The Federal Privacy Commissioner, Karen Curtis, has today released case notes 16 to 19 regarding collection of personal information, a default listing on consumer credit file and the use of personal information for direct marketing.

In Z v Credit Provider [2004] PrivCmrA 16 the complainant attended a bank branch and presented a cheque marked to 'cash' to the bank teller. The bank teller asked the individual for identification and recorded the information on the back of the cheque. The complainant argued that the bank did not need to collect the personal information because the cheque was made out to cash and could be exchanged only for cash.

The bank advised that if it pays a cash cheque in error, it is responsible for the funds and will not be able to recover them from the account holder.

The Commissioner decided that the collection of personal information to identify an individual who wanted to exchange a cash cheque did not breach National Privacy Principles 8 and 1.1.

In C v Service Provider [2004] PrivCmrA 17 the complainant was stopped by the police, was required to attend hospital for a blood test and advised that he could not drive his car. He was given the choice of being driven to hospital in the police vehicle or using an ambulance. He chose the ambulance.

The complainant did not receive any information about payment arrangements prior to using the ambulance service. Later, the complainant received an invoice for the cost of the ambulance journey which allowed 30 days to pay. He did not pay the account. The ambulance service attempted to collect the debt and as it was not paid, listed a payment default on the individual's consumer credit information file.

The Commissioner concluded that the arrangement in this case did not constitute a loan under the Act (and therefore that the payment default listing could not be disclosed to a credit reporting agency) as it did not meet the meaning of credit as found in section 18(1)(b)(vi). In addition the purported payment default listing did not meet the requirements of section 18E(8)(c).

In H v Credit Provider [2004] PrivCmrA18 the complainant applied to be engaged as a consultant with the respondent. In the course of the application he was asked to complete a standard loan form rather than a form specific to his engagement as a consultant. The complainant later found that that the respondent had accessed his consumer credit information file.

The Commissioner found that the respondent had breached sections 18E(8)(a), 18E(8)(b), 18G(a) of the Privacy Act and Paragraph 2.5 of the Credit Reporting Code of Conduct by accessing the complainant's consumer credit information file and listing an enquiry on it. Following conciliation, the respondent agreed to advise the credit reporting agency that the information it supplied regarding the complainant was inaccurate. It also agreed to pay the complainant $2,500 as full and final payment in resolution of the complaint and offered a no admissions apology.

In E v Motor Vehicle Retail Organisation [2004] PrivCmrA 19 the complainant received direct marketing material sent by the respondent. The material advertised the respondent's retail business and targeted the complainant as an owner of a particular type of motor vehicle. The complainant complained about the use of his personal information in this way without his consent.

Enquiries of the respondent revealed that the respondent had collected the personal information as part of a marketing list specifically obtained from another organisation for the purpose of direct marketing. The Commissioner was of the view that the respondent collected the complainant's personal information for the primary purpose of direct marketing and used the personal information for this same purpose. There was therefore no breach of National Privacy Principal 2 as the respondent's use of the personal information was within the primary purpose of the collection.

The Federal Privacy Commissioner publishes case notes of finalised complaints that she considers would be of interest to the general public. Not all complaints are recorded in case notes so the published notes only illustrate the types of cases resolved by the Office rather than giving a comprehensive account of them.

Most cases chosen for inclusion in case notes involve new interpretation of the Act or associated legislation, illustrate systemic issues, or illustrate the application of the law to a particular industry. The notes do not identify the parties to the complaint. Identities are kept confidential to maintain the privacy of the parties involved.

The Privacy Act makes it a function of the Commissioner to endeavour to resolve complaints by conciliation (s.27(1)(a)). As a result, the outcome in any particular case reflects a number of factors, including the applicable law, the facts of the matter and the approach to the conciliation process taken by both complainant and respondent. Please visit the Complaint Case Notes and Complaint Determinations page for more details.