Annual Report 2006-07:
Chapter 1 Respecting Privacy
1.1 Review of Performance
The Office’s work in reviewing new policy and legislative proposals during 2006–07 was extensive, with an increased number of new proposals involving the handling of personal information being analysed and commented on by the Office. The Office’s involvement with many of these proposals is detailed in the following sections.
The most significant of the proposals, the Health and Social Services Access Card (the Access Card), required considerable resources of the Office during the reporting period. To take account of this, the Department of Human Services entered into a Memorandum of Understanding (MOU) to provide the Office with additional resourcing to allow appropriate work on the various consultation papers and to allow the Office to engage in a number of government working groups on the Access Card.
During the year the Office also worked closely with the Department of Immigration and Citizenship, under an MOU, to assist the Department in relation to incorporating the knowledge and use of the Information Privacy Principles more effectively into its administrative practices.
These two MOUs, together with a number of other initiatives to build relationships with government agencies and businesses, reflect the Office’s goal of building and developing robust relationships as reflected in the 2007–09 Strategic Plan.
The other significant piece of policy work undertaken by the Office in 2006–07 was the development of our two submissions to the Australian Law Reform Commission (ALRC) review of privacy. This work meant drawing on the whole of the organisation’s resources and the extensive knowledge of its officers.
Undertaking the development or confirmation of the Office’s position on each of the ALRC’s 142 questions was a very significant task but the result is a comprehensive document detailing much of the Office’s understanding of the current law and our analysis of where it works well and what could be improved.
Altogether the Office made 32 public submissions during the reporting period, including the 474-page submission to the ALRC and several other substantial submissions, for example in relation to the proposed Access Card and the Anti-Money Laundering and Counter-Terrorism Financing legislation. In terms of numbers of submissions alone this year saw a 70% increase on 2005–06.
During the reporting period the Office also released a number of reports and information products. These included the Report on the Review of the Privacy Guidelines for the Handling of Medicare and PBS Claims Information (the section 135AA guidelines), the Review Report on the Credit Reporting Assignees and Classes Determinations, the finalised Privacy Impact Assessment Guide and an Information Sheet on the Prescription Shopping Information Service.
In addition, during the reporting period the Privacy Commissioner approved the Biometrics Institute Privacy Code and a minor variation to the Market and Social Research Privacy Code, and renewed three credit provider determinations.
The 32 submissions completed during the reporting period together with the various review reports, credit determinations and the information sheet have greatly assisted the Office to achieve the 2007–09 Strategic Plan goals of high quality results and increased awareness of privacy choices and obligations within the community.
1.2 Australian Law Reform Commission Review of Privacy
In response to the release of the Australian Law Reform Commission (ALRC) Review of Privacy – Issues Paper 31 (IP31), all sections of the Office were involved in the research and preparation of a comprehensive submission. Many of the recommendations from the Office’s 2005 report, Getting in on the Act: The Review of the Private Sector Provisions of the Privacy Act 1988 were discussed and developed further.
In February 2007 the Office made a 474-page submission to the ALRC. The submission identified a wide range of issues in areas as diverse as health, technology and telecommunications.
While acknowledging that the existing principles in the Privacy Act are generally operating well, the Office made numerous suggestions to improve Australian privacy regulation. Amongst its suggestions, the Office called for a merging of the two sets of privacy principles in the Privacy Act to create a new single set of principles, as well as greater national consistency in privacy regulation.
As well, in order to create optimal privacy protection for people’s health information and help to clarify health service provider obligations, the Office suggested that the Privacy Act should ‘cover the field’ in regulating health service providers in the private sector.
In relation to new technologies, the Office made a number of suggestions including:
- the Privacy Act should remain technology neutral to allow for sufficient regulatory flexibility
- in certain circumstances, organisations should be required to notify customers of a security breach that has made their personal information vulnerable
- biometric information should be classified as sensitive information under the Privacy Act to ensure that it is afforded a higher level of privacy protection than other forms of personal information.
In response to the ALRC’s second issues paper, ALRC Review of Privacy – Issues Paper 32: Credit Reporting Provisions (IP32), the Office made a second detailed submission in April 2007.
The Office noted that the regulation of personal credit information could be improved to reduce complexity while still maintaining strong privacy protections. As a way of achieving this, the Office recommended that the existing credit reporting provisions could be repealed and replaced by the National Privacy Principles operating in tandem with a binding code.
The Office also suggested to the ALRC that the Privacy Commissioner be provided with additional options for dealing with breaches depending on the type and seriousness of the breach. In particular, the Office submitted that the Privacy Commissioner should be given stronger powers to handle systemic issues within the credit industry and issues arising from industry practice. Additionally, the Office recommended that independent research be undertaken into the impact that comprehensive credit reporting would have in Australia.
