Malcolm Crompton

Federal Privacy Commissioner

 

 

What is privacy?

 

Privacy and Security in the Information Age Conference

16-17 August 2001

 

Melbourne What is privacy?

This paper discusses the fundamental nature, yet continually changing face, of privacy.  It outlines some of the modern history of thinking on privacy and looks at what Australians are saying about what privacy is for us today. 

The privacy issues that concern communities - and the solutions to those challenges -are continually changing.  Privacy issues develop with new technology and business practices.  All this points to a continuous need to rebalance the solutions.  The paper examines information privacy and the concepts of personal information and consent that underpin privacy and data protection laws.  The information age - the focus of this conference - is challenging the effectiveness of these concepts in delivering on privacy.  We are entering a period when we may have to rethink and redevelop how these fundamental concepts work in practice. 

Privacy is a long term issue.  From one perspective at least, humans have been facing issues of privacy or the lack of privacy at least since the time of ancient Rome[1].  In 1890 in what is now regarded as the key early modern writing on privacy, Samuel Warren and Louis Brandeis referred to privacy as the ''right to be let alone''[2] and argued for the need for a legal protection of this right in the face of ''recent inventions and business methods''.

While the face of the world and business methods have changed, the Warren and Brandeis formulation remains one the simplest and most meaningful answers to the question of ''what is privacy?''

Some fundamental part of human dignity requires privacy.  Privacy is part of the claim to personal autonomy.  It supports the various freedoms that democratic countries value.  As then Professor Zelman Cowen said in the 1969 Boyer lectures 

''A man without privacy is a man without dignity; the fear that Big Brother is watching and listening threatens the freedom of the individual no less than the prison bars''.[3] 

He went on to argue that without privacy one cannot in a meaningful sense be an individual and that growth and development of the individual depends partly on a conceded area of solitude and anonymity. 

Privacy is recognised globally as a universal value.  The International Covenant on Civil and Political Rights[4] is one of a number of international instruments that recognise privacy among the basic rights.  Article 17 states

''No one shall be subjected to arbitrary or unlawful interference with his privacy, family, home or correspondence, nor to unlawful attacks on his honour and reputation.''

David Banisar[5] of EPIC suggests privacy can be divided into four separate but related concepts:

• Information privacy - involving rules for the handling of personal data
• Bodily privacy - protection of our physical selves against invasive procedures
• Privacy of communications - security and privacy of mail, telephones etc
• Territorial privacy - setting limits on intrusions into domestic and other environments.

Over the last century thinking about what privacy is, whether and when it is worth protecting, and if it is, how it should be done has developed as new inventions and business methods have emerged.  For example, the development of photography and printing presses meant that candid images of people could be recorded and distributed without consent.  This development lead to court cases where more complexities about ''the right to be let alone'' were debated - including the notion that this right needed to be weighed against the public''s right to know about things of legitimate public concern. 

The difficulty in defining privacy is illustrated by the fact that in the Commonwealth Privacy Act, we have an Act dedicated to protecting privacy, yet it does not define it.  Just as much of the thinking on privacy has developed in response to threats to it, the Privacy Act defines ''interferences'' with privacy rather than privacy itself. 

Indeed, privacy is something that arouses more thought and interest in its absence or when it is threatened than in its presence.  Prince Edward illustrated this when he was quoted as saying on the eve of his marriage that you don''t value your privacy until you have lost it.  We are in a period of rapid technological change where the technology is spawning new information and many new ways of collecting information (for example Internet click stream data; data that identifies where you, your car or your phone were at a particular time etc).  As a consequence, interest in and debate about privacy appears to be at one of its peaks.

The new technologies currently feeding debates on privacy include:

·        the internet

·        exponential increases in the computer''s capacity for storage and analysis of data

·        video surveillance of the general population (as illustrated by cameras in the street aimed at reducing crime, cameras at the ATM and cameras in taxis etc)

·        locational information collected as a by-product of our use of mobile phones, e‑toll systems etc

·        our increasing capacity to identify people from their retina, voice, DNA or other biometrics

·        genetic testing and our growing understanding of DNA.

