SECTION ONE

OFPC Contributions to Community Debate on Genetic Privacy

3.1 The Office of the Federal Privacy Commissioner (OFPC) has participated in previous community discussions and debate concerning the protection of genetic privacy. The elements of those contributions are summarised here and are relied on in this submission.

3.2 In 1996, in response to a request from the Commonwealth Attorney-General for a discussion paper on the privacy implications of genetic testing, this Office identified the need for systematic and accessible data on the amount of genetic testing performed, the handling of genetic information and the community’s attitudes to such issues as access to their genetic information (OFPC, 1996, p.2).

3.3 The same paper described the special characteristics of genetic information, which included its predictive and familial nature (OFPC, 1996, p.11-13).

3.4 In 1998, a submission by my predecessor to a Senate Inquiry into the Genetic Privacy and Non-Discrimination Bill 1998 argued that personal genetic information should be included as a specialised part of a more general scheme for protecting the privacy of health information (OFPC, 1998, p.7).

3.5 This Office then published an Issues Paper for consultation on the Application of the National Principles for the Fair Handling of Personal Information to Personal Health Information, which observed that ‘the question of whether genetic information required specific additional protection [was] a separate issue that may warrant further investigation.’ (OFPC, 1999a, p3)

3.6 In December 1999, following responses to that Issues Paper, the Office reported to the Commonwealth Government that:

1. adequate arrangements for the protection of the privacy of health information depended critically on whether they are workable in the context of the overall national privacy framework (OFPC,1999b, p.4).
2. ‘a clear and readily interpretable definition [of health information] will be crucial to a workable regulatory environment for people or organisations with mixed holdings of personal health information and other personal information.’(ibid., p.12)
   
   

3.7 In an OFPC submission to the House of Representatives Inquiry into the private sector amendments to the Act, concern was expressed at the breadth of the exemptions for small business and employee records from coverage by the Act (OFPC, 2000a, pp.7-13). Those concerns were repeated to the Senate Legal and Constitutional Legislation Inquiry (OFPC, 2000b, pp.2-7), when particular reference was also made to genetic information being held in employee records or by small businesses without any privacy protection (ibid., p.10).

‘The Map of Life’

4.1 With the publication of the first draft of the sequence of the human genome in 2000, we, as a community, are beginning to read ‘the map of life’ for individuals. We are beginning to understand the significance of this knowledge. For example, in terms of susceptibility to disease or even predispositions to certain behaviours, we can begin to chart the direction of a person’s life. Moreover, there is a powerful source of information to be gained about the health of a person’s genetic relatives and, in some instances, even of communities. Much of the excitement surrounding these advances stems from the realization of the potential benefits to mankind, especially in health care.

4.2 On the other hand, as Professor Peter Doherty pointed out in an address given at the National Library of Australia (Doherty, 2001), we know, in terms of their functions, only about a third of what ‘the words in the dictionary of life’ mean. So, while scientific knowledge of the role of inheritance in health and disease is being revolutionised, scientists are still a long way from a complete understanding of genetics. Necessarily, the community is even further away from comprehending the social implications of these developments. Crucial questions which need answers include:

• How will research into genetics affect the way people think of themselves as human beings with free will?
• What are the public and private costs and benefits of the scientific developments?
• How do we, as a society, best balance those costs and benefits?
• Can our law-making procedures keep pace with the rate of change?
• Are laws the best way to protect society against any abuses?

4.3 Many people consider their health information to be intensely intimate information about the fundamentals of their lives. What people learn and know about their health affects many of the decisions they make about their lives. A person’s genes are now recognized as a powerful and expanding source of information about that person’s present and future health. In those circumstances, to what extent can we, and should we be able to, keep private that information?

4.4 Recent research conducted on behalf of this Office (OFPC, 2001a) has demonstrated that the public’s apprehension about the privacy of its health information ranks highly among its various concerns. In the United Kingdom, the Human Genetics Commission (HGC) has published the results of a major survey on attitudes to human genetics, which are generally consistent with Australian attitudes regarding their health information and privacy (HGC, 2001).

Technological Change

5.1 Genetic knowledge has been linked with an ‘explosion of unparalleled activity in biotechnology, information technology and the globalisation of technology change.’(World Health Organisation, 2001) These technological advances have been recognised by the Organisation for Economic Co-operation and Development. It has published a Ministerial Declaration on the Protection of Privacy on Global Networks (OECD, 1998a) and Guidelines for Consumer Protection in the Context of Electronic Commerce (OECD, 1998b). The Guidelines acknowledge ‘the inherently international nature of digital networks and computer technologies that comprise the electronic marketplace.’

5.2 The commercial applications of genetics within that electronic marketplace hold promise of great rewards. They also pose further questions around issues of how individuals can maintain a degree of control over their health information. There is a need for innovation to find workable answers to these questions. As was said by this Office in 2000:

‘Changes in technology and globalisation have contributed to a general preference amongst governments for finding alternatives to formal government regulation to achieve policy objectives and to remain competitive within national and international markets.’(OFPC, 2000c, p.7)

5.3 It is vital for Australia as a competitive and forward-thinking nation that the institutional measures, which are proposed for the protection of genetic privacy, are capable of accommodating genetic and technological developments and their pace of change. There is a pressing need for Australian social institutions to establish and develop a responsive framework, within which we can reap the benefits of these advances, while minimizing the harms involved – in particular, the harms constituted by unwarranted violations of Australian’s privacy.

International Instruments – Balancing Competing Rights

6.1 There are a number of international instruments which articulate the competing rights and interests and which any measures to protect genetic privacy should respect. Article 17 of the International Covenant on Civil and Political Rights 1966 reiterated the universal right to privacy, as first expressed in the Universal Declaration of Human Rights of 1948. The Article states that no one shall be subjected to arbitrary or unlawful interference with their privacy and that everyone is entitled to the protection of the law against such interferences or attacks.

6.2 What is implicit in those words is that:

• there may be just and lawful interferences with our right to privacy; and
• the just and lawful interferences will promote the community’s interest in such matters as its safety, security and good public health.

6.3 In 1997, the Universal Declaration on the Human Genome and Human Rights was adopted unanimously by the UNESCO General Conference (UNESCO,1997). Three fundamental principles lie at the heart of the Declaration:

• the human genome, in its natural state, is part of the ‘the heritage of all humanity’,
• the dignity of every human being, regardless of genetic characteristics, must be guaranteed and
• the rejection of genetic reductionism ( Kirby, 1998).

6.4 The Declaration’s emphasis upon the dignity of the individual is balanced by a recognition of competing interests. The Preamble to the Declaration acknowledges the benefits of genetic research to the health of individuals and humankind as a whole. Article 12 also recognises that freedom of research is necessary for the progress of knowledge and scientific advances (UNESCO, ibid).

6.5 The Act reflects the need to balance the rights of the individual with the rights of society and other interests. Under section 29, the Federal Privacy Commissioner is obliged to have ‘due regard for the protection of important human rights and social interests that compete with privacy,…’. Those interests include the ‘general desirability of a free flow of information… and the recognition of the right of government and business to achieve their objectives in an efficient way.’

6.6 Institutional measures which have as their hallmark values of civility and decency successfully achieve the balance between individual rights and the common good. An example is to be found in the combination of measures to control the spread of HIV infection in Australia. Consultation with the community, an alliance between medicine, government and the community - together with public health legislation that balances compulsion with respect for confidentiality - all played a role in successfully meeting the challenges of infectious disease control in this country.

6.7 It is by adopting similar strategies, targeted at the particular challenges of genetic information, that our institutions can achieve the appropriate balance between the competing rights and interests involved in protecting genetic privacy.

The Significance of Genetic Information – Genetic Exceptionalism

7.1 As a threshold issue, the Issues Paper asks whether human genetic information is ‘so unique or so much more powerful than other forms of health information that it requires special legal protection or other exceptional measures’ (Question 2-1 at p.91). This is asked in the context of a discussion about ‘genetic exceptionalism’ and whether or not the course of our lives can be said to be pre-determined by our genes.

7.2 In Chapter 2 of the Issues Paper, there is a comprehensive exposition, inter alia, of the basic science involved in genetics, genetic testing and the arguments for and against regarding human genetic information as being unique or exceptional. Many of the claims for genetic exceptionalism are derived from assertions to the general effect that a person’s inherited characteristics are exclusively determined by the sequence of the DNA bases held in their chromosomes. This orthodoxy is now the subject of strong challenge (Commoner, 2002).

7.3 Human genetic information should be regarded as a discretely identified form of health information, but not so special that it is accorded the status of being unique. As a starting point, reference is made to Article 2 of the UNESCO Declaration of the Human Genome and Human Rights (UNESCO, 1997), which states:

a) Everyone has a right to respect for their dignity and for their rights regardless of their genetic characteristics.

b) That dignity makes it imperative not to reduce individuals to their genetic characteristics and to respect their uniqueness and diversity.’

7.4 To ignore the ‘uniqueness and diversity’ inherent in every individual and to regard human beings solely in terms of their genetic characteristics is to ignore the fact that people are a combination of their genetic makeup and the physical and social environments in which all of us grew up and live. Except in the simplest of cases, we, as a society, are a long way from understanding how these factors interact. Given that limitation, it would be unwise to base fundamental decisions about our lives and our futures upon broad assumptions.

7.5 More importantly, again except in the simplest of circumstances, this understanding should not override the fact that, as human beings, we have the unique capacity to make rational decisions about our lives. This means that the greatest human right is the freedom to choose. Even if our understanding of the interaction of the determining factors were to improve enormously, except where social considerations require it (for example, the lawful prevention of harms to others), the existence of a free society presumes that the individual is free to choose.

7.6 Especially where that choice involves our own bodies and destinies, the voluntary nature of our decision-making excludes reliance on the concept that our lives and well-being are pre-determined genetically. To hold otherwise is to render an exercise of an individual’s free will in a democratic society as a meaningless practice. With that freedom to choose, there comes the social recognition of the need for people to take responsibility for their decisions, which could otherwise be evaded by pleading genetic pre-determinism. The consequences of the latter, for example, in the criminal justice system, are unthinkable.

The Social/Political Implications of Genetic Exceptionalism

8.1 If society accords genetic information a unique or exceptional significance, there is the potential for an unwarranted degree of social restraint. Professor Doherty posed the scenario of medical geneticists creating, from a tiny sample of a new-born’s blood, a ‘genetic fate map of life’. From that, he said, health professionals could determine susceptibility to any number of serious conditions - Alzheimer’s disease, some forms of cancer and so on (Doherty, 2001). These practices are now done in the interests of justifiable preventive medicine.

8.2 That genetic fate map, however, may indicate a predisposition to heroin addiction or other anti-social behaviours later in life. The questions asked by Professor Doherty as to these scenarios included:

• whether we, as a society, might wish to ‘breed out’ these genetic disorders, a practice with echoes of the twentieth century’s interest in eugenics;
• whether governments should offer financial incentives to couples to establish their genetic compatibility before reproduction; or
• whether governments might even consider the imposition of life-long social restraints on individuals who have a genetic pre-disposition to anti-social behaviours.

8.3 The question to be answered is whether we as a society want a social fabric where these practices are acceptable. By subscribing to a reductionist view of genetics, such an approach may become acceptable. If so, Australian institutions and individuals might determine social and political decisions primarily on the basis of genetics. These decisions could involve uses of genetic information which this community currently regards as unjustifiable violations of privacy.

8.4 For these reasons, I support an approach to human genetic information that answers in the negative the question posed by the Issues Paper at p.91. This approach allows a balanced view of the diverse factors to be taken into account by our social institutions in their decision-making processes. How the Australian community chooses to use the genetic information of its population should be based upon a good understanding of the science, consideration of the implications of that knowledge and the outcomes of a well-informed and widespread community debate. As regards privacy protection for genetic information, a non-reductionist approach still allows scope for the special characteristics of that information to be given their due weight.

The Special Characteristics of Genetic Information

9.1 The second point for discussion arising from the nature of human genetic information is whether ‘it is so qualitatively different from other health information that it requires special privacy protection’ (Issues Paper, para. 4.13 at p.127).