Overall, the Office’s response to IP32 reflected a continuing commitment to helping Australians retain choice and control over the use of their personal credit information.
The complete Office submissions to the two ALRC issues papers can be found at:
The Office will continue to be closely engaged in the ALRC’s review, which is expected to be completed in early 2008.
1.3 Privacy and the Australian Government
This section discusses the work the Office did during the reporting period in relation to Commonwealth legislation and/or Australian Government activity.
Please note however that some areas of the Office’s work relating to the Australian Government are discussed in other sections of this Chapter (for example, 1.5 Business; 1.6 Health; 1.7 Information and Communications Technology).
1.3.1 Guide to Privacy Impact Assessments
In August 2006 the Office launched the Privacy Impact Assessment (PIA) Guide. The Attorney-General, the Hon. Philip Ruddock MP, was present to launch the document.
The PIA Guide is intended to assist Australian and ACT Government agencies to determine the impact new organisational proposals could have on privacy. The PIA Guide enables agencies to critically examine and assess their project’s capacity to comply with the Privacy Act, as well as inform agencies about broader privacy issues raised by the project. While the PIA Guide has been targeted at agencies, private sector organisations could also find it useful.
The Office has provided advice to agencies on the PIA process and received feedback that the Guide has assisted agencies to critically examine and assess their project’s capacity to comply with the Privacy Act, to build privacy safeguards into their projects at an early stage and minimise the need for retrospective and reactive privacy measures.
The PIA Guide can be found on the Office’s website at www.privacy.gov.au/publications/pia06/index.html.
1.3.2 Australian Government Health and Social Services Access Card
The Office made three submissions to the Minister for Human Services’ Access Card Consumer and Privacy Taskforce. These were made in response to the discussion papers released by the Taskforce concerning, respectively, the broad policy and implementation of the Access Card, the storage of optional and voluntary health information on the Access Card, and registration for the Access Card. These submissions are available at www.privacy.gov.au/news/access-card.html.
The Office proposed that ensuring adequate privacy protections will be important to promoting community trust and confidence in the Access Card system (comprising the card itself, as well as associated infrastructure and functions). The Office noted that a robust privacy framework is dependent on ensuring that reliance is not placed on one form of privacy protection. The Office suggested that such protections should be multifaceted, incorporating:
- fundamental system design, including card design, system architecture and the parameters governing what information is collected and what information flows are possible
- technological measures, including, but not limited to, data security initiatives, as well as measures to minimise the degree to which existing systems become increasingly integrated, a consequence of which may be new and potentially privacy invasive flows of personal information
- legislative measures, including defining the extent of the functions of the Access Card, proscribing purposes that fall outside those functions and introducing sanctions for misusing any aspect of the system or the personal information it handles and
- oversight mechanisms that promote confidence in the system by assuring the community that the operation of the system is subject to stringent accountability measures, including provision for audit and independent complaint handling.
In December 2006 the Office entered into an agreement in the form of a Memorandum of Understanding with the Department of Human Services (see section 4.1.5) which allows for close consultation on privacy-related issues in the development and roll-out of the Access Card.
Under the agreement, the Office will provide advice to the Department on the privacy implications of the Access Card system, participate in site visits with registration authorities to observe and analyse the privacy aspects of the registration process, and assist in the development of privacy-related information and educational materials.
1.3.3 Department of Immigration and Citizenship
The Office entered into a Memorandum of Understanding (MOU) with the Department of Immigration and Citizenship (DIAC) for 2006–07 (see section 4.1.7). Entering into the MOU was one aspect of DIAC’s change management strategies following the intensive policy review undertaken after the release of the Palmer and Comrie reports.
DIAC identified the need to assess and improve the manner in which it addressed privacy issues in fulfilling its statutory functions. Recognising the benefits of close cooperation with the Office on privacy issues, and without compromising the independence of the Office, DIAC entered into the MOU to provide the Office with funding to allow dedicated resources to be deployed to assist DIAC in its objective.
Under the MOU the Office provided advice to DIAC on the development of various guidance and training materials in the reporting period. This included advice on Privacy Impact Assessments and Checklists, privacy guidelines for staff, training scenarios and Information Privacy Principle (IPP) Flowcharts specifically related to IPP 11 disclosure obligations.
More information about Privacy Impact Assessments and Checklists is available at www.privacy.gov.au/publications/pia06/index.html.
1.3.4 Australian Government Information Management Office – Australian Government Smartcard Framework
The Office made submissions on Part c of the Australian Government Smartcard Framework which deals with Standards and Model Specification in April 2007, and Part d of the Framework, the Smartcard Implementation Guide in May 2007.
