Case Citation: S v Credit Provider [2005] PrivCmrA 18

Subject Heading: Commercial credit default listed on consumer credit information file. Enquiry listed without loan application.

Law: Sections 6, 18E and 18F(3) of the Privacy Act 1988 (Cth)

Facts: The complainant obtained a business loan from the credit provider. Some repayments were made, however the complete amount was not repaid. The complainant and credit provider had reached an agreement on how to repay the remaining amount and the complainant understood that the credit provider agreed not to list a payment default on the complainant's consumer credit information file (credit file). However, contrary to the complainant's understanding the credit provider listed a payment default on the complainant's credit file.

In addition, the credit provider added the arrangement on the complainant's credit file as an enquiry, believing that a default could not be listed without a corresponding enquiry listed on the credit file.

The complainant subsequently paid the amount owed to the credit provider and wished to have their credit file amended to reflect payment. In response, the credit provider asserted that additional charges, such as legal fees and late fees, were still outstanding. The complainant then provided proof of payment of the debt listed on their credit file to the credit reporting agency and the credit reporting agency updated the complainant's credit file to indicate the disputed default had been paid in full.

The complainant also believed that the amount listed as an enquiry on their credit file was greater than the amount of the arrangement. The complainant also alleged that the amount owed was less than 60 days overdue and therefore could not be listed as a payment default on their credit file.

Issues: Section 6 of the Privacy Act defines credit as "a loan that is intended to be used wholly or primarily for domestic, family or household purposes".

Section 18E(8)(a) of the Privacy Act states that "a credit provider must not give to a credit reporting agency personal information relating to an individual if a credit reporting agency is prohibited, under subsection (1), from including the information in the individual's credit information file". Section 18E(1)(b)(vi)(A) requires that a debt be at least sixty days overdue before a debt can be listed on an individual's credit file.

Section 18F(3) requires that a credit provider must inform a credit reporting agency when an amount listed as a default has been paid and the credit file must be updated to reflect payment.

Commercial Credit Information on Consumer Credit Files In response to the Privacy Commissioner's investigation, the credit provider advised that it had received advice from a credit reporting agency that a default listing could be placed on an individual's consumer credit information file, if that individual had acted as a personal guarantor for a commercial loan. The credit provider also believed that in order to place a default on a credit file, there needed to be a corresponding application for credit (an enquiry).

When asked by the Commissioner about the matter the credit reporting agency indicated that the claim made by the credit provider was incorrect, and that the credit provider had misinterpreted the credit reporting agency's operational guidelines.

The Commissioner formed the view that the credit provider had breached section 18E(8)(a) of the Privacy Act by listing the payment default on the complainant's consumer credit file, as the loan in question did not satisfy the definition of "credit" under section 6 of the Privacy Act.

In view of the fact that the default listing should not have been placed on the complainant's consumer credit file, the Commissioner did not proceed to investigate whether the listing met the requirements in sections 18E and 18F(3) of the Privacy Act.

The Enquiry The credit provider had advised a credit reporting agency of a credit application when no such application had been made at the time or in the amount specified. The Privacy Commissioner therefore formed the view that by placing the arrangement on the complainant's credit file, the credit provider's actions were in breach of section 18E(8)(a) of the Privacy Act.

Outcome: The parties accepted the Commissioner's view of the application of the Act and the matter then proceeded to conciliation. Both the enquiry and the payment default were removed from the complainant's credit file. The Commissioner sought from the credit provider written evidence that its staff were provided with training on the operational guidelines of the credit reporting agency as well as training in the operation of Part IIIA of the Privacy Act. The credit provider also provided a written apology to the complainant.

The complainant indicated they wanted to receive compensation for the breaches of the Act. The Commissioner asked the complainant to substantiate this claim to further the conciliation process. The complainant did not respond to this request and consequently, the Commissioner closed the file under section 41(2)(a) of the Privacy Act on the basis that it had been adequately dealt with by the credit provider.

OFFICE OF THE PRIVACY COMMISSIONER June 2005