What these developments mean for ''the right to be let alone'', where the balance of public interests lies, and whether we as a community want to regulate these developments and if so how, are questions that we are constantly having to revisit and reconsider.

Because it is easier to recognise and debate privacy when it is threatened than when it is stable, protection of privacy is not a central concern of most people all of the time.  Alan Westin[6] for example divides the American population into three categories: the privacy fundamentalists (about 25 per cent) who are deeply concerned about privacy rights and potential privacy invasions); the privacy unconcerned (12%) people who don''t care to think about privacy and don''t see any problem in giving their information away and most people - the privacy pragmatists (people who are always balancing the potential benefits and threats in sharing information).

 

The nature of privacy also means its face changes over time.  Through recent history people have argued that unless immediate action is taken people will have no privacy to lose.  Sometimes there has been action, sometimes not, but still there is privacy to lose.  Why is that?  Perhaps it is because technology gives us new ways to live our lives, new ways for businesses to do business, new devices to make our lives convenient, workable.  These developments go hand in hand with new information about us that can be collected, used and disclosed.  For example, Richard M Smith (a US privacy activist) has argued that ''this coming decade is going to be known as the decade of tracking and monitoring''.[7] 

Privacy is an ongoing issue.  It is dynamic - its face changes as our attitudes and the technical, business, government and wider environment change.  How we balance the different social and economic interests to come up with privacy solutions which are appropriate to the time and place will also change over time. 

The remainder of this paper focuses on Australian community attitudes to privacy, government responses to privacy and some of the challenges to thinking on privacy presented by today''s technological challenges and business environment.

What is the face of privacy today as revealed in surveys and the press? 

Not only is the technology constantly changing but community attitudes towards privacy and the ''right'' balance to strike in protecting privacy and taking advantage of benefits to be derived from new technology varies.  We need to take account of the dynamic environment in which privacy operates when considering current threats to privacy and also in re-evaluating previously adequate ''solutions'' to the problem of protecting privacy (for example where technology renders the old solutions obsolete or inadequate or where community attitudes indicate significant uneasiness with the current situation).

 

Recently the Office of the Federal Privacy Commissioner commissioned surveys of business, government and community attitudes to privacy[8].  The surveys focussed on information privacy.  The results of the community survey give a feel for what the general community see as information privacy issues.  For example over 90 per cent of people viewed the following activities as an invasion of privacy:

• a business with which you have no dealings obtains your details (95%)
• monitoring of internet usage without the individual''s knowledge (90%)
• using personal details for a purpose other than that intended (94%)
• asking details irrelevant to the transaction (93%). 

Attitudes revealed by the survey reflect a desire among the community to gain control over how their information is used.  Ninety-one per cent of respondents said that business should have to ask permission before using people''s personal information for marketing purposes.  Similar percentages thought that it was important that organisations advise people about who would have access to their personal information (89 per cent) and how their personal information might be used (92 per cent). 

The perceptions and beliefs underlying these results reveal a significant disparity between what people think should happen and what they believe does happen with their personal information.  Eighty-four per cent of respondents believed that businesses often transfer or sell customer details in mailing lists to other businesses.  Yet 87% of respondents said they would be ''concerned'' or ''very concerned'' if a retailer passed on name, age, address and interest details to another retailer without their knowledge[9]. 

However results of the business survey[10] revealed a significant disparity between what consumers believe happens with their personal information and what most business indicated in the survey that it does with customers'' personal information.  Ninety per cent of organisations responding to the business survey said they never sold, rented out or transferred customer details to other organisations.  Fourteen per cent said they regularly obtained information about customers or potential customers from other organisations. 

Interestingly, 95% of businesses considered the privacy of customers'' information to be very important.  Eighty per cent saw their business as dependent to a considerable extent upon their ability to protect and responsibly use their customers'' personal information. 