9.2 The distinctive qualities of genetic information have been summarised in the 1996 OFPC paper The Privacy Implications of Genetic Testing (pp.11-14). That summary was adopted by my immediate predecessor in the OFPC submission to the 1998 Senate Inquiry into the Australian Democrats’ Bill on these matters (OFPC, 1998, pp.4-7). In turn, the Issues Paper (at pp.126-127) has relied on that formulation. For those reasons, that summary will not be re-stated here in any detail.

9.3 To that summary, there can be added the commercial value of genetic information, which arises from the use of sophisticated biotechnologies and their applications in developing medications for previously untreatable conditions. There are also strong economic incentives to employ human genetic information in the workplace and in the insurance industry.

9.4 It has also been observed that it is the cumulative effect of more than one of these characteristics in one person’s genetic information which may warrant special protections (HGC, 2001).

9.5 This submission, however, focuses on two of those special characteristics:

a) the predictive power of genetic information, by which the predisposition of an asymptomatic individual to serious illness, or even possibly, behavioural disorders, may be determined often many years in advance and with varying degrees of certainty;

b) its shared familial nature, which, given its predictive power, requires consideration of the interests of genetic or blood relatives and, in some cases, the interests of population groups.

9.6 There are a number of considerations to be taken into account:

• The existence of other forms of health information which are capable of predicting an individual’s susceptibility to a particular condition; for example, a history of exposure to toxic substances may be as revealing as a gene test.
• A patient’s family medical history or ‘pedigree’ is capable of revealing a propensity for illness in a genetic relative.
• Our understanding of human genetics and of the interaction of environmental factors in the causes of morbidity is limited.
• With a few exceptions, the predictive qualities of genetic information are limited to probabilities, often poorly understood.
• An undue reliance upon genetic information and genome technology in the health field raise concerns ‘that non-genetic determinants of health will be neglected.’(WHO, 2001)

9.7 For these reasons, it is not intended to depart from the view previously argued on behalf of this Office (OFPC, 1998) that human genetic information should be treated as a subset of ‘health information’, with such close attention being given to its place within existing protections as is justified by its special characteristics.

9.8 A related issue is whether ‘special privacy protection’ is required for genetic information having regard to the sources of that information. At p. 86, the Issues Paper lists the ways in which genetic information may be revealed. In the interests of simplicity and ‘workability’, the privacy protection to be afforded to genetic information should be based primarily on the regulation of the activities ­– the acceptable uses and the misuses - involving that information. This approach ‘places the emphasis upon the social context of genetic information – on the way in which people will use genetic information in their dealings with others.’(HGC, 2001)

 

SECTION TWO

An Institutional Framework of Privacy Protection

10.1 The compelling factors relating to genetics, and canvassed in paras.3.1– 9.8 of this submission, argue for the adoption of an Australian institutional framework, designed to meet the singular challenges of protecting genetic privacy. As Professor Doherty puts it, we need ‘a spectrum of accepted practices, laws and penalties to protect people from invasion of their privacy and basic rights’ (2001, p.8).

10.2 The Australian social institutions of government, law, health, and commerce together with the community groups that comprise our civil society have a major role to play in contributing to that spectrum. The encouragement and maintenance of public confidence in the decision-making institutions are critical. If comprehensive protections of the privacy of genetic information are not in place (or not known to be in place), people may distrust enterprises which adopt the outcomes of scientific and medical research. As a result, the many benefits of genetic research, such as improved health care and law enforcement, will not be enjoyed by those for whom they were intended.

10.3 To achieve the necessary social acceptance of genetic and technological advances, it will be essential for our institutions to operate within the following ‘learning framework’, which should encourage them to:

• keep abreast of advances in genetic knowledge, learning from their own experience and the experience of the scientific and medical applications of advances in genetic knowledge;
• in particular, ensure that health care professionals and medical researchers learn from the community support groups representing those with genetic disorders in developing policies and strategies;
• incorporate that knowledge and experience in their decision-making processes;
• ensure that their decisions are transparent and accountable;
• provide the community with best possible means of understanding developments in genetic knowledge and of participating fully in the decisions which may dramatically affect their lives;
• be receptive and responsive to community perceptions, concerns and to the promotion of their legitimate interests; and
• regard as paramount an ethical approach to all their activities and outcomes.

A Standing Advisory Body

11.1 To promote these goals, there is a need for a body of sufficient authority and status to serve as a focus and as a paradigm for the work of our social institutions. A multi-disciplinary body would be capable of identifying and responding to the influences of, and the interplay between, science, the health and legal professions, research and commerce. With these capacities, it would be an invaluable source of advice for government.

11.2 Using the input from strategic surveys and sophisticated forms of public consultation, such a body could bring together the leaders in their fields to develop, maintain and disseminate knowledge which is both relevant and up-to-date. By engaging the leaders in their respective fields, such a body could provide the impetus and direction for strategic education programs aimed at, for example, health care providers or consumers.

11.3 For these reasons, I support the establishment by the Commonwealth Government of a standing advisory body, as suggested in the Issues Paper. An Australian Human Genetics Advisory Commission would be an independent statutory body, perhaps akin to the United Kingdom Human Genetics Commission. Its membership and functions could be along the lines outlined in paras.2.152 – 2.154 of the Issues Paper at pp.96-97.

11.4 To facilitate a uniform national approach to genetics and to the protection of genetic privacy, a standing advisory body could consult with and receive advice from the Australian Health Ministers Council. It is anticipated that the advisory body could collaborate with this Office to ensure responsive and appropriate privacy protections for genetic information.

A Responsive National Legislative Scheme

12.1 The institutional framework, referred to in paras.10.1 – 10.3 of this submission, calls for a solid foundation in the form of a responsive national legislative scheme which protects the privacy of all personal information, including health information.

12.2 The rate of scientific and technological advances requires regulation capable of responding to evolving and multifaceted circumstances. A regulatory scheme, which attempts to codify exhaustively the rights and obligations arising from the many information-handling practices involving genetic information, runs the risk of undue complexity and unintended harmful consequences. Straightforward and principle-based laws will stand a better chance of remaining in touch with the practicalities of the science and with the issues raised by the application of that science to everyday situations. As a previous Privacy Commissioner has observed: ‘Any public policy measures in this area would have to be sensitive to the large number of factors that may be relevant to a particular case. Hard and fast rules are not likely to give good outcomes.’(OFPC, 1996, p.25)

12.3 Other key elements of an effective regulatory scheme include:

• an adequate set of privacy principles that reflect, for example, the ideas embodied in the Guidelines on the Protection of Privacy and Transborder Flows of Personal Data (OECD, 1980) and the Guidelines for Consumer Protection in the Context of Electronic Commerce (OECD, 1998b);
• an approach that is readily understood and provides principles that are adaptable to readily changing circumstances;
• comprehensive coverage across all public and private sector organisations that affect people’s information privacy;
• consistent levels of protection for all forms of personal information, including health information;
• effective incentives to achieve compliance, including sanctions where appropriate;
• a reliable and independent mechanism for monitoring compliance with the scheme and for reporting on its effectiveness;
• accessible, affordable, timely and independent mechanisms for complaint handling and dispute resolutions;
• technological neutrality, so that there is no distinction in standards between paper-based and electronic records. (OFPC, 2000a, pp.2-3)

12.4 Given the stakes that are involved in genetic privacy, it bears repeating that privacy protection for health information needs to be workable in the context of the overall national privacy framework. Not only should privacy standards be efficient and capable of ready implementation, they should also apply consistently across the nation. The cost to privacy protection, as well as the material costs, may be too high, if the regulation of privacy were to rely upon a mixture of inconsistent and competing privacy standards.

12.5 I support the work undertaken by the Privacy Working Group of the Australian Health Ministers’ Advisory Council in developing a National Health Privacy Code and the outcomes, described at p.156 of the Issues Paper, to which it is committed. In seeking to avoid inconsistent standards of privacy protection across the different jurisdictions and to minimise the number of compliance mechanisms, consideration could be given to the submission of the final Code for approval by this Office under the Act and its adoption by the States and Territories.

12.6 I do not support the introduction of discrete privacy legislation by the Commonwealth Government to protect either health information or genetic information separately. Additional legislation of that nature will create problems of compatibility with the existing privacy framework. It would prejudice attempts to realise a consistent national standard for the protection of health information privacy. The introduction of a separate scheme to protect health information privacy, or even genetic information privacy, intended to co-exist with existing forms of regulation, would be likely to encourage forum-shopping or ‘regulatory arbitrage’.

12.7 In the interests of achieving a single uniform scheme of privacy regulation for health information, it would be preferable to concentrate on improving existing legislation within the current regulatory framework. Any special legislative protections for health information generally or genetic information in particular should be effected within this framework.

12.7 Our goals for the legislative protection of genetic privacy will need to be realistic:

‘…it is important to choose manageable issues in devising the legal responses and not to wait for a comprehensive response which answers all the problems. No such super response is possible.’ (Kirby, 1999.)

SECTION THREE

The Adequacy of Existing Legislation

13.1 The Issues Paper (Question 4-1 at p.145) seeks comment on the adequacy of existing legislation to protect genetic information. The summary of the Act, its coverage of both Commonwealth and private sectors and the application of the NPPs to genetic information (Issues Paper pp.128-150) provides a useful, though not exhaustive, analysis of the existing federal privacy legislation.

13.2 With the introduction of the private sector amendments to the Act in December 2001, the Commonwealth Government established a ‘comprehensive national scheme providing for the appropriate collection, holding, use, correction, disclosure and transfer of personal information by organisations in the private sector.’ (Commonwealth Attorney-General, 2000a)

13.3 This statutory framework forms the appropriate basis for privacy solutions that can work across the Australian community and at all levels of individual and corporate activity. It employs a series of high-level, flexible privacy principles, supported by a range of enforcement mechanisms, which include alternative dispute resolution and the power to make enforceable determinations. By introducing the use of Codes to be approved by this Office, the government established an adaptable, co-regulatory approach, suitable to the industry-specific needs of business. When used with a range of non-legislative measures such as education and community networking, the current co-regulatory scheme has the capacity to achieve the optimum privacy outcomes the community aspires to in protecting the privacy of all forms of personal information.

13.4 In general, the legislation incorporates those key elements of privacy legislation enumerated in para.12.3 of this submission. In the particular context of genetic information, the Act also accommodates the desirable ‘learning framework’, as described in para.10.3. This allows the community and organisations to take advantage of the best privacy practices as they are developed, and for privacy solutions to be devised and adapted to the advances in genetics and technological change.

13.5 Notwithstanding the view that the Act provides a sound basis for the comprehensive, consistent and effective protection of all forms of personal information for Australians, the special characteristics of genetic information, when considered with certain information-handling practices, may require limited amendments to the Act.

13.6 If Commonwealth legislation were introduced to provide separate privacy regulation for either health information or human genetic information, this would introduce a further layer of privacy regulation. This would inevitably create complex problems in securing compliance by organisations, especially those that held both genetic and other forms of personal information. For these reasons, I recommend an approach by which the distinctive qualities of genetic information are recognised through amendments to existing legislation.

The Definition of ‘Health Information’

14.1 At pp.142-145, the Issues Paper canvasses the scope of the definition of ‘health information’ (section 6 of the Act). At this point, it is useful to reiterate the three-level categorisation of information effected by section 6:

1. personal information
2. sensitive information
3. health information

14.2 Within the scheme of obligations placed upon organisations by the NPPs, different levels of protection will apply to each of the three categories, depending on the information-handling practice involved. For example, the collection of personal information is covered by NPP1. However in the case of sensitive information, which includes health information, an organisation is obliged to comply with both NPP1 and NPP10. Recognising the disparate circumstances in which health information may need to be collected without the individual’s consent, NPP10 provides a range of broadly defined exceptions where collection without consent is permissible.

14.3 Organisations, including health service providers, are assisted in interpreting section 6 and the NPPs with the publication by the Office of Guidelines on Privacy in the Private Health Sector (OFPC, 2001b).

14.4 The virtue of this definitional approach is its simplicity of application. Instead of having a separate piece of legislation, or a separate section of the Act, which applies to health information and/or genetic information, the current scheme allows for consistency of application across all forms of personal information.

14.5 The definition of ‘health information’, as it stands, covers the majority of the known characteristics of genetic information. For example, it covers the predictive nature of an individual’s genetic information.