The Office’s comments in these two submissions primarily related to the management of interoperability for a particular smartcard project, while minimising the risk of function creep. The Office suggested that careful consideration should be given to the necessity of collecting and retaining personal information, including the creation and display of identifiers, in any smartcard project whether this information was intended to be on the smartcard, the chip or on the supporting systems. The Office also noted that the success of a smartcard project is likely to be linked to user acceptance and adoption of the smartcard, which can be assisted by good privacy practices.
1.3.5 Identity and Border Security
In the 2006–07 Budget, the Office received funding to allow it to participate in the development of a National Identity Security Strategy. The Privacy Commissioner is a member of the Commonwealth Reference Group on Identity Security (CRGIS) convened by the Attorney-General’s Department to assist in developing this national strategy. The Office has attended a number of meetings of the CRGIS and its working groups during 2006–07.
The Privacy Commissioner is also represented on the National Identity Security Coordination Group (NISCG). In 2006–07 the Office attended a number of meetings of the NISCG and provided comments on the development of an Inter-Governmental Agreement (IGA).
The Prime Minister, Premiers and Chief Ministers signed the IGA at the Council of Australian Governments (COAG) meeting on 13 April 2007. At that meeting, COAG also noted the progress made to date in giving effect to the six elements of the Strategy, and acknowledged the value of this work as reference documents for Australian Government agencies.
Information on the IGA can be found at www.coag.gov.au/meetings/130407.
There are five working groups under the CRGIS framework. These include working groups on the Document Verification Service (DVS), Integrity of Identity Data, Authentication, Security Standards for Proof of Identity and Proof of Identity.
The current funding is tied to the Office’s work in the Identity Security area, particularly in relation to the DVS. The Office has member status on the DVS Working Group. In 2006–07 the Office published on its website the final Audit report on the DVS prototype pilot completed in 2005–06. The Office also commented on the Privacy Impact Assessment (PIA) prepared by the Attorney-General’s Department in relation to the DVS.
The Privacy Commissioner is also represented as a member on the Integrity of Identity Data Working Group. During the reporting period the Office provided comment on the Memorandum of Understanding between the Attorney-General’s Department, the Australian Taxation Office and participating agencies for the Integrity of Identity Data Pilot and the PIA for the Integrity of Identity Data Pilot.
The Privacy Commissioner is not represented on the Authentication Working Group, which is a part of the CRGIS governance framework, but has observer status on this working group. However, related to this, during the reporting period the Office made submissions on the Australian Government Smartcard Framework (see section 1.3.4) and provided comment on amendments to the Public Key Infrastructure Gatekeeper Framework and comments on the Australian Government e-Authentication Framework (to cover government transactions with individuals).
1.3.6 Law Enforcement
The Anti-Terrorism Act (No.2) 2005 requires the Australian Federal Police to develop three sets of guidelines for the collection, use, handling, retention and disposal of personal information in relation to:
- the police powers to stop, question and search
- the expansion to the Australian Federal Police powers to obtain information and
- optical surveillance.
The Office received funding to assist the Australian Federal Police, in consultation with the Attorney–General’s Department, to develop guidelines.
The Office has commenced consultation with the Australian Federal Police on this and expects the guidelines will be completed in 2007–08.
1.3.7 AusCheck
In February 2007, the Office made a submission to and appeared before the Senate Legal and Constitutional Affairs Committee’s inquiry into the AusCheck Bill 2006. The Bill established the regulatory framework around the creation of a centralised Australian Government managed background checking service to be known as ‘AusCheck’.
The Office noted that the establishment of a background checking service that was a prerequisite to obtaining or maintaining employment would involve the collection and handling of significant amounts of personal information, including potentially sensitive information. Consequently, the Office submitted that the Bill could be enhanced by providing more details regarding the:
- purposes for which AusCheck’s background checking function may be applied
- breadth of information that may be collected and assessed during a background check
- use and disclosure of the information collected.
Following the Committee’s inquiry, the AusCheck Bill 2006 was subsequently amended and reflected several of the Office’s recommendations, including:
- a reduction in the initially broad scope of the purposes that the AusCheck scheme may be used for
- a clarification that the authorisation of the collection, use and disclosure of personal information should be for the purposes of AusCheck’s function or purposes directly related to AusCheck’s function and
- an explicit provision requiring that the use and disclosure of personal information be limited to that which is directly necessary and to the extent necessary, for security identification card verification.
On 28 March 2007, the AusCheck Act 2007 was passed and on 7 June 2007, the AusCheck Regulations 2007 were made.