AustraliaSCAN[11] surveys reinforce the conclusion that use of personal information for direct marketing is a major area of privacy concern for the Australians.  Three of the top six privacy issues identified by respondents related to using information for marketing purposes.  The top six privacy issues (selected from a list of 14 issues) were:

·    Business collecting and supplying data to marketing companies

·    Sales of mailing lists without permission

·    Unsolicited phone calls for purposes of selling products/ services

·    Tax department checking your bank account without your knowledge

·    Unsolicited phone calls for fund raising

·    Genetic profiling by insurance companies

Part of the community''s response to the privacy issues emerging over the past few decades has been to expect government to act.  This part of the paper will now discuss some aspects of government approaches the task of protecting privacy.

Governments have passed laws that deal with a number of the aspects of privacy identified by David Banisar (referred to earlier).  There are laws limiting interference with bodily privacy (assault laws and laws allowing law enforcement organisations to undertake body searches subject to strict safeguards) and property laws that go part way to providing territorial privacy.  Similarly there are laws generally prohibiting interfering with the privacy of communications (eg the Telecommunications (Interception) Act).  In each of these four areas rights are given to the individual through a combination of laws and by people agreeing to follow certain rules of behaviour.

 

In recent times Australian governments have focussed on the privacy of personal information when drawing up legislation to protect privacy.  Most modern privacy and data protection laws are based on the OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data.[12].

Privacy and data protection acts have tried to solve the contextual and dynamic nature of privacy by building in control by individuals over their personal information through mechanisms of choice and consent.  This goes towards giving individuals rights to have aspects of their lives ''let alone''. 

Concepts of personal information and consent are fundamental to information privacy law.  However social and technological developments are challenging our understanding and the usefulness of both these concepts and it is therefore worth exploring them in some detail.

The federal Privacy Act (in section 6) defines personal information as

''information or an opinion … about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion''. 

There is a legitimate concern that over time this definition of personal information will become less effective in providing individuals with a right to be let alone. 

Until recently data that was collected in identified form could be de-identified, but  de‑identified data could not subsequently be re‑identified subsequently.  We are witnessing the emergence of a technical capacity to gradually identify ''non identified'' data - a practice that could be referred to as ''identity creep''.  This capacity is emerging because:

• through data mining and other techniques it is increasingly possible to link a line of ''de-identified'' unit data to other data and work out to whom the data belongs with a fairly high degree of certainty. 

·        data about web site or internet usage collected via cookies etc, may start out being collected in basically non-identified form (for example Internet Protocol address) but additional identifying information provided at a later stage (for example when entering a competition or buying something) is able to be retrospectively linked back to that ''non-identified'' data.  This can even be a gradual process - identifying one household, later the males versus females or young versus old living there, eventually leading to actual name.[13]

Other challenges to the usefulness of the notion of ''personal information'' in protecting privacy arise from:

• the expanding capacity of databases to store, analyse and sift through information.  This makes it increasingly difficult to determine when identity is ''reasonably able to be ascertained'' and when information is de-identified.

• people being unaware that they are providing identified information or information that will enable them to be identified.  For example, people may not be aware that their name and e-mail address may be embedded in their browser.  While people can take steps to eliminate this information, they cannot do that if they do not know the information is there.

• the difficulty in determining if some new types of information arising out of information and communications technology are ''personal information''.  It is possible that under some circumstances, e-mail addresses, mobile phone numbers, and information and about the location of mobile phones may not be personal information under the Privacy Act definition.  However media reports suggest collection and use of this information causes people a great deal of unease regardless of whether or not this information can be called personal information.

• collection and amalgamation of data from a variety of sources about the characteristics of people in a certain location that can provide a very fine grained picture of a person''s probable characteristics.  Even if the information is not strictly ''identifiable'' there are signs that it is enough to cause discomfort among some sections of the population.

On one level consent is quite a straightforward concept.  However we need to think hard about how consent works in practice, what constitutes consent and when consent can be construed from lack of action.  Technology has facilitated the practice of doing business and interacting at a distance and this is having an impact on when and how organisations get consent.