14.6 A further distinctive quality of genetic information – its shared familial nature – is not, however, recognised by the definition. There is then a gap in the protection against the unauthorised handling of a genetic relative’s health information, which could lead to unintended harms. For example, information regarding a relative’s predisposition to a serious condition that is obtained from an individual’s gene test could be disclosed by an organisation for research purposes without the relative’s consent or without the need to comply with NPP2.1(d). Moreover the genetic information obtained from an individual by an organisation may relate not only to the individual’s descendants, but also to a parent or sibling of the individual tested, whose privacy interests need protection against unauthorised handling.

14.7 Accordingly, there should be an amendment to the definition of ‘health information’ which puts beyond doubt the intention of the Act to cover genetic information about an individual in a form which is or could be predictive of the health (at any time) of the individual or of any of his or her genetic relatives.

Are Bodily Samples ‘Health Information’?

15.1 In a recent article in the Sydney Morning Herald (Smith, 2002, p.1), the issue of unauthorised collection of minute bodily samples was raised. A further issue was the consideration given by the U.K. Human Genetics Commission to the possible introduction of the crime of ‘DNA theft’.

15.2 It is certainly arguable that such ‘DNA theft’ is a violation of an individual’s bodily privacy – that is, there is an unauthorised interference with or violation of one’s person, analogous to the offence of an assault, but which also has elements of the offence of robbery.

15.3 With the application of a scientific process, a bodily sample, such as a hair or residual tissue, can be the source of information that is capable of identifying a person. It may also be informative about the person’s health or genetic characteristics and, perhaps, in thirty years time, it could reveal far more information. It is, however, an individual’s informational privacy that is at stake, rather than their bodily privacy. It is that informational privacy which our current regulatory framework aims to protect.

15.4 In the interests of consistent and coherent regulation of information privacy, the abuses or misuses of that information need to be regulated, rather than the sources of that information. For these reasons, I would be reluctant to support a further amendment to the definition of either ‘personal information’ or ‘health information’ to include bodily samples or other sources of genetic information. However, this may well be a matter for an Australian Human Genetics Advisory Commission to consider in some detail.

Exemptions under the Privacy Act 1988 – Employee Records

16.1 The Issues Paper summarises (pp.131-132) the exemption granted by section 7B(3) of the Act to acts or practices relating to employee records. Reference is also made to the definition of ‘employee records’ under the section 6 of the Act. The implications of this exemption for the protection of the privacy of genetic information are canvassed in the Issues Paper.

16.2 In its submissions to the House of Representatives Standing Committee on Legal and Constitutional Affairs and the Senate Legal and Constitutional Committee Inquiries into the Provisions of the Privacy Amendment (Private Sector) Bill 2000, the Office argued against the form of the employee records exemption as drafted in the Bill (OFPC, 2000a; OFPC 2000b). It was maintained before the House of Representatives’ Inquiry that:

‘The proposed exemption, as set out in the Bill, is also not consistent with the proposed treatment of sensitive information, including health information, proposed elsewhere in the Bill. This follows from the definition of ‘employee record’ as including, for example, trade union membership, membership of professional or trade associations and aspects of employee health information.

Sensitive information, and more particularly, health information are given more specific levels of protection in the Bill. I strongly support this approach. I do not support proposals that might then weaken that protection for the many Australians who are employees.” (OFPC, 2000a, p.12)

16.3 The Advisory Report on the Privacy Amendment (Private Sector) Bill 2000, of the House of Representatives Standing Committee on Legal and Constitutional Affairs sought ways in which health information could be protected by the privacy legislation, even if it is part of an employee’s record. Recommendations 5 and 7 of that Report identified the Committee’s preferred method of achieving this (House of Representatives, 2000).

16.4 With the additional sensitivities of genetic information and the potential for harmful uses of that information, such as wrongful dismissal or discriminatory employment practices, consideration should be given to an amendment to the employee records exemption, which would extend the Act’s protection of health information.

16.5 It is important to note also that the Commonwealth Government specifically supports privacy protection for employee records. The Attorney-General has stated that:

‘While employee records deserve privacy protection, it is the Government’s view that such protection is more properly a matter for Workplace Relations legislation….The Government will review existing Commonwealth, State and Territory laws to consider the extent of privacy protection for employee records and whether there is need for further regulation.’(Commonwealth Attorney-General, 2000b)

The review is still under way.

Exemptions under the Privacy Act 1988 – Small Business

17. There is a further gap in the coverage of health information in the form of the small business exemption under section 6C of the Act. That gap is limited to a certain extent by the provisions of section 6D(4). This sub-section removes the exemption from organisations, which, inter alia, provide a health service to an individual and hold any health information except in an employee record.

17.2 Again, the breadth of this exemption was questioned in the course of both the House of Representatives and the Senate Committees’ Inquiries into the Bill which introduced the private sector amendments to the Act. In particular, the Office’s submission to the House of Representatives Inquiry observed that people’s sensitive information, including health information, held by small businesses that are not health services, would fall outside the protection of the private sector provisions (OFPC, 2000a, p.10).

17.3 In the Office’s submission to the Senate Inquiry, in the context of both the employee record and small business exemptions, special reference was made to genetic privacy protection in the light of that information’s special characteristics (OFPC, 2000b, pp.10-11).

17.4 If both of these exemptions remain in full force, there is the potential for unacceptable uses of health and genetic information within the private sector, to which the Act may not apply.

Strengthening the Protection of Genetic Privacy

18.1 The simplest way of addressing the problem of inadequate protection of genetic information in the workplace and for small business would be at source. Rather than leaving the exemptions unchanged and introducing new legislation with all the complexities of two regulatory schemes interacting, it would be preferable to amend the existing legislation so as to protect health information held by small business operators and in employee records.

18.2 With the simplicity and effectiveness of the definitional scheme referred to in paras.14.1 – 14.5 of this submission, appropriate amendments to the Act could be readily effected.

18.3 If the Parliament does not amend the legislation earlier, it may well consider that the review of the Act to be conducted in 2003 may provide the opportunity to make any further amendments which are seen as necessary to strengthen the protection of genetic information. The Commonwealth Attorney-General announced this review in the Revised Explanatory Memorandum to the Privacy Amendment (Private Sector)Bill 2000 (Commonwealth Attorney-General 2000a).

The Collection of Genetic Information

19.1 At p.146, the Issues Paper seeks comment on the ‘potential privacy problems that may arise in the practical application of the Act and the NPPs (Question 4-3). The first of these issues relates to the collection of genetic information.

19.2 In general, the NPPs place obligations upon organisations which regulate their handling of an individual’s personal information. As regards sensitive information, which includes genetic information as a subset of health information, NPP10 obliges an organisation to obtain the consent of the individual before that information can be collected, unless certain exceptions apply.

19.3 Due to the distinctive qualities of genetic information – for example, its predictive power– it is essential that individuals retain the right not to be tested. The impact upon any given individual of learning of their test results cannot always be foretold.

19.4 Not only is the right not to be tested consistent with the concept of respecting a person’s bodily integrity, but it also protects the right of an individual, as a self-determining human being, not to know that information about themselves and, in particular, not to have anyone else know.

19.5 Problems may arise, however, in circumstances where, in the course of a diagnosis, treatment or care of an individual, an organisation collects a medical history from an individual which also reveals health information about a genetic relative. NPP1.5 would require the organisation to inform the relative of the matters contained in NPP1.3, relating to the circumstances of the collection. NPP10 would also require the organisation to obtain the relative’s consent to the collection of the health information about them, except in certain defined situations such as where the collection is required by law.

19.6 Since the collection of health information about relatives from an individual forms an integral part of a wide range of health services, the continuation of this practice by providers would have been in breach of NPP1 and NPP10. In order not to unduly impede the provision of health services, a Temporary Public Interest Determination under Section 80B(3) now allows the taking of family histories by health service providers without being in breach of the NPPs (OFPC, 2001e). This would include the collection by an organisation from an individual of genetic information about the individual’s relative.

19.7 As required by the Act, an extensive consultation process will be undertaken by the Office to gauge the merits of making this determination a permanent one.

19.8 An emerging and related problem is the operation of the new privacy law where a strong inducement that compromises privacy is offered through the ‘bundling’ of very broad consents to a number of uses and disclosures of an individual’s information as a condition of purchase. In effect, a number of financial institutions are making it a condition of individuals’ access to their services that the individuals agree to a very wide range of uses and disclosures, including marketing and no alternative course is offered. If the provision of insurance cover, for example, becomes conditional upon submitting to a genetic test and the subsequent use of the test results to determine risk, then, while the consent of the individual to testing would be offered, the individual would have little option but to agree (see para.47.1 of this submission). Consideration should be given to whether privacy laws are strong enough to prevent this and, if not, then the law should be amended to ensure that real choice is available in the marketplace.

The Use and Disclosure of Genetic Information

20.1 Where an organisation has collected genetic information about an individual, problems may arise when that information contains genetic information about a relative of the individual. That information may suggest, for example, that the relative is susceptible to a serious medical condition which, in due course and without appropriate clinical care, could have grave consequences for that person.

20.2 Under NPP2.1, an organisation is not permitted to use or disclose genetic information for a secondary purpose, unrelated to the primary purpose of collection, without the consent of the individual, except in defined circumstances. As NPP2.1 stands, the organisation has an obligation not to disclose that genetic information to the relative, unless the individual consents or one of the exceptions applies.

20.3 The consequences of this situation may be that the well-being and health of the genetic relative rests solely on a decision to be made by the individual. In terms of medical ethics and codes of professional conduct, the situation calls into question the obligations placed by NPP2.1 on health service providers.

20.4 The Cancer Genetics Ethics Committee of the Anti-Cancer Council of Victoria has proposed a ‘medical model’ of regulation to apply to genetic testing (Issues Paper p.147). Under such a model, there would be less focus on the right of individuals to protect their privacy. Instead, greater recognition would be given to professional medical opinion on questions of best clinical practice for both patients and their families.

‘…and doctors will have a special role in providing and imparting genetic information that may appear contrary to their traditional obligations to maintain patient confidentiality.’ (Issues Paper, p.147)

20.5 While this approach has merit, it fails to take into account a number of other relevant factors, which include:

• the fundamental nature of an individual’s right to maintain a degree of control over the handling of their health information;
• the right of the individual is to be balanced with the legitimate interests of third parties and the of the community in general;
• the need to accommodate a range of competing interests calls for input from a number of disciplines, such as the law, science, ethics as well as health care;
• the decision-making process in such situations may well involve a range of psycho-social factors, calling for the expertise of a number of professionals, such as counsellors, behavioural psychologists and psychiatrists, as well the physician;
• the complexity of having a number of regulatory schemes applying to information-handling practices involving health information.

20.6 Within any given family, the interests of its members properly include the right of a member not to know the outcome of a relative’s gene test. In some families, the person best qualified to make a particular decision regarding disclosure to a relative is another member of the family or even a friend of the family. Alternatively, it may be impossible for family members to communicate at all, let alone about the implications of genetic test results affecting one of the family.

A Manageable Solution

21.1 The complexities of the issues around disclosure defy any attempt to reach a simple resolution. A realistic and manageable solution could involve two concepts with which the Office has had a degree of experience, namely, legislative regulation and guidance, employing the wisdom, experience and expertise to be found from numerous sources within Australia.

21.2 The authority of legislation is required if the legitimate interests of interested parties are to be secured and made capable of enforcement. Any attempt, however, to legislate exhaustively would be defeated by the multiplicity of situations which could arise and by future scientific advances. The appropriate starting point, then, is the existing Act and, in particular, NPP2, which deals with the use and disclosure of personal/health information.

21.3 An appropriate amendment to NPP2.1(e) could, in general terms, permit a discretion to be reposed in an organisation to disclose an individual’s genetic information to a relative, where such disclosure could reasonably be expected to lessen or prevent serious harm to the relative.

21.4 This discretion would be made subject to guidelines, which could provide guidance as to:

a) the circumstances in which such a discretion may be exercised;

b) the factors to be taken into account by the organisation in exercising that discretion, including the genetic relative’s right not to know.

21.5 Appropriate amendments to the Act could be effected, placing the responsibility for the formulation and issuing of comprehensive guidelines, after extensive consultation, within the province of a suitable authority, such as the NHMRC.

21.6 The issue principally involves information-handling practices and the protection of the privacy of genetic information. For this reason, the process of approval of the guidelines, as issued by the suitable authority, could well rest with this Office, taking into account the public interest in protecting the individual’s right to the privacy of their genetic information and the public interest in preventing avoidable, serious harms.