During the reporting period, AusCheck also made a request for a partial exclusion from the federal Spent Convictions Scheme. In fulfilling her statutory function under s. 85ZZ(1)(b) of the Crimes Act 1914, the Commissioner examined the request and provided advice to the Minister for Justice and Customs regarding whether the exclusion should be granted. The amendment was subsequently granted by the Minister for Justice and Customs and the Crimes Regulations 1990 were amended on 7 June 2007.
1.3.8 Anti-Money Laundering and Counter-Terrorism Financing
On 24 August 2006, the Office made a submission to the Attorney-General’s Department on the second exposure draft of the Anti-Money Laundering and Counter-Terrorism Financing Bill 2006.
The Office has continued to note that collection of personal financial information is likely to increase significantly under the Bill. Therefore, while recognising the potential benefits to the community of measures to address money laundering and terrorism financing, the appropriate balance must be achieved.
Also as previously noted by the Office, Australia’s financial transactions reporting regime was introduced as a response to major crime and any broadening of the scope of its application may raise privacy issues.
Accordingly, the Office made a number of recommendations aimed at ensuring that adequate privacy protections be applied consistently across reporting entities and users of the information, and that the handling of this personal information was subject to appropriate privacy regulation.
More specifically, the recommendations made by the Office included those listed below.
- A separate process should be undertaken to consider the issue of whether Australian Government agencies, other than the traditional law enforcement agencies, should be able to have direct access to AUSTRAC information for purposes unrelated to anti-money laundering and counter-terrorism financing.
- The Bill needs to ensure that information collected by AUSTRAC that is passed on to state and territory government agencies will be subject to adequate privacy protection. Not all states and territories have enacted privacy legislation, which means there is a lack of uniformity in the protections and the remedies available.
- There should be limits on how long the information collected under this legislation should be kept by reporting entities and government agencies.
The Office also recommended that a Privacy Impact Assessment (PIA) be conducted on the operation of this legislation.
A company engaged by the Attorney-General’s Department, Salinger & Co, released its PIA regarding the second exposure draft of the Bill on 15 September 2006. This document is available from the Attorney-General’s Department website.
In November 2006, the Office made a submission to the Senate Legal and Constitutional Affairs Committee’s Inquiry into the Anti-Money Laundering and Counter-Terrorism Financing Bill 2006 and the Anti-Money Laundering and Counter-Terrorism Financing (Transitional Provisions and Consequential Amendments) Bill 2006.
The Office continues to play an active role in the development of Anti-Money Laundering and Counter-Terrorism Financing legislation through its membership on industry and government forums, producing guidance material and providing comments on relevant issues.
During the reporting period the Office received funding of approximately $1.8 million over four years to provide guidance and assistance to small business operators to meet their obligations under anti-money laundering legislation, and to conduct auditing and compliance activity.
1.3.9 Emergencies and Disasters
In September 2006, the Office made a submission to the Senate Legal and Constitutional Affairs Committee’s Inquiry into the Privacy Legislation Amendment (Emergencies and Disasters) Bill 2006.
The Bill clarified the legal basis for disclosure of personal information in the event of an emergency or disaster. The Office made some suggestions for improvements to give more definition of the circumstances under which the provisions could operate. These suggestions included:
- the inclusion of criteria as to what constitutes a disaster or emergency
- the clarification of ‘permitted purpose’ as ‘a purpose directly related to’ the emergency or disaster and
- stronger mechanisms to ensure that normal processes protecting personal information disclosures and uses are resumed as soon as possible.
The Bill was passed with two amendments. The first amendment limited ‘permitted purpose’ to a purpose that ‘directly’ relates to the Commonwealth’s response to an emergency or disaster. The second imposed a maximum period of 12 months to a declaration of emergency. The new provisions are found in Part VIA of the Privacy Act.
After the Bill passed, Regulations were made under the Privacy Act on 13 December 2006. These exempt the secrecy provisions of the Census and Statistics Act 1905 from Part VIA of the Privacy Act. These Regulations confirm that data collected by the Australian Bureau of Statistics for statistical purposes will only be used for statistical purposes.
1.3.10 Government Agency Coercive Information-Gathering Powers
The Office made a submission to the Administrative Review Council’s draft Report into Government Agency Coercive Information-Gathering Powers in March 2007.
The Office’s comments primarily related to the Office’s experience in promoting an understanding of the Information Privacy Principles (IPPs) and National Privacy Principles (NPPs) and investigating complaints about acts or practices of agencies or organisations that may breach an IPP or NPP.
The Office suggested that the Council may wish to consider the issue of coercive information-gathering from a broader privacy perspective, giving more prominence to the privacy obligations and interests of organisations, agencies and individuals and clarifying the role of the IPPs and the NPPs in its report.
1.3.11 Taxation Secrecy and Disclosure Provisions Review
In September 2006, the Office made a submission to the Treasury on the Review of the Taxation Secrecy and Disclosure Provisions.