The Office has recently been considering issues of consent in the context of the extension of the federal Privacy Act to the private sector.  In the draft Guidelines on the new legislation, based on our understanding of the common law, we observed that for consent to be valid it should be informed, specific and voluntary.  There have been strong reactions taken against what some regard as the Office taking too strict a position.  Some argue that meeting these tests places too much of a burden on organisations.

For consent to be voluntary a person must be free to make a choice.  If handing over personal information and agreeing to it being used for other purposes is a condition of a transaction, it is arguable whether the person can truly be said to have consented to the other uses, especially if the person has little choice but to enter into the transaction in the first place. 

Much of our participation in everyday life requires us to divulge our personal information.  One way of viewing this is that people make a trade off (in providing their personal information) to take up some of the opportunities offered by modern life.  Most people are willing to do this - privacy is not an absolute.  Where there is understanding and choice, people can make these decisions.  Where there is no choice and where the service is a fundamental of life (job, health service, housing, food) or even a near fundamental (phone, or soon internet access) the individual may feel coerced into providing personal information or consenting to its use and disclosure.  This can lead to personal information being collected and used in ways with which we are uncomfortable at a community level.

 

Where does this lead us?  Should we be strict about consent and when it can be inferred?  Part of the answer to this is yes.  Another part answer is to ensure that there are appropriate safeguards protecting personal information when it has to be provided without consent.  But we need a more complete answer to situations where there is effectively little real choice, in dealings with either government or business.  In the business world, though, part of the answer is to foster choice by encouraging organisations to recognise the potential competitive advantage they may gain from giving individuals more control over their personal information than competitors do.  This is the ''good privacy is good business'' model that the OFPC is encouraging. 

The protections around the Tax File Number (TFN) illustrate the difficulty of defining what is consent.  The underlying principle of the TFN protection in the Privacy Act and Tax laws is the notion that quotation of the tax file number should always be voluntary - that individuals should have a choice of whether to hand this number over or not. 

However, this position has evolved since the upgraded TFN was introduced only a dozen or so years ago.  In the early days of the TFN, the consequence of not providing a TFN was that tax on income was paid at the highest marginal tax rate at the time of receiving the income and excess tax would be refunded at the end of the tax year.  However, since then, successive governments have expanded the authorised uses of the TFN to assistance agency and superannuation law.  For example, many people are generally ineligible to receive social security payments unless they have provided their TFN.  It is open to debate whether there is now any real choice for such individuals but to provide their TFN for some of the newer purposes. 

What to do when there is little or no choice.

If ''consent'' is being sought for collection, uses or disclosure of information and there is little real choice, we might be better off openly acknowledging it that rather than stretching the notion of consent so far that it is almost unrecognisable.  In return for taking control over their information away from individuals, there should be additional safeguards protecting that information from unrelated uses or disclosures.  Safeguards could include prohibitions on using the information for other purposes without the individual''s consent and strict accountability measures.  In the case of the TFN it should be noted that strict limitations do apply to their use and disclosure.

Indeed, even though a civil society such as ours places strong emphasis on individual choice, we have also recognised that individuals should not always have choice over providing personal information or how it is used or disclosed.  This is recognised in a in a number of Acts of our Parliament, but one in particular illustrates the difficulty of finding and maintaining a balance acceptable to the community.  It is the Commonwealth Electoral Act as it relates to the electoral roll.

The electoral roll is one of a number of public registers where personal information collected under a law is accessible to the public.  In the case of many public registers consent plays no role - either in the collection of the information or it is release or disclosure and subsequent use. 

In Australia it is compulsory to register to vote and to provide a range of detailed personal information (including full name, residential address, phone number, postal address, former surname, data of birth, country of birth, citizenship and former enrolled address) when enrolling to vote.  Public access to the electoral roll underlies the democratic process.  It enables individuals to check the accuracy of their own enrolment details, to check the correctness of the enrolment of other electors, and in doing so, to prevent electoral fraud.  Australians, though their federal Parliament have decided that the public interest in protecting the democratic process through this means is such that consent has no role in either the collection or public disclosure of this information.