21.7 Similar amendments to Information Privacy Principle 11.1(c) and the Act would take into account the genetic information held by Commonwealth agencies.

21.8 An essential part of the processes involved in these situations would be the open and transparent communication between all the interested parties. Without pre-empting the decisions to be made about appropriate guidelines, I would strongly support the development of genetic counselling services and the employment of that expertise in these situations. These and other desirable forms of information exchanges, designed to ensure well-informed decisions, could be given due attention in the development of guidelines.

A Genetic Relative’s Right Not to Know

22.1 As foreshadowed in para.21 of this submission, issues surrounding the disclosure of genetic information to a relative of an individual involve consideration of the relative’s right not to be made aware of that information. The Issues Paper (at p.151) seeks comment on this matter.

22.2 Within the ambit of the manageable solution proposed to cover issues of disclosure to genetic relatives by amendment to NPP2.1(e) and IPP11.1(c), there is adequate scope to accommodate this issue. It is a feasible approach if the guidelines, suggested in para.21.4 of this submission, were to require consideration of a relative’s wishes. Again, it would be an appropriate case for the employment of expert genetic counselling at appropriate stages of the process.

SECTION FOUR

Medical Research

The International Character of Medical Genetic Research

23.1 Medical research into human genetics is providing many exciting opportunities for the understanding and treatment of a range of medical disorders for people of all countries (WHO, 2000). However, research into the development of cutting-edge drugs, employing sophisticated gene technologies and involving a series of obligatory clinical trials, is resource-intensive and requires the participation of multi-disciplinary centers of learning. Medical research at this level calls for the formation of international partnerships and the involvement of Australian researchers with overseas consortiums and large international companies (Doherty, 2001).

23.2 The need for thorough research into clinical treatments is expressed in Article 6 of the World Medical Association’s Ethical Principles for Medical Research Involving Human Subjects, commonly known as the Declaration of Helsinki:

‘The primary purpose of medical research involving human subjects is to improve prophylactic, diagnostic and therapeutic procedures and the understanding of the aetiology and pathogenesis of disease. Even the best proven prophylactic, diagnostic, and therapeutic methods must continuously be challenged through research for their effectiveness, efficiency, accessibility and quality.’ (World Medical Association, 2000)

These words have a particular resonance in the context of genetic research, with its promise of new understandings of illness and revolutionary treatments.

23.3 The international nature of medical genetic research, allied with the explosion in information technologies, has significant implications for the protection of the privacy of genetic information. Concern for human rights across borders is reflected in a number of international instruments, including the Declaration of Helsinki, OECD Guidelines Governing the Protection of Privacy and the Transborder Flow of Information and the UNESCO Universal Declaration on the Human Genome and Human Rights (op. cit.) These instruments are based on universal values, including respect for the privacy of individuals.

23.4 Inevitably, Australian medical researchers in the field of genetics will be dealing with countries that have different standards for the protection of its citizens’ privacy. Researchers need to keep in mind that Australia is a signatory to these international instruments and has an obligation to maintain appropriate standards of privacy protection in all aspects of its research endeavours.

Commercial Pressures on Researchers

24.1 The Issues Paper (at pp.217-218) canvasses the implications of the developments in ‘pharmacogenetics’ – ‘the refinement of the design of pharmaceutical drugs so that they will be effective in populations defined by identifiable genetic conditions’ (Issues Paper, p.217). It is inevitable that we will be seeking international finance for such projects and international markets to make the projects commercially viable.

24.2 Developments of this nature, the Issues Paper argues, will require private sector finance beyond the capacity of government, thus removing the primary compliance tool employed by the National Statement on Ethical Conduct in Research Involving Humans (National Statement) (NHRMC, 1999). In the absence of such restraints, it is argued, the commercial pressures of the marketplace may compromise the integrity of the medical researchers.

24.3 Approaches such as those advocated by the Declaration of Helsinki will assist in meeting such concerns. For example, Principle 27 reminds authors and publishers of learned scientific journals of their ethical obligations. In particular, it states that:

‘Reports of experimentation not in accordance with the principles laid down in this Declaration should not be accepted for publication.’ (WMA, 2000)

Professional peer pressures and the need for acceptance of research outcomes in the international scientific community are powerful drivers in this area.

24.4 The Declaration and other international ethical guidelines are documents that have persuasive authority based on the standing and representativeness of its members. They are reviewed at appropriate intervals and have proved responsive to past challenges in medical research. Similar considerations apply to the National Statement.

Genetic Privacy and Research

25.1 The growth in information technologies and genetic knowledge requires us to be constantly alert to the potential for privacy violations involving genetic information. The goals and the significant potential of genetic research should never be regarded as providing an unfettered licence to ignore the potential for harms to individuals.

25.2 In the Declaration of Helsinki, specific reference is now made to the need for researchers to respect the privacy interests of research subjects: Principles 10 and 21. The protection of those interests is founded on the process of review by Institutional Ethics Committees, with appropriate emphasis on the requirements of informed consent.

A General Approach to Medical Research and Genetic Privacy in Australia

26.1 Australia’s approach to privacy in this area should reflect and be responsive to the international concerns summarised in the preceding paragraphs, as well as domestic ones. The brief references to the Declaration of Helsinki indicate that its values and goals are similar to those found in Australia’s National Statement. The national framework which is established to handle the issues relating to genetic privacy and medical research should be sufficiently robust and efficient to meet both those concerns.

26.2 In this context, it is useful to consider a passage from the National Statement:

‘Among the essential values for research is that of the integrity of researchers. This includes the commitment to research questions that are designed to contribute to knowledge, a commitment to the pursuit and protection of truth, a commitment to reliance on research methods appropriate to the discipline and honesty.’ (NHMRC, 1999, p.3)

26.3 What is compelling in these words is that they describe a process by which both individuals and society can be enriched by the pursuit of knowledge, not from a position of fear, but from one of confidence and trust in Australian researchers, who are entrusted with our genetic information. The stakes are high, given the pace of developments in genetic knowledge and biotechnologies. There is, however, an obligation on leaders, policy makers and representatives to provide the framework in which those essential values can come to the fore.

A National Framework

27.1 It is integral to this submission that the regulatory and other measures for the protection of genetic privacy in Australia are designed to function within a responsive national framework for the comprehensive protection of genetic privacy. The attributes to be looked for in the social institutions forming part of that framework are enumerated in para.10.3 of this submission. In the fields of medical research utilising human genetic information, these attributes will be at a premium. So too will be the availability of scientific and factual knowledge from research, surveys and consultations.

27.2 Without sufficient information and knowledge about the research conducted that uses genetic information and gene technologies involving humans, people may fall back on ill-informed speculation.

27.3 The existing framework for medical research is summarised in Chapter 6 of the Issues Paper. The National Health and Medical Research Council (NHMRC), AHEC, the Human Research Ethics Committees (HRECs) and the OFPC are part of the existing framework and have established roles to play. On numerous occasions, this Office has collaborated with the NHMRC and AHEC in protecting the privacy interests of research subjects. Under section 95 of the Act, the Privacy Commissioner approves Guidelines issued by the NHMRC for the protection of privacy in the conduct of medical research.

27.4 During 2001, AHEC and this Office were engaged in a review of the section 95 Guidelines to maximise their efficacy and to elicit the means to build on the existing framework. The results of this review may have the potential to inform the framework of privacy protection for genetic information.

Medical Research in the Private Sector

28.1 As previously observed, there is a growing involvement of the private sector in medical research. With the passage of the private sector amendments to the Act, the handling of personal and health information within the private sector is now generally subject to privacy regulation.

28.2 Reflecting the emphasis placed on obtaining an individual’s consent to the handling of that information which is to be found in the Declaration of Helsinki and the National Statement, NPPs 10.1(a) and 2.1(b) permit the collection, use and disclosure of genetic information with the consent of the individual.

28.3 The interests of researchers in furthering the goals of research are acknowledged by NPPs 10.3 and 2.1(d), where the handling of health information without the consent of the individual is to be conducted in accordance with guidelines under section 95A of the Act. Those guidelines have been issued by the NHMRC and approved by the Privacy Commissioner. They provide a framework for the approval by HRECs of research which involves the collection of health information for research in certain circumstances under NPP10.3(d)(iii) and for the use and disclosure of health information for the purposes of research under NPP2.1(d)(ii).

28.4 In 1996, this Office identified the need for individuals to have access to the information which organisations held about them. This was regarded as a pre-requisite for individuals to give their adequately informed consent to the use or disclosure of that information for the purposes of medical research (OFPC, 1996, p.29). With the introduction of NPP6, individuals now have a general right of access to, and correction of, the information which an organisation holds about them. This will improve the quality of the informed consent given by individuals whose information is sought to be employed for research purposes.

Australian Human Research Ethics Committees

29.1 The process of institutional review and guidance by Human Research Ethics Committees is at the centre of international and domestic protection of the interests of research subjects. Paragraph 18 of the National Statement makes specific reference to the role of HRECs in safeguarding the interests which research subjects have in controlling access to and use of their personal information. Paragraph 16 deals solely with human genetic research and HRECs are given specific duties central to the protection of individuals, families and collectivities from the risks of harms such as stigmatisation and discrimination: Paragraphs 16.1 & 2; 16.8 of the National Statement.

29.2 If epidemiological research (which is dealt with in Paragraph 14 of the National Statement) using human genetic information precedes the development of a new medication, employing sophisticated biotechnologies across a number of research centres and aiming at sections of the population with identifiable genetic characteristics, then a number of ethical protocols will need to be reviewed by a number of HRECs. The strength of the HRECs system is critical not only to the protection of the individuals at risk of harm, but also to sound research, good science and beneficial outcomes.

29.3 The process of institutional review by HRECs is fundamental to the integrity of the research process and to the protection of the privacy of individuals involved. The current structures for the protection of the privacy of personal and health information to be used in medical research in Australia are fundamentally sound. Utilising the learning processes within the framework recommended by para.10.3 of this submission, these structures form a sound basis for the protection of health information, including genetic information, in the field of medical research.

Strengthening the Protection of Health Information Used in Medical Research

30.1 The current protections of genetic privacy in the medical research context can be strengthened in two ways:

1. The relevant legislation could be amended to require all research bodies that undertake experimentation involving human beings to establish HRECs for their research. At present, only those research bodies which are publicly funded through the NHMRC are required to register their HRECs with the Council. By means of comprehensive registration requirements and supervision by the NHMRC, the accountability of the HRECs process would be greatly improved.
   
   
2. While it has been argued in this submission that the current structures are fundamentally sound, there needs to be sufficient resources made available to support the members of HRECs in their deliberations:

‘Institutions and organisations in which research involving humans is undertaken, must individually or jointly establish, adequately resource and maintain an HREC composed and functioning in accordance with this Statement.’ (NHMRC, 1999, para.2.1) (emphasis added)

30.2 This second element is crucial. The current HRECs structure currently depends heavily on the good will of respected members of Australian society, who generously give their already limited time to this very important process. HRECs are finding it increasingly difficult to meet additional obligations and processes as they are introduced.

30.3 In order to preserve the integrity of the HRECs review process, it is vital that:

• adequate funding be allocated to enable HRECs members to appropriately perform their duties;
• proper administrative and secretarial support be made available;
• the provision of such training and research support for HRECs as is necessary to enable them to meet their obligations.

Unless this significant additional assistance is provided, HRECs may not be in a position to meet their critical responsibilities in the manner that society expects. With the further demands and challenges of genetic research, such measures are essential.

Human Genetic Databases

Genetic Databases and Research – the Iceland Experience

31.1 The decision by the government of Iceland to license a single biotechnology corporation, broadly speaking, to collect, store and use for commercial research the genetic information of the population of Iceland has raised a great degree of heated controversy. See, for example, IPHRG, 2000; Philiposki, 1999.

31.2 It is, however, necessary to understand, in the research context, the purposes of the collection of genetic information (or data) into large databases and the uses to which that data are put. They have been summarised as follows:

‘Genetic databases are now helping elucidate gene function, estimate the prevalence of genes in populations, differentiate among subtypes of diseases, trace how genes may predispose to or protect against illnesses, and improve medical intervention. They achieve this by bringing together several streams of data about individuals: molecular genetic data; high quality standardised clinical data; data on health, lifestyle, and environment; and in some cases, genealogical data.’ (Lowrance, 2001)

31.3 While the collection of genetic data alone will have research utility, it is the linkage with other health and personal information in substantial quantities which can yield significant research outcomes. There are invaluable lessons to be learned from the Iceland experience.