The secrecy provisions in tax legislation provide protections for personal (taxpayer) information in addition to those protections already provided by the Information Privacy Principles in the Privacy Act. The Office expressed concern that any proposal to reduce privacy safeguards currently offered by the secrecy provisions could risk a lessening in community confidence, and therefore any proposal to amend the protections should be approached with care.
1.3.12 Personal Property Securities
In February 2007 the Office provided comments to the Attorney-General’s Department in relation to the Standing Committee of Attorneys-General (SCAG) review of Australian personal property securities law. The review aims to develop a national register that will consolidate all security interests that are created by a contractual agreement and which are held over personal property.
The Office noted that the proposed national register would include personal information relating to the financial and credit affairs of a large number of individuals and had the potential to raise a number of privacy-related issues. The Office made a number of suggestions to reduce potential privacy risks. These suggestions included:
- a Privacy Impact Assessment should be undertaken
- only those individuals or entities that have a demonstrated need to access information on the database should be able to do so
- personal information on the register should be minimised wherever possible and
- mechanisms should be developed to ensure that faulty listings do not remain on the register indefinitely.
The personal property securities review is continuing. In the 2007–08 budget $113.3 million over five years was allocated to harmonise Australia’s personal property securities laws in one Commonwealth Act and develop a single national online register of personal property securities interests.
The Office will continue to provide advice to the Australian Government on the development of the register.
1.3.13 Mutual Assistance and Extradition
In October 2006, the Office made a submission to the review conducted by the Attorney-General’s Department regarding Australia’s mutual assistance law and practice. This submission reiterated the comments of the Office’s earlier March 2006 submission regarding the review of extradition arrangements conducted by the Attorney-General’s Department.
The Office noted that there is a need for clarity and certainty regarding how an individual’s personal information may be handled pursuant to extradition or mutual assistance matters to ensure that it is afforded appropriate privacy protections. This certainty would likely be best achieved by the enactment of clear legislative authority for such exchanges.
Specifically, the Office also commented on the following issues raised by the review:
- grounds for refusal to provide personal information where the requesting country’s arrangements for handling that information do not offer privacy protections substantially similar to those applying in Australia
- handling of DNA samples and information from persons without consent should be subject to a form of judicial oversight and consideration should be given to the protections afforded that information in the new jurisdiction before disclosing
- provision of information from the DNA Database and DNA matching
- handling of telecommunications interception material and surveillance device material.
The Office looks forward to the further opportunity for engagement on these issues.
1.4 Privacy and the Australian Capital Territory Government
In 2006–07 the Office continued to provide advice to ACT Government agencies. The Office provided detailed comments to the Department of Health on the obligations surrounding the collection of personal information in the implementation of a Health Management Plan for Pandemic Influenza and comments to the Department of Disability Housing and Community Services on the exposure draft for the Children and Young People Amendment Bill 2007. The Office also engaged with the Department of Health on the issue of iris scanning.
The Office also reviewed the exposure draft of the Planning and Development Bill 2006, providing comments to the ACT Planning and Land Authority (the Authority) on the Authority’s legal requirement to collect personal information and the manner in which that information was to be disclosed. The Office provided further comment to the Authority on the Planning and Development (Consequential Amendment) Bill 2007.
1.5 Privacy and Business
1.5.1 Review of the Private Sector Provisions of the Privacy Act
In November 2006, the Office welcomed the Australian Government’s response to its 2005 report Getting in on the Act: The Review of the Private Sector Provisions of the Privacy Act 1988 (the Office’s 2005 report). The response is available at www.ag.gov.au/www/agd/agd.nsf/Page/Privacy_GovernmentresponsestoPrivacyActreports.
In its response, the Government either accepted, noted or referred to the Australian Law Reform Commission (ALRC) for further discussion, 81 of the 85 recommendations that were made in the Office’s 2005 report.
The Office notes that three of the key recommendations in its 2005 report had already been taken up by the Government prior to the release of its response to the report. These include the:
– establishment of a wide-ranging review by the ALRC into Australia’s privacy-related legislative framework (see section 1.2)
– creation of a Do Not Call Register for telemarketing calls and
– extension of Privacy Act coverage to all residential tenancy database operators.
During the reporting period, the work of the Office continued to be shaped by the recommendations in its 2005 report. In particular, the Office made two comprehensive submissions to the ALRC review of privacy. As noted, the ALRC review is a response to a key recommendation made by the Office in its 2005 report.
In addition, the Office is currently working to implement those recommendations in its 2005 report concerning the Office’s functions. Specifically, work has been commenced on the development of guidance materials and publications that relate to particular recommendations.