Where personal information is collected without consent it is entirely appropriate for there to be restrictions on what information is collected and how it can be used and disclosed.  In the case of the electoral roll the Commonwealth Electoral Act provides some safeguards for this information.  Among other things the Commonwealth Electoral Act restricts the use of the electoral roll to ''permitted purposes'' where the electoral roll has been obtained in electronic form. 

This restriction on use of the electoral roll may have been an adequate safeguard at the time it was put in place but technological and environmental developments are reducing its effectiveness alarmingly.  In a submission to a parliamentary inquiry into the Privacy Bill, the Australian Electoral Commission noted that the roll is being scanned or keyed into electronic databases and used for commercial purposes such as direct marketing.[14]  There is also evidence of a growing market in databases based upon the electoral roll that have been merged with other public registers.  There is also clear evidence of an expanding range of uses of the roll by federal government agencies (now authorised by regulation) for non-electoral purpose ranging from law enforcement, locating debtors to federal agencies to identifying and locating tax payers. 

(In response to a recommendation in the report of the Joint standing Committee on Electoral Matters'' inquiry into the 1996 Federal Election[15] the Australian Electoral Commission is currently reviewing sections 89 to 92 of the Commonwealth Electoral Act.  These sections deal with uses of the electoral roll, among other things.)

The recent report of the Joint Standing Committee on Electoral Matters[16] supported the implementation of more stringent proof of identity requirements when people are enrolling to vote.  If implemented this is likely deliver an improvement in the quality of the electoral roll.  However it should be recognised that improved quality, in what is already one of the best publicly accessible lists of all adult Australians, will make it an even more attractive list for other organisations to use for other purposes. 

There is a great deal of public concern over the use of the electoral roll for non electoral purposes.  For example 70% of people in the OFPC consumer attitudes survey thought electoral roll should not be accessed for marketing purposes.

In the Office''s submission to the Joint Standing Committee on Electoral Matters Inquiry into integrity of the electoral roll we recommended[17] the Parliament should consider imposing the same restrictions on use of the electoral roll whether it is provided in printed or electronic form. 

The electoral roll is one of a number of public registers where there are inadequate constraints on the use of personal information for purposes unrelated to the reason for the register being publicly accessible.  The OFPC submission to the Inquiry also recommended that the broader issues be examined through a public inquiry reviewing and updating the privacy protection of information held in public registers.  The work of the Office of the New Zealand Privacy Commissioner on public registers will be a useful resource for work that Australia does on this issue[18]. 

We are now facing a new privacy challenge - protecting the privacy of information about individuals'' genetic make-up. 

The challenges we face with genetic information throw into new relief some of the themes of this paper - that privacy is about the dignity of human beings; that the face of privacy is continually changing that current concepts of consent and personal information may not be effective tools to achieve the goals of privacy.  Just as the privacy issues arising from genetic testing and DNA analysis are dynamic, so will be the solutions as knowledge and understanding develop.

The privacy issues raised by our new understanding of DNA highlight how privacy has a significant role to play in retaining human dignity.  Nothing is more fundamental to us as individuals than our genetic makeup.  Our DNA influences the nature of our bodies, the diseases to which we are susceptible, general features of our mind and our ways of thinking.