The Necessity for Informed Consent?

32.1 As the Chairman of the Board of the Data Protection Authority in Iceland, Professor. P. Hreinsson explained (Hreinsson, 2001), the Icelandic Health Sector Database Act has been the subject of extended, and some ill-informed, discussion all over the world. There are, he observes, three databases involved in the project. One is for health data from the medical records of the population; another is the database containing genetic data or information; and the third has genealogical information. The legislation allowed for ‘the interconnection of all these databases in order to generate statistical responses….’ (ibid)

32.2 Among the issues described by Professor Hreinsson as regards the collection of health data from the population of Iceland was the scope of the consent of the individuals whose information was sought to be collected. Was the informed consent of the whole population to be sought with respect to one specific scientific study (which would comply with the requirements of the Declaration of Helsinki as to informed consent) or were individuals to be informed only of the purpose of the processing of that information? The former course was regarded as impracticable. Eventually, the Iceland Parliament decided that the consent of the population would be presumed, allowing individuals to expressly withdraw their consent to the inclusion of their health information within the database (ibid).

Further Developments

33.1 Professor Hreinsson’s account of the Iceland experience is also informative as to relevant developments:

• the World Medical Association, the author of the Declaration of Helsinki, is considering the scientific ethics of databases;
• legal action is being taken to test the legality of the consent provisions in terms of the European Convention on Human Rights;
• the technological encryption and security measures employed to protect the genetic and other data collected in the three databases.

33.2 The Chairman concludes that, in view of the commercial imperatives and international competition, there will need to be international harmonisation of regulations to achieve a consistent regulatory environment. He concludes by asking:

‘Will technological solutions replace the right of self-determination and other associated human rights and make it unnecessary to obtain consent of those concerned for the processing of perhaps even the most sensitive personal data?’(ibid)

Lessons for Australian Privacy Protection

34.1 It is evident that there are lessons, ethical and technical, to be drawn from the Iceland experience which can affect our approach to databases and to the protection of the health information they might contain. Guidance will be forthcoming from the WMA’s deliberations and the litigation in Iceland. Yet commercial imperatives and the attraction of advances in clinical care and their benefits for the Australian community may not wait for these lessons to be absorbed.

34.2 It is also very clear that there are dangers in allowing technological advances and solutions to ‘water down’ existing obligations and rights. If the commercial pressures and the desire to reap the benefits of research involving large databases of health information become irresistible, then the community should be involved in a well-informed and widespread debate, particularly if existing rights and obligations are to be substantially varied. Decisions will need to be informed not only by good science, but also by a thorough comprehension of the implications of the steps proposed.

A U.K. Approach to Genetic Databases

35.1 Reference is made in the Issues Paper (paras. 7.20 -7.21) to an inquiry into genetic databases by the House of Lords Select Committee on Science and Technology. The Issues Paper notes the Committee’s conclusion that sufficient regulation of those databases is to be found in the Data Protection Act 1998 (U.K.), which, generally speaking, resembles the Privacy Act 1988. The Committee noted:

‘We believe that it can generally be presumed that individuals are content for data about them to be used for the common good provided that their personal privacy is protected. As noted in paragraph 3.11, the Data Protection Act 1998 does not distinguish between genetic data and any other data about individuals – nor, as we indicate in paragraph 3.17, do we believe this to be necessary. We note, however, that many people may regard their genetic information as being particularly sensitive.’(House of Lords, 2001, para 7.48)

35.2 The following observations on the Select Committee’s Report are made:

• The strength of the presumption referred to in the first sentence of that quote may not be justified in the Australian context. Recent OFPC Research into community attitudes on privacy indicates that sixty-one per cent of the population thought that an individual’s permission should be sought before their unidentified health information was used for research purposes (OFPC, 2001a, p.37).

• The Report’s attitude to genetic information – that it is not necessary to distinguish between genetic data and any other data about individuals - differs from the approach taken in this submission, namely, that the special characteristics of genetic information do require a distinction to be made in certain circumstances.

• The reference by the Select Committee in the first sentence to the proviso that individuals will require their personal privacy to be protected requires examination. In fact, the Select Committee recommended that the approval for secondary uses of genetic information to be collected in databases would be in the hands, not of the individual whose information is to be used, but of a Data Protection Panel. This course was dependent on the individuals being informed of the uses to which their genetic information might be put and ‘on whether they had expressed any reservations.’ (House of Lords, 2001, para.7.56) (emphasis added) This suggests the advocacy of a form of presumed consent, with individuals being offered the option of withdrawing in a manner similar to that proposed in Iceland.

35.3 The Committee’s approach to the collection of genetic information in databases and to the issue of consent should be considered with their recommendations that:

(i) General practitioners’ databases be made compatible with one another to allow the retrieval of the ‘wealth of clinical information they contain’ (ibid.,para.16);

(ii) The use of the U.K. National Health Service number, to be assigned at birth to each individual as a common identifier, be made mandatory (para.1.19-1.20).

35.4 It is possible to infer from the paragraphs of the Report mentioned and from the totality of the Select Committee’s recommendations that the interests of medical research utilising genetic information and large databases may have been given undue prominence over the interests of privacy protection.

Existing Regulation in Australia

36.1 If the establishment of databases of health information generally and genetic information in particular are to play a legitimate and acceptable role in the achievement of the goals of research and medical care in Australia, it is evident that their establishment and functions need to be subject to appropriate controls. Such controls must ensure the proper balance between these goals and the protection of the individual’s privacy.

36.2 The existing regulatory framework in this country provides a sound basis for the protection of health information, including genetic information, when that information is collected and stored in databases and then used or disclosed for the purposes of research. The framework sets up a number of conditions which need to be satisfied before such information-handling practices can be pursued.

36.3 Health information can be collected, used or disclosed with the consent of the individual (NPP10.1(a) and NPP2.1(b)). Where it is impracticable for an organisation to seek the individual’s consent for the collection, use or disclosure of health information for a number of purposes, including research in the interests of public health, these information-handling activities are permitted in accordance with NPP10.3 and NPP2.1(d). If those organisations participating in research projects bring themselves within the provisions of these NPPs, then their projects will be subject to the scrutiny of the HREC approval process under the section 95A Guidelines. In the case of personal information held by Commonwealth agencies, section 95 establishes appropriate constraints involving HREC approval.

36.4 As to the security of the health information stored in databases, IPP4 and NPP4 both require the taking of appropriate measures to safeguard against loss and misuses arising from unauthorised access, modification and disclosure.

36.5 Under IPP6 and NPP6, there is now a general right of access to information that may be held in databases. Before an individual gives their consent to their genetic information being collected or used in a database, individuals can now satisfy themselves as to the accuracy of that information. As previously argued (para. 28.4), such access can enhance the quality of the informed consent.

An Example of Database Regulation

37.1 The personal information collected in databases from claims on the Medical Benefits and Pharmaceutical Benefits Programs are subject to binding guidelines issued by this Office pursuant to section 135AA of the National Health Act 1953. These guidelines require the separate storage of Medicare and Pharmaceutical Benefits Program claims information; they specify the circumstances in which data from the two programs may be linked; they require the de-identification of claims information over five years old and they specify the circumstances when old information may be re-identified.

37.2 This Office has worked with the Department of Health and Ageing and the Health Insurance Commission on the introduction and application of these guidelines. The experience gained from those activities can be usefully applied in the devising of the necessary privacy protections involving databases containing all forms of health information.

37.3 If necessary, similar special guidelines could be built into the framework of guidelines established under sections 95 and 95A of the Act. These would address the particular issues which may arise with human genetic databases.

The Need for Communication

38.1 The existing regulatory framework of privacy protection is fundamentally sound. The question remains whether there are further measures in this area, which would enhance an individual’s ability to maintain a degree of control over their genetic information.

38.2 One answer may be found in the Act itself. As a matter of policy, the Act encourages full communication between, on the one hand, Commonwealth agencies and organisations and, on the other, individuals whose personal and health information is to be handled by these bodies. Both IPP2 and NPP1 are explicit about the information that they are to provide about their information-handling practices. NPP2.1(a) provides an example of what may be achieved when organisations respect the privacy interests of individuals by taking them into their confidence – if the individual would reasonable expect an organisation to use or disclose their information for a directly related secondary purpose (which may involve medical research), then the organisation may use or disclose the information for that purpose.

38.3 Since the establishment of this Office, the lessons learned include that good communication promotes good privacy outcomes. The trust and confidence of the community, which are critical if the rewards of genetic research are to be realised, can be promoted by good communication. The learning framework advocated by this submission would benefit from policies promoting effective consultation and communication within the community on the matter of human genetic databases.

Medical Practitioners

Over-the Counter and Mail-Order Testing

39.1 At pp.243-244 the Issues Paper discusses the role of medical practitioners in the conduct of genetic testing. It notes, as a related issue, the development and availability of over-the-counter ‘Do It Yourself’ genetic test kits and mail-order genetic testing (para. 8.50).

39.2 A recent newspaper article (Fray, 2002) described the activities of a British company, which provided genetic testing either directly from the company or through selected retailers. The tests are conducted by the company on a sample provided by a purchaser and are limited to identifying the genetic characteristics of the individual which point to recommended changes in lifestyle and diet. They do not test for early onset disorders or single-gene illnesses.

39.3 As a commentator in the article observes, this testing ignores the multi-factorial dimensions of illness and can be unhelpful, if not misleading. The same information, it is argued, would be available from medical practitioners and other health care professionals (ibid).

39.4 The privacy concerns about mail-order testing include:

• inadequate security for the samples and the results, which is inherent in using the postal services;
• the potential for unethical or unlawful use of that information by the testing organisations;
• the potential for unintended consequences, where an individual may be required to disclose the results of a mail-order gene test to insurers or to employees to the disadvantage of the individual;
• a person’s taking a bodily sample from an individual without the individual’s knowledge and consent and submitting that sample to testing to establish, for example, paternity or a pre-disposition to illness – as in the case of ‘DNA theft’ referred to in para. 15.1;
• misinterpretation of the test results and their implications.

The last two concerns apply also to ‘DIY’ gene tests available over the counter at pharmacies or through the Internet.

Regulation of Commercial Genetic Testing

40.1 In the case of mail-order testing by Australian companies, the existing forms of regulation under the Act should be generally adequate to protect the privacy of genetic information. If, for example, a mail-order organisation did use or disclose genetic information about an individual, without the knowledge or consent of the individual, then that use or disclosure would contravene the NPPs. Similarly, an organisation’s failure to provide proper security for the genetic information it handles would be subject to the complaint and enforcement mechanisms available under the Act.

40.2 In response to Question 8-2 of the Issues Paper, it is submitted that the public’s access to mail-order genetic testing by Australian companies cannot be effectively and comprehensively regulated so that testing would be conducted only on the request of a medical practitioner and by an accredited laboratory. In short, it is too late to attempt prescription of that nature, which may also be regarded by some as unduly limiting consumer choice.

40.3 If the sale of mail-order genetic tests and ‘DIY’ test kits by Australian companies continues, there should be widespread and comprehensive consumer education policies devised. There are valuable lessons to be learned from the lawful sale of potentially harmful commodities, such as tobacco and prescription drugs. Consideration may even be given to legislating, as a public health measure, for the provision at the point of sale of appropriate information about the tests and the implications of the results obtained. Such consumer education would have the added benefit of ensuring the informed consent of the individual, an important element of information privacy principles.

40.4 There are, however, gaps in the regulatory framework. Overseas commercial enterprises providing mail-order or Internet genetic testing are not amenable to the enforcement provisions of the Act for breaches of privacy involving genetic information. Resolution of these problems is likely to require international cooperation between jurisdictions.

40.5 I am also concerned about the problems involved in a person’s obtaining genetic information about an individual for the wrong reasons without the individual’s knowledge or consent, whether by mail-order or through DIY testing. This issue raises, among others, proof of bona fides, proof of the identity of the person requesting the test and possible criminal sanctions for the unlawful use of genetic information without the knowledge and consent of the individual. The Act provides general protection in many of these circumstances but developments in this area should be monitored closely. The closer examination of these issues may fall properly within the auspices of the AHGAC and within the ambit of the two-year review of the Act.