The Office has also progressed planning to give effect to various health-related recommendations of the Review during the first half of 2007–08.
1.5.2 Privacy Codes
Part IIIAA of the Privacy Act allows organisations to apply to the Privacy Commissioner for approval of a Privacy Code that will replace the National Privacy Principles for organisations bound by that Code.
Biometrics Institute Privacy Code
On 19 July 2006 the Privacy Commissioner approved the Biometrics Institute Privacy Code under s. 18BB of the Privacy Act. The code came into operation on 1 September 2006 and is available on the Biometrics Institute website at www.biometricsinstitute.org.
Market and Social Research Privacy Code
Following a review of the Market and Social Research Privacy Code, the Association of Market and Social Research Organisations (AMSRO) made an application to vary the code under s. 18BD(1) of the Privacy Act. The Privacy Commissioner approved this variation under s. 18BD(2), to take effect on 30 June 2007.
Queensland Club Industry Privacy Code
Following a review of the Queensland Club Industry Privacy Code, Clubs Queensland made an application to vary the code under s. 18BD(1) of the Privacy Act. The Office is currently reviewing this application.
More information, including the Register of Approved Privacy Codes, can be found on the Office’s website at www.privacy.gov.au/business/codes/index.html.
1.5.3 Credit Reporting
Credit Provider Determinations
In the previous reporting period, three credit provider determinations made under the Privacy Act were renewed for short periods to allow the Office time to consult with the community about how these determinations have operated and the terms in which any further determinations should be cast. As part of this review, two consultation papers covering the three determinations were released for public comment.
In the current reporting period, the Office analysed the submissions received during the consultation process and produced a report relating to one of the consultation papers. This report on the review of Determination No. 2006–3 Assignees (the Assignees Determination) and Determination No. 2006–4 Classes of Credit Providers (the Classes Determination) is available at www.privacy.gov.au/act/credit/cpdreport.html.
The consultation on the operation of the third determination, Determination No. 2006–5 (Indigenous Business Australia) (the IBA Determination), and the experience of the Office demonstrated that the IBA Determination had operated effectively and provided unanimous support for the renewal of the IBA Determination.
Consequently, the three determinations were renewed.
Issues Paper 32 – Review of Privacy: Credit Reporting Provisions
In December 2006, the Australian Law Reform Commission (ALRC) published its Issues Paper 32 – Review of Privacy: Credit Reporting Provisions (IP32) as part of its wider review of privacy regulation in Australia. The Office made a submission to IP32 in April 2007. See section 1.2 for further information.
1.5.4 Tax File Number Guidelines
During the reporting period there were no changes to the Tax File Number Guidelines issued by the Privacy Commissioner under s. 17 of the Privacy Act. These guidelines, which have the effect of law, regulate the collection, storage, use and security of Tax File Numbers.
1.5.5 Research and Data-Holding
The Office has commented on a number of research and data holding initiatives through consultative relationships and its membership on various committees and working groups. In particular the Office has made a contribution to the National Data Network, the Prime Minister’s Science Education and Innovation Council and the Productivity Commission’s research study.
The National Data Network
The National Data Network (NDN) provides a distributed library of data holdings relevant to policy analysis and research. These data holdings remain held and controlled by their Custodian organisations.
During the reporting period, the Office has been involved with the NDN Working Group and NDN Interim Governing Board. These bodies have been involved in the development of a framework of policies and procedures to support the data sharing activities and creation of privacy-preserving data management tools.
The Office played an integral role in securing the agreement from the NDN Interim Governing Board to complete Privacy Impact Assessments as part of any data-sharing pilots.
In view of the significant privacy objectives that have been achieved, the Deputy Privacy Commissioner resigned from the Working Group and the Interim Governing Board on 28 May 2007. The Office will maintain its engagement with NDN on a consultative basis.
The Prime Minister’s Science Education and Innovation Council
The Prime Minister’s Science Education and Innovation Council (PMSEIC) was establish in 1997 and its function is to provide the Australian Government with independent advice on issues of science, engineering and innovation and relevant aspects of education and training. The Council meets in June and December each year to discuss and report on relevant issues. The Office has made submissions and provided comment on specific research issues impacting privacy.
In September, the Office responded to an issues paper produced by the PMSEIC Working Group which was seeking to assess the opportunities and risks of creating a national database for research purposes. The PMSEIC final report, including recommendations, was presented at the PMSEIC December meeting. Recommendation 8 supported the Office’s general advice in reference to the need for health research agencies to develop best practice policies, practices and methodologies while protecting privacy. The report examined and identified privacy regulation and its future impacts.
It is expected that the Office will have ongoing engagement with PMSEIC in the future, on a consultative basis.