As genetic information is shared with our close relatives with predictable probabilities, it challenges the individualistic notions upon which data protection law is based.  For example, if a grandparent has a certain gene and a grandchild undergoes a genetic test and finds he or she has that gene, in some circumstances this may mean it is clear that parent also has the gene.  In this case does the parent as well as the grandchild have a role to play in consent being sought for grandchild''s genetic test?  Who can consent to the disclosure of this information?  Are the DNA test results only the personal information of the person who supplied the DNA or do others in the direct genetic line have rights to know that information and control its use and disclosure?  To protect privacy in the future we may want to consider further developing the notion of joint or shared personal information and principles that apply to it.[19]

There are also community wide issues to be resolved in the collection and use of genetic information.  To what extent should business (employers, insurers etc) be able to discriminate in their business decisions on the basis of individual genetic make-up?  Should individuals with a ''good'' genetic makeup be allowed to benefit from it, for example in buying insurance cheaply?  Put another way, does society want people it perceives as having a good genetic makeup to cross subsidise those it perceives as having a less healthy genetic profile?  These are ethical issues that may be partially solved by privacy rules such as prohibiting certain business from collecting and using DNA as a basis for decision making. 

On closer analysis, few of these questions are actually ''brand new''.  Life insurers, for example, require declaration of any known pre-existing conditions and instances of certain illnesses and conditions in close members of the applicant''s family.  On the other hand, health insurers are prohibited from discriminating in selling health insurance on the basis of ill health.  As another example, ten years ago, society struggled with finding the right balance in what insurers and others should know about an individual''s HIV status and if and when people could be asked to have an HIV test for insurance and superannuation. 

The challenge for society now is to think the issues through rationally and ethically and in the fullest possible knowledge of the scientific and social impact of our actions and decisions.  We must remain very humble about the partial state of our knowledge.  At this stage we know some of the facts (for example the likely DNA sequences in our chromosomes); we know something about the probabilities of certain genotypes expressing actual phenotypes but we know little about the social impact of this knowledge.  The imperfect state or our knowledge and our even more limited understanding of its significance  is illustrated by a recent report[20] that the DNA used for forensic testing - referred to as junk DNA because it supposedly reveals nothing significant about a person''s genetic make up or health -  has recently been discovered to reveal a person''s susceptibility to type 1 diabetes.  What will we learn next?

For something as fundamental as genetic information and its appropriate privacy protection, society needs to ensure that the issues are considered in a sensible sequence.  In an ideal world, first, the scientific facts and their factual implications need to be established and understood.  Only in light of such understanding should the social decisions on the use, including privacy protection, of genetic information be made. 

The challenge is that this sequence is often impossible to follow.  Society may not want to wait until it has a reasonable understanding of the factual implications of the scientific facts.  Moving inappropriately could cut off options for significant social gains.  On the other hand taking no action could lead to inappropriate social impacts.  In short, we need to proceed quickly but judiciously in deciding about the privacy protection of genetic information.  Wherever possible we should understand the factual implications of the scientific facts before making our social decisions.  Where the risks of inaction are too great we need to be aware that the steps we take to protect the privacy of DNA information will need to be regularly reviewed as our understanding of the science and the social implications develops and as our attitudes change.

These are just some of the challenges facing the inquiry that has been established by the Government to look into genetic privacy.  The inquiry is being run jointly by the Australian Law Reform Commission and the Australian Health Ethics Committee and is expected to report in 2002.[21]  It will release a Discussion Paper later in 2001 as part of its inquiry.  It should generate the vigorous public debate that we need for a community perspective to be developed, but hopefully the debate will also take account of some of the considerations raised here.

At a fundamental level privacy is about personal autonomy and underpins human dignity.  Privacy also is a fundamental part of the fabric of society.  It is at the heart of how we want to be private individuals even though we are also social beings that also expect to be able to interact with each other and be able to live our lives efficiently and take advantage of new developments including in technology.

Privacy is dynamic.  Its face is constantly changing.  Our attitude towards privacy also varies over time and among people.

The solutions that we find acceptable today in balancing privacy and other interests may be an unacceptable or ineffectual solution tomorrow.  There is always new information to collect, use, analyse and store and new benefits to be derived from new technologies which go hand in hand with new information.  There will also be new ways to make use of information that has been collected for a long time.  To protect privacy effectively, we need to be monitoring these changes continually and asking ''is the balance right for today and the foreseeable future?''