Health Administration

Genetic Screening Programs and Privacy

41.1 As regards the various screening programs referred to in the Issues Paper (at pp. 258-265), the fundamental principles of information-handling and privacy protection will generally apply. Despite the economies of scale and the beneficial results that can be obtained from population screening programs, nonetheless, the informed and voluntary participation of individuals in these programs is critical.

41.2 This Office takes the view that, for the purposes of genetic screening programs, as presently understood, the Act provides a robust and flexible framework for genetic privacy. Consent remains the cornerstone of privacy protection. The Office has provided guidance on the requirements of consent through the publication of Guidelines on Privacy in the Private Health Sector (OFPC, 2001b).Where the consent of many individuals, whose genetic and other health information has been obtained from screening processes, cannot practicably be obtained for the purposes of , for example, epidemiological research, the researchers will need to bring themselves within the appropriate Privacy Principles in the Act and either section 95 or section 95A of the Act. There are also adequate investigative and enforcement powers within the Act to deter abuses of privacy involving genetic information.

41.3 With the rapid advances in scientific knowledge of genetics and the complexity of the issues involved, the real issue is ensuring that any consents are genuinely informed and genuinely voluntary. There is a need for education and counselling to enable those individuals involved in screening programs to understand the implications of their participation. Consideration could be given by government to the adequate funding of educational and counselling facilities. Within the institutional framework recommended by this submission at para.10, an Australian Human Genetics Advisory Commission (AHGAC) would be well placed to identify and advise upon the need for supporting mechanisms, such as adequate education and counselling, in the conduct of screening programs.

41.4 Innovative and practical privacy solutions to these issues are required which are supportive of the regulatory framework. For that reason, I welcome the adoption of such protective mechanisms as the ‘third party gene broker’ as referred to in para. 9.28 of the Issues Paper (at p.261). Its utility is described more fully by Dr. Leslie Burnett (Burnett, 2000).

Electronic Health Records

42.1 The current proposals for the establishment and development of a National Health Information Network (HealthConnect) would allow health information to be stored and exchanged on-line within a national system (Issues Paper, paras.9.52-9.53 at p.266). This system would have undoubted benefits for the improved delivery of health care to individuals and to the community.

42.2 There are, however, several aspects that require close attention. These include:

• a nationally consistent regulatory scheme is required for the protection of all forms of personal information, whether it is held electronically or otherwise;
• consideration would need to be given to ‘fitting’ the HealthConnect within a National Health Privacy Code so that all health service providers using electronic health records would be subject to its obligations;
• it is necessary to listen carefully to the consumer and to ensure consumer representation in the development and implementation of the HealthConnect;
• the voluntary and informed participation of individuals in the system should be guaranteed;
• the rights of access by individuals to their health records should be respected, as well as providing appropriate levels of security against unauthorised entry to HealthConnect.

42.3 The Office has been engaged with the Department of Health and Ageing in developing appropriate privacy protections for HealthConnect. This process is a welcome opportunity to collaborate with government, the health sector and the community to improve the privacy of health information.

Employment and Workplace Issues

43.1 In para. 16 of this submission, the need for appropriate privacy protection for employee records was identified and the issues around the form of the exemption, which the Act currently allows, are also canvassed.

Insurance

44.1 The insurance industry has a significant role to play in the lives of individuals and in the conduct of business enterprises. As in the case of employment and workplace issues, the field of insurance involves powerful economic incentives to obtain health information. That information is relevant to the assessment of risk, which is basic to the insurance industry.

44.2 Insurance concepts and existing regulation of the industry are summarised in Chapter 11 of the Issues Paper. Reference (at pp.326-331 of the Issues Paper) is also made to insurance, privacy considerations in the context of genetic information and to the private sector amendments to the Act.

44.3 As previously argued in this submission, the privacy protection framework for personal information across the private sector, including the insurance industry, is fundamentally sound. Insurance is now covered by the private sector amendments to the Act, unless some entities within the industry can bring themselves within the small business exemption. For the most part, however, insurance agents and brokers will be either traders in personal information or related bodies in the terms of section 6D of the Act and hence will be subject to the Act.

44.4 Since a contract of insurance is one requiring complete disclosure by an applicant for insurance of all relevant health factors, applicants who hold relevant genetic information about them as a result of an earlier test will be required to disclose that information to insurers. As to the more vexed question of insurers requiring applicants to take genetic tests, I support the approach taken by the Investment and Financial Services Association (IFSA) in their policy on the use of genetic testing and information in the life insurance industry (para.11.182 of the Issues Paper at p.356).

A General Approach to Employment and Insurance Issues

45.1 If the ‘learning framework’ is established by the responsive institutional structure, as recommended in para.10.3 of this submission, it would be in a position to monitor and advise on the particular privacy issues which arise in the workplace and in the insurance industry with respect to genetic information. This process would be able to take account of:

• the scientific and medical advances in genetics and their application in the workplace and in the insurance industry;
• input from representative employer and insurance bodies as to their special needs; and
• the concerns of employees and consumers alike as to the uses proposed for their genetic information.

45.2 This approach is predicated on the existence of a robust and flexible regulatory scheme of privacy protection capable of comprehensive application, which the Act provides. Recommendations for amendments to the Act have been proposed by this submission which will enhance privacy protection in these areas.

45.3 There remains a further issue which has been raised at para. 19.8 of this submission. It relates to the importance of allowing individuals a real choice in making decisions about the handling of their personal information. In para.4 of the IFSA Policy on Genetic Testing (at p.356 of the Issues Paper), IFSA, the peak body representing life insurers, has recognised the critical difference between an insurance applicant’s voluntary consent and their agreement to a gene test for insurance cover at a lower than standard rate. The latter, the Policy acknowledges, involves a form of indirect coercion. As it stands, the IFSA policy would appear to be sufficient, unless an insurer ‘breaks ranks’ and makes insurance conditional upon further genetic testing.

45.4 In this regard, I am concerned at the growing practice, engaged in by commercial enterprises at the point of sale, of ‘bundling consents’ to a range of uses and disclosures of a purchaser’s information. In such circumstances, the consent of the individual purchaser often lacks the essential ingredient of voluntariness, since the provision of a service or commodity is often made conditional on the individual’s giving the ‘bundled consents’. In effect, the individual is deprived of any real choice. With the power of genetic information, the privacy implications of these practices within specific industries, such as financial services or within the workplace, are serious.

45.5 Since employers and retailers of goods and service often enjoy a strong position as against employees and consumers, proper privacy protection will be weakened if concepts of ‘choice’, ‘voluntariness’ and ‘consent’ are debased by such practices. The right to privacy should never become a tradeable commodity.

45.6 The success of current policies, including the IFSA policy, requires close surveillance. If these policies begin to fail, stronger measures, including legislation, will have to be considered. Responsibility for the maintenance of a ‘watching brief’ to monitor the spread of unacceptable practices, especially those involving human genetic information, should fall upon the relevant regulators, including this Office, the peak industry bodies and consumer bodies, as well as the proposed AHGAC. With specific reference to the Act and the new private sector provisions, the review of the Act in 2003 will provide the opportune time to consider the adequacy of the amendments in this context.

Law Enforcement

Balancing Interests in the right debate

46.1 Individual freedom and privacy are important facets of modern Australian life, as is protecting the community through effective law enforcement. An appropriate balance must be struck to ensure that the benefits of these differing public interests are maintained and promoted.

46.2 People want to be protected and to have their property protected. People also want their privacy, and their choices around their privacy, respected. This is not an easy challenge to meet, nor an easy balance to find, as outlined at the Australian Institute of Criminology (AIC) conference in 2001, in the paper Preserving Privacy in a Rapidly Changing Environment (OFPC, 2001c).

46.3 The intent in protecting privacy, and in this instance genetic privacy, is neither to unduly inhibit current law enforcement, nor to prevent law enforcement bodies from gaining benefit when new opportunities and technological developments arise. There is a clear need, however, to ensure an adequate level of assurance for Australian citizens that law enforcement functions operate as Parliament intended, and that they do not intrude upon individual privacy or other human interests any more than is absolutely necessary.

46.4 These issues are as significant in relation to forensic DNA testing as they are for other law enforcement initiatives. In the context of DNA testing, however, it is vital to a draw attention to a distinction often missed, but fundamental to the debate. DNA testing can occur with two intentions in mind, either simply as means of identifying an individual with respect to a crime or crime scene, or to inquire after more detailed genetic data about that person. In the former instance, no more information is sought about the person than would be the case if taking a fingerprint; the latter case intends to uncover data about a person’s genetic makeup. As it stands, it is the former, identification function that law enforcement agencies cite as the intention behind forensic DNA testing as currently practised.

46.5 The upshot of this distinction is significant for privacy. The discrete issues relating to identity-focused DNA testing revolve around a couple of special concerns, namely the collection of samples (for instance, from whom, by whom, when and how), and then the retention of those samples (for example, how securely, for how long and for what purposes). Beyond these matters, the issues arising from forensic DNA testing are little different from those linked to other law enforcement procedures. All require close consideration of the reliability of evidence, the security and integrity of data, the necessary checks and balances around authority to use and disclose the data, necessary transparency, and adequate independent mechanisms for complaint-handling, audit and investigation.

46.6 In this context, forensic DNA testing, when issues of collection and data retention are adequately resolved, is not prima facie a particularly special case. Things become more complicated, however, if the testing leads to the search for, or discovery of, other information about the person inferred from more detailed genetic analysis. At this point, however, the submission concentrates on the case of forensic testing solely as a means of law enforcement agencies identifying individuals. Yet, with regard to DNA testing of this type, the need to ensure appropriate privacy protection is well recognised. Police have expressed strong concern for the assurance of necessary safeguards surrounding the collection of their own DNA and have every right to do so (Wilkinson, 2002; Jackman, 2002). It goes without saying that the community needs to get these safeguards right for all concerned, be they police, suspect or convicted criminal.

Collection, Retention and Destruction of DNA Data – National Regulatory Consistency and the Model Forensic Procedures Bill

47.1 As noted above, the collection and retention/destruction of data appear to be the key matters for consideration in regard to privacy and identity-based DNA testing. The Issues Paper, for instance, raises concerns about the breadth of discretion available to law enforcement bodies when contemplating an approach to a suspect for consent to collect a forensic sample, or similarly when considering using powers to take a sample without consent. There are also jurisdictional variations with regard to the collection of DNA samples. Consequently, there maybe such discretion for individual law enforcement officers so as to lead too often, to an inappropriate balance being struck between relevant public and private interests. This coupled with further differences between States, Territories and the Commonwealth in the rules governing collection of DNA samples can lead to a greater diminution of individuals’ privacy.

47.2 Moreover, the relative vagueness or inconsistency in legislative obligations across jurisdictions regarding retention and destruction or de-identification of data (both data relating to a forensic sample and the sample itself) leaves much room for inconsistency in data handling, with significant potential for negative effects on privacy. With regard to data retention, in the context of forensic DNA testing for identification purposes, most significant are the rules for the retention and destruction of the DNA sample itself – as presumably the only data sought in relation to the sample is that needed for identity purposes. Destroying the sample at an appropriate time then prevents its further unwarranted use.

47.3 Both of these issues were addressed in the Model Forensic Criminal Procedures Bill 1999 (the Model Bill), developed by the Standing Committee of Attorneys‑General. This Bill was developed on the premise that it would be uniformly enacted by all States and Territories, as well as the Commonwealth Government. In a submission to the Senate Legal and Constitutional Legislation Committee’s Inquiry into the subsequent Crimes Amendment (Forensic Procedures) Bill 2000, this Office stated that unless ‘the Model Bill (was) adopted uniformly, the arrangements for the DNA system as a whole would allow an agency in one State to obtain information collected in another jurisdiction in circumstances that would not be allowed in its own State. This would be a diminution of the rights of the citizens of that State as established under that State’s laws.’(OFPC, 2000d)

47.4 Yet, such uniform consistency has demonstrably failed to be enacted. In its absence different jurisdictions have developed, for instance, differing numbers and categories of indexes for forensic samples matching. There are now some 56 different indexes for forensic DNA samples across the Commonwealth, State and Territory jurisdictions, leading to over 3100 possible different types of index matching. Given the many variations in the permitted types of matching that can occur, there are instances (as predicted) where one type of matching is lawful in one jurisdiction, but unlawful in another.