During the reporting period the Office responded to the Research Study into Public Support for Science and Innovation undertaken by the Productivity Commission. The Office made a submission in August 2006 with the following emphases:
- how to balance individuals’ right to choice in relation to the use of their health information against the public interest of conducting research
- the need to provide guidelines about de-identification in terms of information used for research and
- the Office’s commitment to work with the National Health and Medical Research Council to simplify guidelines for health research ethics committees in terms of the section 95AA Guidelines (see section 1.6.4).
1.6 Privacy and the Health Sector
1.6.1 Electronic Health Records
The Office engaged with a number of bodies, including state government entities, on matters related to electronic health records. The Office also discussed electronic health records in its submission to the Australian Law Reform Commission (ALRC) review of privacy (See section 1.2). The Office noted that such systems have the potential to vastly increase the capacity to collect, store, copy, transmit, share and modify health information, including in ways not expected by individuals. Accordingly, electronic health records systems should only be pursued where accompanied by legislative measures that clearly set out and limit their operation and scope.
In March 2007, the Office made a submission to the National E-Health Transition Authority on its Privacy Blueprint for Unique Health Identifiers. The Office noted that a challenge for such identifiers is to ensure that such a highly reliable identifier is not used for purposes beyond the health system and the clinical care of individuals. If such identifiers were used expansively outside of the health system, particularly in ways the community may be uncomfortable with, then the trust individuals place in the system may be undermined. This was a view also expressed in Chapter 8 of the Office’s submission to the ALRC review of privacy.
1.6.2 Section 135AA Guidelines Review
The section 135AA Guidelines (the Guidelines) are issued by the Privacy Commissioner under section 135AA of the National Health Act 1953 and issuing the Guidelines is a function of the Privacy Commissioner under s. 27(1)(pa) of the Privacy Act. The Guidelines apply to the handling of information obtained by any Australian Government agency in connection with a claim under the Medicare Benefits Program or the Pharmaceutical Benefits Scheme (PBS).
The Office released its Report on the Review of the Privacy Guidelines for the Handling of Medicare and PBS claims information on 1 August 2006. The Report makes 25 findings on matters related to the Guidelines. Some of these findings require new Guidelines or changes to the Guidelines, while others describe the Office’s interpretation of matters relevant to the Guidelines.
The key findings are:
- an additional permitted linkage for claims information for the purpose of an individual accessing their record (see Finding 2)
- the prohibition against storing Medicare and PBS claims information should apply to all agencies (see Finding 23)
- changes should be made to the periods for which Medicare Australia may retain claims information in linked and unlinked form (see Findings 6, 7 and 8)
- some changes are required in relation to how the Department of Health and Ageing may handle claims information (see Findings 14-21).
The Office has commenced the development of new Guidelines that reflect the findings of this review. The Office is liaising with Medicare Australia and the Department of Health and Ageing and is proposing to issue the new Guidelines during 2007–08.
1.6.3 Prescription Shopping Information Service
On 14 September 2006, the Australian Parliament enacted the Privacy Legislation Amendment Act 2006, amending the National Health Act 1953 and the Privacy Act, to ensure that medical practitioners can continue to collect patients’ health information that is available through Medicare Australia’s Prescription Shopping Information Service (PSIS), without being in breach of the Privacy Act.
This practice had previously been the subject of two Temporary Public Interest Determinations issued by the Privacy Commissioner.
On 4 May 2007, the Privacy Commissioner released a new Information Sheet on the Privacy Act and the PSIS. The Information Sheet was developed in consultation with Medicare Australia and a number of other health and privacy stakeholders. It is intended to provide private sector medical practitioners with guidance on their obligations when using the PSIS. The Information Sheet is available at www.privacy.gov.au/publications/IS19_07.html.
1.6.4 Section 95AA Guidelines
In response to the 2003 report by the Australian Law Reform Commission (ALRC) and the Australian Health Ethics Committee of the National Health and Medical Research Council (NHMRC) entitled Essentially Yours: The Protection of Human Genetic Information in Australia, the Privacy Legislation Amendment Act 2006 introduced National Privacy Principle 2.1(ea). This amendment creates a discretion for organisations to use or disclose genetic information about an individual where necessary to lessen or prevent a serious threat to the life, health or safety (whether or not the threat is imminent) of a genetic relative.
Any use or disclosure must be in accordance with guidelines made by the NHMRC under s. 95AA of the Privacy Act, and approved by the Privacy Commissioner.
Prior to the guidelines being submitted for approval, the Office will work with the NHMRC as it progresses their development.
1.7 Privacy and the Information and Communications Technology Sector
1.7.1 Do Not Call Register
The Government launched the Do Not Call Register in May 2007. The Office strongly supported the introduction of this register. It is a partial response to Recommendation 25 of the Office’s 2005 report: Getting in on the Act: The Review of the Private Sector Provisions of the Privacy Act 1988.