One of the fascinating aspects of privacy is that there are always new issues to debate and old issues to be revisited in light of new developments.  The to and fro of debate is pivotal to a healthy society.  When our society is considering the privacy issues arising from the information age, we must ensure that it is a rigorous and wide ranging debate in which the whole the community takes part. 

[1] Peter Toohey, 2001, ''Blues Brother'', Spectrum, Sydney Morning Herald, 14 July 2001www.smh.com.au/news/0107/14/spectrum/spectrum2.html

[2] Samuel Warren and Louis Brandeis, 1890, ''The Right to Privacy'', 4 Harvard Law Review 193, 1890, and available at:

www.louisville.edu/library/law/brandeis/privacy.html

[3] Zelman Cowen, 1969, ''The Private Man'', The Boyer Lectures, Australian Broadcasting Commission, p9-10

[4] Accessible on the internet at www.unhchr.ch/html/menu3/b/a_ccpr.htm

[5] Banisar D, 2000, Privacy and Human rights: an international survey of privacy laws and developments, Electronic Privacy Information Centre, Washington.  www.privacyinternational.org/survey/

[6] Alan Westin, On Privacy, Privacy and American Business (www.pandab.org/onprivacy.html)

[7] Richard M Smith quoted in Toby Lester, 2001, ''The Reinvention of Privacy'' Atlantic Monthly, March 2001 (www.theatlantic.com/issues/2001/03/lester.htm)

[8] Office of the Federal Privacy Commissioner, July 2001, Privacy and the Community, and Office of the Federal Privacy Commissioner, July 2001, Privacy and Business  (www.privacy.gov.au/aboutprivacy/attitudes )

[9] This was much more likely to be an issue of ''great concern'' for older people (73 % of people over 50 years old) than younger people (39% of those aged 18-24).  Younger people were also significantly less likely than older people to believe that businesses often transfer or sell customer details to other businesses

[10] Office of the Federal Privacy Commissioner, July 2001, Privacy and Business

[11] AustraliaSCAN 2001,  (unpublished) Notes on Privacy Concerns in Australia, Quantum Market Research

[12] Available at: www.oecd.org/dsti/sti/it/secur/prod/PRIV-EN.HTM

[13] Kirsty Needham & AAP, 2001, ''Big Brother technology coming to your loungeroom'', Sydney Morning Herald, 28 June 2001, (www.smh.com.au/news/0106/28/biztech/biztech25.html)

[14] Australian Electoral Commission, ''Submission to the House of Representatives Standing Committee on Legal and Constitutional Affairs on the Privacy Amendment (Private Sector) Bill 2000'' 12 May 2000.

[15] Joint Standing Committee on Electoral Matters, 1997, ''The 1996 Federal Election''.

[16] Joint Standing Committee on Electoral Matters, 2001, ''User friendly, not abuser friendly - Report of the Inquiry into the Integrity of the Electoral Roll'' Parliament of the Commonwealth of Australia. (www.aph.gov.au/house/committee/em/ElecRoll/Report.htm)

[17] Office of the Federal Privacy Commissioner, 2000, Submission to the Joint Standing Committee on Electoral Matters Inquiry into integrity of the electoral roll'' (www.privacy.gov.au/materials#8.6)

[18] Blair Stewart, Five Strategies for Addressing Public Register privacy Problems, 21st International Conference on Privacy and Data Protection, Hong Kong, September 1999 (www.pco.org.hk/english/infocentre/conference.html)

[19] Georg Apenes, 1999, ''Genetics and Privacy Protection'', 22nd International Conference on Privacy and Personal Data Protection, Venice. (http://astra.garanteprivacy.it/garante/frontdoor/1,1003,,00.html?LANG=2)

[20] David Concar, 2001, ''Fingerprint fear'' New Scientist, 2 May 2001. (www.newscientist.com/news/news.jsp?id=ns9999694)

[21]See the joint press release by the federal Attorney‑General and Minister for Health of 7 February 2001 at: www.law.gov.au/aghome/agnews/2001newsag/jointWoolridge_01.htm