47.5 At least 33% of current index matches are not permitted under law, with a further 8% unresolved as to legal status and 6% permitted only in limited circumstances. As noted in the Issues Paper (at p. 391-92), the problems around national uniformity were identified by the Senate Legal and Constitutional Legislation Committee as ‘the most contentious aspect’ in the context of considering the proposed forensic procedures legislation.

47.6 Without moves to ensure national consistency, the risks to citizens’ rights, as foreshadowed over 18 months ago, become ever more apparent. It remains my view that the Model Bill, as originally intended in offering a national framework for DNA testing for law enforcement-related identity purposes, offers an adequate, minimum standard for the protection of such data in Australia. Consistent enactment of the Model Bill’s provisions across all participating jurisdictions would resolve matters of legislative inconsistency and vagueness, thereby lending assurance to the community that forensic DNA testing occurs with adequate reference to individuals’ privacy and other private interests.

National, Comprehensive and Independent Oversight

48.1 There is a need to ensure a proper, external oversight of the national DNA database. This is likely to be required whenever a powerful new law enforcement system is introduced. The potential of the new arrangements to collect and retain samples containing genetic information simply reinforces the need to ensure that the oversight arrangements are simple and effective. Indeed, continued public acceptance of the database surely rests on guarantees of accountability, and assurances that the database will be effectively and securely managed – with such management open to independent, third party scrutiny. Such oversight (involving regular monitoring, auditing and reporting by independent authorities) will provide an effective accountability measure, which in turn can prevent, detect or rectify systemic non‑compliance with database regulations.

48.2 This approach is not new to law enforcement. Part VIII of the Telecommunications (Interception) Act 1979 provides for the Commonwealth Ombudsman to inspect the records of federal police at least twice a year to ensure compliance with legislative requirements for the retention and destruction of interception records. The similarities in privacy intrusiveness between the investigative tools for telecommunications interception and the taking of forensic DNA samples, indicates that as independent oversight operates successfully for the former, it is surely similarly appropriate for the latter.

An approach to Consistent and Effective Complaint Handling, Audit and Investigation

49.1 There are risks in any multi-faceted system involving many agencies, regulators and jurisdictions for accountability processes to become piecemeal and ineffective, not providing the individual with a clear understanding of how complaints, audits and investigations are handled and by whom. It is inevitable, for instance, that a complaint will arise from a series of events that occur across more than one jurisdiction; this will quickly test the efficacy of the system.

49.2 In the context of a national DNA database, there is a need for all relevant agencies and their investigation bodies to cooperate to ensure effective complaint handling, and coordinated, effective audit and investigation processes. The system, overall, needs to rest upon adequate accountability and transparency.

49.3 These issues were clearly recognised by Senator Ellison (Federal Minister for Justice and Customs) in his speech to Parliament in March 2001, during the debate on the Commonwealth forensic procedures legislation. The Minister highlighted that ‘adequate and independent monitoring of a national DNA database system is critical if we are to have an effective system that ensures that any problems are quickly identified and remedied.’ (Ellison, 2001)

49.4 In the delivery of such accountability, the Minister made clear ‘it is vital that we have arrangements that ensure that the oversight function is like the system itself: interconnected and properly coordinated. These arrangements must also ensure that complaints can be investigated easily without jurisdictional barriers becoming a problem. By encouraging compliance and avoiding problems later these measures will also play a role in improving the effectiveness and efficient use of the system by law enforcement agencies.’(ibid.) A copy of the Minister’s speech is Attachment ‘A’ to this submission.

49.5 It is essential to achieve a cooperative approach on these issues. It remains possible, through collaboration between Commonwealth and State/Territory Ombudsmen, Police Authorities and the Privacy Commissioner, to settle on an approach to oversight that coordinates complaint handling, and ensures effective powers and processes for audits and ‘own motion investigations’. This can provide the necessary, free and confidential mechanism that will give the public confidence that complaints are investigated appropriately, that the database is adequately audited and that necessary investigation is undertaken.

49.6 The respective Ombudsmen, Privacy Commissioners and Attorneys‑General/Ministers for Justice must continue to work together to get this national oversight system right. It is critical, however, that the work is seen through to resolution, and that such a system is delivered. Progress to date has been very slow and it needs to be accelerated. It was, therefore, pleasing and very important that in the passage of the Commonwealth forensic procedures Bill, provision was included to ensure that the operation of the national DNA database would remain under Parliamentary review not only for the initial 12 months of operation, but for a further period of two years, in the event of the initial review finding inadequacies in its operation. However, we are well into the initial period and much work is still to be done to ensure adequate accountability for the national DNA database. There is a risk that even an extensive, two year period of monitoring may be insufficient at this rate of progress.

Future Uses for Forensic DNA Data

50.1 As technologies develop, so do the opportunities for more innovative and effective, and potentially intrusive, means of using genetic data in law enforcement, as in other areas. As discussed in the paper given at the 2001 AIC conference (OFPC, 2001c), before seizing the opportunities we must take stock and measure them against the risks, seeking to move forward with a balanced response.

50.2 There are two forms of development that may lead to ‘function creep’ in respect of existing law enforcement mechanisms or public policy in this area, and which can then present new challenges to privacy. Firstly, there are advances in comprehending what is already being done. What, currently, is regarded as ‘junk DNA’ (supposedly offering nothing beyond markers that can help to identify an individual), may be discovered to hold far more detailed information (Concar, 2001). If this occurs, what happens to this potential data will need to be reviewed, since it is collected (though previously unwittingly) through a law enforcement process. Alternatively, consideration may need to be given to what happens to the process itself to ensure such data is not gathered. Consideration should be given to the responses to new tests, which, from the outset, will purport to be genetic tests intended to form a part of the law enforcement armoury.

50.3 In considering new developments, there are a number of questions to be asked and assurances sought. Will the technological solution achieve what is wanted, and in relation to the people for whom it is intended? Does the solution involve unintended discrimination? The efficacy of the proposed solution should be assessed and others’ experiences with similar developments sought; or if it is a wholly new initiative, careful testing must be conducted. We as a community should engage in public debate. We must seek to ensure proportionality: that is, balancing the degree of intrusion of the new tool with the nature and impact of the activity that is being prevented or investigated.

50.4 If the decision is to proceed to adopt and use the new technology, there are still things to do to maintain parity between law enforcement and individual freedoms. Any new intrusive powers for law enforcement bodies should be conferred expressly through law; which also expressly and objectively states the grounds upon which the intrusive power may be exercised.

50.5 Also necessary are clear measures of transparency and accountability, involving reporting to the community on the use of the powers, transparent and independent complaints-handling systems and independent monitoring, auditing and investigation in relation to the operation of the powers to determine their need for modification or removal.

50.6 Significant changes to, and especially the weakening of, the regulation of law enforcement initiatives, such as the national DNA database, must be carefully contemplated. As with the uptake in technological developments, the impact upon privacy protection must be considered. People are well to be wary of ‘function creep’ through incremental change to the rules; such as a move from collecting DNA for the purpose of identity to collecting it because it offers (or may do so at some later date) greater genetic insight into those involved in criminal investigations and activities. Instead, we should consider significant changes to the use of genetic and other personal information consciously, openly and transparently.

50.7 Institutions have a responsibility to identify changes to policy intent, and to review the balance point between society’s interests in law enforcement and our interests in privacy and other freedoms. Such changes in policy should involve changes to legislation and regulation. Before starting down this path, the debate about change must be public. These are issues of such moment that they require public debate led by policy-makers and law-makers alike. The community needs to know what it stands to lose and what it stands to gain. Only then can we, as individuals and as a society, make a free and informed choice about how we are to proceed.

SECTION FIVE

Recommendations

For the reasons advanced in this submission and, in particular, to meet the challenges we face in ensuring adequate protection for the privacy of human genetic information, it is recommended that:

1. The Commonwealth Government give consideration to the establishment of a standing Australian Human Genetics Advisory Commission (AHGAC) as an independent statutory advisory body, with a multi-disciplinary membership and functions along the lines of those suggested by the Issues Paper at paras. 2.152 – 2.154.
   
   
2. The AGHAC consult with, and have input from, the Australian Health Ministers Council on a nationally consistent approach to the privacy protection of genetic information across the public and private sector in order to ensure it is appropriate and consistent.
   
   
3. The Privacy Act 1988 (the Act) stand as the basis for a nationally consistent and flexible regulatory scheme for the protection of all forms of health information, including human genetic information. Any additional legislative protections for the privacy of human genetic information are to be effected by amendments to the Act.
   
   
4. The definition of ‘health information’ in section 6 of the Act be amended to include genetic information about an individual in a form which is or could be predictive of the health (at any time) of the individual or any of his or her genetic relatives.
   
   
5. In so far as they apply to all forms of health information, the exemptions from coverage under the Act, which are presently afforded to employee records and to small business operators, be removed.
   
   
6. (i) An organisation or an agency be allowed to disclose the genetic information of an individual (where such disclosure would otherwise be permitted under the Act) to a blood relative of the individual, where that disclosure could reasonably be expected to prevent or lessen a serious threat to the relative’s life, health or safety.
   
   (ii) Consideration be given to amending National Privacy Principle 2.1(e) and Information Privacy Principle 11.1(c), so as to give effect to Recommendation 6(i), and making such disclosures of genetic information to a relative subject to Guidelines about the circumstances in which a disclosure may be permitted and the factors to be taken into account by an organisation or an agency when contemplating such a disclosure.
   
   (iii) Consideration be given to amending the Act to provide for the issuing of Guidelines, as referred to in Recommendation 6(ii), by an appropriate authority and subject to the approval by the Privacy Commissioner.
   
   
7. The review of the Act, which is to be conducted in 2003, be adopted as the mechanism by which consideration can be given to any legislative changes, additional to those recommended here, which are needed to further protect the privacy of human genetic information.
   
   
8. In order to adequately safeguard the privacy of genetic information used for medical research, the system for HREC approval of research projects be strengthened by:
   1. legislating to require that all research bodies that undertake research involving human beings establish HRECs for the approval of their research protocols;
   2. legislating to require the registration of all HRECs with the NHMRC to enable the Council to oversee adherence to its ethical standards;
   3. the provision of adequate resources and support to all HRECs to enable their members properly to discharge their duties.
9. Proposed national law enforcement mechanisms involving the collection, use or disclosure of material that actually (or potentially) contains genetic information be subject to close scrutiny, both in relation to their design and more particularly their systems of transparency and accountability.
10. Proposed national law enforcement mechanisms involving the collection, use or disclosure of material that actually (or potentially) contains genetic information be subject to external review every five years to determine whether an extension of their functions (or 'function creep') has occurred or is about to occur.
11. The transparency and accountability arrangements for CrimTrac be resolved quickly and clearly within the review period set out in section 23YV of the Crimes Act 1914.

List of References

Burnett, L. (2000, 15 May). Genetics broker – the simple solution to the DNA debate. Sydney Morning Herald. [On-line] Available: www.smh.com.au/news/ooo5/15/features/features12.html

Commoner, B. (2002, 1 March). Unravelling the DNA Myth. Australian Financial Review. [On-line] Available: http://afr.com/premium/review/2002/03/01/FFXTE4NF7YC.html

Commonwealth Attorney-General (2000a). Revised Explanatory Memorandum to the Privacy Amendment(Private Sector) Bill 2000. [On-line]. Available: http://scaleplus.law.gov.au/

Commonwealth Attorney-General (2000b). Fact Sheet: Employee Records. Commonwealth Attorney-General’s Department. [On-line]. Available: http://www.law.gov.au/privacy/newfacts/employeerecords.htm

David Concar, 2001, ‘Fingerprint fear’ New Scientist, 2 May 2001. (www.newscientist.com/news/news.jsp?id=ns9999694

Doherty, P. (2001). The Map of Life. ABC Radio National: Background Briefing.(19 August 2001). [On-line] Available : www.abc.net.au/rn/talks/bbing

Ellison, C. (2001, 5 March). Hansard Report of Senate Proceedings. [On-line]. Available: http://search.aph.gov.au/search/ParlInfo.ASP?action=view&item=67&from=browse& path=Chamber/Senate+Hansard/2001/Autumn/5+March+2001&items=148

Fray, P. (2002, 6 March). The gene genie. Sydney Morning Herald. p.12.