In the reporting period, the Office also played an active role in the implementation of the register through its consultations with the Do Not Call Taskforce on the draft Determinations, Standards and Ministerial instruments. In September 2006, the Office provided a submission to the Australian Communications and Media Authority’s Industry Standard for the Making of Telemarketing Calls Discussion Paper. In addition, the Deputy Privacy Commissioner served as a member of the Do Not Call Register Scheme Steering Committee.
1.7.2 Integrated Public Number Database
In March 2007, the Office made a submission to the Australian Communications and Media Authority (ACMA) on the consultation draft of the Telecommunications Integrated Public Number Database Scheme 2007 (the Scheme). The Telecommunications Amendment (Integrated Public Number Database) Act 2006 (the IPND Amendment Act) requires ACMA to, by legislative instrument, develop a scheme for granting authorisation enabling access to and use of the information in the IPND for specified purposes, such as for the purposes of producing a public number directory or for research.
The Department of Communications, Information Technology and the Arts (DCITA), on behalf of the Minister, has responsibility for drafting legislative instruments. There are seven instruments that may be made by the Minister. DCITA has produced draft instruments for additional Public Number Directory requirements, additional Public Number Directory information, Criteria for Deciding Applications, Permitted Research, and Conditions of Authorisation.
In March 2007, the Office made a submission to DCITA on these draft legislative instruments relating to IPND access arrangements published for comment by DCITA under the IPND Amendment Act. The Office also met with DCITA representatives to discuss issues raised in the Office’s submission.
The Office submitted that permitted use of the IPND for research should only be non-commercial rather than ‘primarily non-commercial’. The Office also recommended that DCITA define how the public interest of proposed research would be determined and proposed that IPND access users should opt in to coverage under the National Privacy Principles.
The finalised instruments allow researchers’ access to the IPND for primarily non-commercial purposes. However, examples defining the terms ‘primarily’ and ‘non-commercial’ are provided in the Explanatory Statement to assist ACMA in administering the Scheme. The instruments also allow ACMA to impose specific privacy obligations on IPND data users. The Scheme came into force on 15 May 2007.
1.7.3 Telecommunications and E-Marketing Industry Codes
The Telecommunications Act 1997 provides for the telecommunications and e-marketing industries to develop industry codes. Such codes can be enforced after they are registered with the Australian Communications and Media Authority (ACMA). Where telecommunications or e-marketing industry codes deal with privacy issues, it is a requirement that the Privacy Commissioner be consulted before ACMA registers a code.
In 2006, the Australian Communications Industry Forum (ACIF) and Service Providers Association Inc (SPAN) merged to form the telecommunications industry body Communications Alliance Ltd (Communications Alliance). Communications Alliance now handles the ACIF process for developing documentary outputs, including industry codes. The Office was consulted by Communications Alliance on eight ACIF codes during the reporting period. One of the codes currently under development, the Telecommunications Consumer Protection Code, is intended to consolidate the industry approach to issues covered by six ACIF codes.
1.7.4 Telecommunications Interception legislation
In February 2007, the Office made a submission to the Attorney-General’s Department on the exposure draft of the Telecommunications (Interception and Access) Amendment Bill 2007 (the Bill).
The Bill is the second stage of the Australian Government’s legislative program to implement the recommendations from the Review of the Regulation of Access to Communications under the Telecommunications (Interception) Act 1979 conducted by Mr Anthony S Blunn AO (the Blunn Review).
One of the key recommendations of the Blunn Review was that interception activity of law enforcement agencies and civil enforcement bodies should be consolidated under one legislative regime. The Bill was the second stage in the implementation of that recommendation, following the introduction of the Telecommunications (Interception) Amendment Act 2006.
In its submission, the Office recommended that:
- the voluntary disclosure provisions could be made clearer in relation to content and call data to reduce the risk of carriers committing inadvertent breaches
- there is merit in defining call data, or giving examples in the proposed Amendment Bill as to what might be considered ‘information or document’ as opposed to ‘contents or substance of a communication’
- further guidance be provided where the privacy of telecommunications users needs to be taken into account when making decisions and
- the operation of the Telecommunications (Interception) Amendment Act 2006 should be subject to overall independent review, including key stakeholder and public consultation, at least every five years.
A Bill was introduced into parliament on 14 June 2007 and was referred to the Senate Legal and Constitutional Affairs Committee for inquiry and report by 1 August 2007. In terms of the Office’s previous comments, the Explanatory Memorandum accompanying the Bill now defines the distinction between call data and ‘information and documents’.
|
HOME > Chapter 1 Respecting Privacy
