy. Such a reform would create a ‘right to privacy’ of the personal kind that is currently lacking in Australia.

In response to the ALRC’s report, the government released an exposure draft of the Australian Privacy Principles intended to unify the existing regime in accordance with the recommendations of the ALRC. This exposure draft was referred to the Senate Finance and Public Administration Committee which released its final report on 6 June 2011. The committee made several recommendations regarding clarifying the proposed principles but otherwise agreed with the ALRC that unified principles be adopted.

The government has yet to act on the other recommendations contained in the ALRC report, including creating a statutory cause of action for invasion of privacy.

Recent media reports suggest the government is considering revisiting this issue in light of the “phone hacking” scandals, but what ultimately will come of this remains to be seen.

Conclusion

Privacy law is complex and constantly changing. While it is the sensationalist ‘privacy invasions’ that receive the most attention, it is the obligations in relation to information privacy which are likely to have the broadest impact on most organisations. These obligations are likely to change as a result of the recent law reform efforts and all organisations that collect personal information need to take steps to ensure their policies and procedures are compliant with the new obligations.

What you need to do

A privacy audit, in which an organisation reviews its policies and procedures in relation to the handling of such information, should be regularly undertaken. Kliger Partners are happy to work with its clients to provide advice on how these audits should be conducted and what procedures should be in place to ensure compliance with this complex area of law.

More information

For more information, please contact Jeremy Goldman, Principal Lawyer, on (03) 8600 8886 or jgoldman@kcllaw.com.au.

If you are interested in receiving our Commercial and Corporate updates, please click here.