For your information
The Australian Law Reform Commission (ALRC) has completed its review of the Privacy Act 1988 (Cth) and has produced its report – For Your Information: Australian Privacy Law and Practice (ALRC 108). It’s a voluminous report due to all the issues it’s covering such as children, credit reporting, health, fraud and identity theft.
You can download the report from the ALRC website. But here’s a summary:
- the Privacy Act 1988 is too complex and makes it difficult for business and individuals to know their privacy rights. The Act should be restructured with a focus on high-level principles of general application, to be supplemented by dedicated regulations governing specific fields, such as health privacy and credit reporting.
- the Act should prescribe a single set of Privacy Principles, which apply to all federal government agencies and the private sector (how sensible!!!).
- cross-border data flows should be regulated with the default principle being that the agency or organisation that transfers personal information outside Australia remains accountable for it.
- the ALRC recommends the drafting of new Privacy (Health Information) Regulations to regulate this important field.
- better education for young people posting personal data on social networking sites.
- Government agencies and organisations should be required to notify individuals if there is a risk of serious harm occurring as a result of a data breach.
- Federal law should provide for a private cause of action where an individual has suffered a serious invasion of privacy, in circumstances in which the person had a reasonable expectation of privacy. Courts should be empowered to tailor appropriate remedies, such as an order for damages, an injunction or an apology.
You will also find on the ALRC site detailed Briefing Notes on the ten key areas the report covers.