House of Lords (2001). Human Genetic Databases: Challenges and Opportunities. House of Lords Select Committee on Science and Technology Fourth Report. [On-line] Available: www.parliament.the-stationeryoffice. co.uk/pa/ld200001/ldselect/ldsctech/57/5702.htm

House of Representatives (2000). Advisory Report of the House of Representatives Standing Committee on Legal and Constitutional Affairs on the Privacy Amendment (Private Sector) Bill 2000. [On-line]. Available: www.aph.gov.au/house/committee/laca/Privacybill/contents.htm

Human Genetics Commission. (2001). Public attitudes to human genetic information

[On-line] Available: www.hgc.gov.uk/business_publications_morigeneticattitudes.pdf

Hreinsson, P. (2001) The Icelandic Health Sector Database. Paper delivered at 23^rd International Conference of Data Protection Commissioners. Paris, 24-26 September 2001.

IPHRG (2000) Iceland Psychiatric Human Rights Group Needs Your Help[On-line] Available: www.oikos.org/iceland.htm

Jackman, C. (2002, 24 February). Police fears on push for DNA bank. Herald Sun. [On-line]. Available: http://heraldsun.news.com.au/common/story_page/0,5478,3832296%255E662,00.htm l

Kirby, M. (1998) Human Genome and Human Rights. Boletin de Informacion. [On-line]. Available: http://www.lawfoundation.net.au/resources/kirby/papers/19980630_genomebol.html

­­­________(1999). Human Genome Project – Legal Issues . Paper presented to the Australian Lawyer’s Conference. Hanoi, 10-12 July. [On-line] Available: http://www.lawfoundation.net.au/resources/kirby/papers/19990710_humang.html

Lowrance, W. (2001) The promise of human genetic databases. British Medical Journal, 322. pp.1009-1010.

NHMRC (1999) National Statement on Ethical Conduct in Research Involving Humans.[On-line]. Available: http://www.health.gov.au/nhmrc/publications/humans/contents.htm

OECD. (1998a) Ministerial Declaration on the Protection of Privacy on Global Networks (Ottawa, Oct. 1998). OECD: Paris.

______(1998b). Guidelines for Consumer Protection in the Context of Electronic Commerce. OECD: Paris.

OFPC. (1996).The Privacy implications of genetic testing. [On-line] Available: http://gov.au/publications/HRC_PRIVACY_PUBLICATION.word_file.p6_4_72.44.doc

OFPC. (1998) Submission 40 to the Senate Legal and Constitutional Committee Inquiry into the provisions of the Genetic Privacy and Non-Discrimination Bill 1998. (Commissioner: Ms. M. Scollay). HREOC: Sydney.

OFPC. (1999a). Issues Paper: Application of the National Principles for the Fair Handling of Personal Information to Personal Health Information (Commissioner: Mr. M. Crompton). [On-line] Available: http://gov.au/publications/isspaper.pdf.

______(1999b). Privacy Commissioner’s Report on the Application of the National Principles for the Fair Handling of Personal Information to Personal Health Information (Commissioner: Mr. M. Crompton). [On-line] Available: http://www.privacy.gov.au/publications/isspaper.pdf.#21.3

­­______(2000a). Submission from the Federal Privacy Commissioner to the House of Representatives Standing Committee on Legal and Constitutional Affairs Inquiry into the Privacy Amendment (Private Sector) Bill 2000 (Commissioner: Mr. M. Crompton). [On-line] Available: http://www.privacy.gov.au/publications/hor.doc

­­­­­­­­­­­______(2000b). Submission from the Federal Privacy Commissioner to the Senate Legal and Constitutional Legislation Committee Inquiry into the Privacy Amendment (Private Sector) Bill 2000. (Commissioner: Mr. Malcolm Crompton). [On-line] Available: http://www.privacy.gov.au/publications/subbill.doc

______(2000c) Which Rules? Integrating different tools in a global perspective. Paper delivered at 22^nd International Conference on Privacy and Personal Data Protection. Venice, September 2000. (Commissioner: Mr. Malcolm Crompton). [On-line] Available: http://www.privacy.gov.au/news/speeches/sp13.html

______(2000d) Submission from the Federal Privacy Commissioner to the Senate Legal and Constitutional Legislation Committee Inquiry into the Crimes(Forensic Procedures) Bill 2000, (Commissioner; Mr. M. Crompton). [On-line]. Available: http://www.privacy.gov.au/publications/cab.doc

______(2001a) Privacy and the Community. [On-line].Available: http://www.privacy.gov.au/publications/rcommunity.html#4.26

______(2001b) Guidelines on Privacy in the Private Health Sector. [On-line]. Available: http://www.privacy.gov.au/publications/hg_01.html

______(2001c) Preserving Privacy in a Rapidly Changing Environment . Paper delivered to the Fourth National Outlook Symposium on Crime in Australia: New Crimes or New Responses convened by the Australian Institute of Criminology held in Canberra 21 June 2001. (Commissioner: Mr. Malcolm Crompton). [On-line]. Available: http://www.privacy.gov.au/news/speeches/sp34note.doc

­­­______(2001d) What is privacy? Paper delivered at the Privacy and Security in the Information Age Conference, Melbourne, 16-17 August 2001. (Commissioner: Mr. M. Crompton). [On-line]. Available: http://www.privacy.gov.au/news/speeches/sp51note1.html

______(2001e). Temporary Public Interest Determination No. 2001-1. [On-line]. Available:http://www.privacy.gov.au/act/public_interest/index.html#2

Philliposki, K. (1999). Iceland’s Genetic Jackpot. [On-line]. Available: http://www.wired.com/news/technology/0,12823290400.html

Smith, D. (2002, 15 February). Lawmakers close in on gene information thieves. Sydney Morning Herald. p.1.

UNESCO (1997). Universal Declaration on the Human Genome and Human Rights. [Online] Available: http://www1.umn.edu/humanrts/instree/Udhrhg.htm

Wilkinson, G. (2002, 1 March) Police to fight DNA bid. Herald Sun. [On-line]. Available: http://www.heraldsun.news.com.au/common/story_page/0,5478,3865050%255E2862, 00.html

World Health Organisation (2001) Statement of the WHO Expert Consultation on New Developments in Human Genetics. WHO: Geneva.

World Medical Association (2000) Ethical Principles for Medical Research Involving Human Subjects. [On-line]. Available: http://www.wma.net/e/policy/17-c_e.html

 

ATTACHMENT ‘A’

Senator ELLISON (Western Australia--Minister for Justice and Customs) (6.15 p.m.) I thank senators for their careful consideration of this bill and for their valuable contributions. I note Senator Cooney's comments in relation to the safeguards that are needed in legislation like this, and I note that Senator Coonan, in chairing the Scrutiny of Bills Committee, has really looked out for these sorts of things on behalf of the Senate for some time now.

The Crimes Amendment (Forensic Procedures) Bill 2000 [2001] builds on existing forensic procedures provisions in the Crimes Act and contains important measures to ensure police enforcing our federal criminal offences can use the latest technologies to solve crime. So we already have provisions dealing with matters of a forensic nature. This bill was introduced into the Senate on 30 August 2000 and was considered by the Senate Legal and Constitutional Legislation Committee. That committee reported on the bill on 5 December last year, and it recommended that the Senate pass the bill subject to four recommendations. The government has prepared some amendments to address the committee's recommendations. I might mention the amendments because they are perhaps the most important of the amendments proposed by the government. There are a good many amendments proposed by the government which are technical and deal with drafting and going some way to improving the bill, but the amendments I will mention deal with the recommendations of the legal and constitutional committee.

Amendments (10) and (11) proposed by the government involve the adoption of the committee's recommendations 1 and 2, and the government accepts these recommendations. Government amendment (11) states that proposed subsection 23XWV(3) should be made consistent with proposed subsection 23XWV(2). Government amendment (11) achieves this by inserting the words `taken or information' in subsection (3). Government amendment (10) provides that constables must expressly inform volunteers that they have a choice as to which database index their DNA profile may be stored on. That accommodates the other recommendation proposed by the Senate committee.

The committee's third recommendation concerns the lack of uniformity across the jurisdictions regarding forensic procedures legislation. The committee specifically noted that the Commonwealth parliament has limited scope to influence the legislative packages enacted in the states and territories. My predecessor, Senator Vanstone, made considerable efforts in her participation in the Standing Committee of Attorneys-General to ensure consistent legislation. The role of the Model Criminal Code Officers Committee has also been important in this process. These efforts have resulted in much greater consistency than could ordinarily be expected. Anyone familiar with the divergence of laws in Australia's federal criminal justice system would recognise this. The government will not, however, rest on these achievements and remains committed to consistent legislation in this area.

I will continue to pursue consistent legislation at the level of the Standing Committee of Attorneys-General. This recommendation was not one which could be incorporated readily in a provision of this bill, but I make that statement to indicate that the government agrees fully with the sentiments of that recommendation of the Senate Legal and Constitutional Legislation Committee. I think the committee expected that this is as much as we could do, because one could not just insert a provision in the bill to deal with that.

In relation to the committee's fourth recommendation, I have engaged in discussions with the federal Privacy Commissioner and the Commonwealth Ombudsman in developing a response. Some serious issues have been raised in relation to the oversight of the national DNA database system. In addition to extending the legislation to include the Privacy Commission and the statutory review of Commonwealth forensic procedures, I have written to state and territory ministers with a view to getting agreement on cooperation between Commonwealth, state and territory bodies to ensure there is effective oversight of not only the operation of a DNA system within each jurisdiction but also the overall operation of the national system. This is best achieved by including formal independent monitoring mechanisms in the CrimTrac agreement with the states and territories so that the total scheme is properly audited and monitored. I am making these statements because I did undertake with the federal Privacy Commissioner that I would make these statements in reply in this debate. Of course, matters will no doubt be taken further during the committee stage.

I might also mention that I expect to discuss oversight arrangements at the next meeting of the Australian Police Ministers Council in June. While recognising that CrimTrac is conscious of accountability issues and is constructive in the development of appropriate procedures, adequate and independent monitoring of a national DNA database system is critical if we are to have an effective system that ensures that any problems are quickly identified and remedied. The best way to do this is to ensure that there is adequate independent monitoring in each jurisdiction, and across the jurisdictions, which can, in turn, properly investigate complaints and pool information and better practices to safeguard information and ensure that DNA material is collected and matched in accordance with procedures. This is extremely important and must be addressed.

The procedures in this legislation and the legislation of the states and territories are to be put in place to prevent an undue impact on the lives of individuals who provide DNA for the system and to ensure that information obtained from it is used only for the purposes for which it is collected. It is therefore very important that we take steps to ensure that there is adequate independent oversight of compliance with agreed procedures. In view of the interjurisdictional nature of the scheme it is vital that we have arrangements that ensure that the oversight function is like the system itself: interconnected and properly coordinated. These arrangements must also ensure that complaints can be investigated easily without jurisdictional barriers becoming a problem. By encouraging compliance and avoiding problems later these measures will also play a role in improving the effectiveness and efficient use of the system by law enforcement agencies.

I consider these issues can be addressed within the 12-month period before the proposed review, but in order to ensure that there is adequate follow-up on this issue it is proposed that the legislation be amended to provide for a further review within two years of that date if the review report indicates there are still deficiencies. This will cover the situation if there has been less progress than expected. So we have the review in 12 months and, if that reveals that there has not been the progress that was desired, then a further review is possible within two years of that date. Let me make it clear: there is not just the one-off review; there is a facility for further review if matters have not progressed satisfactorily. Similar arrangements would also appear to be useful in relation to other elements of the CrimTrac system. I will also be taking up the broader application of the proposed monetary and accountability mechanisms with state and territory ministers.

I now come to recommendation No. 4. The legislative changes proposed in relation to this recommendation are: firstly, to include the Privacy Commissioner on the independent review team; secondly, to ensure the independent review considers the effectiveness of the independent oversight and accountability mechanisms for the DNA database system; thirdly, to defer the review until 12 months after the commencement of these new provisions--this will enable the review to assess the procedures in light of an operational DNA database; and to assess progress in developing the accountability mechanisms. With this deferral we will able to see how these provisions are operating in the meanwhile. There is a provision for a review due now but the government is of the view that this, perhaps, would not be worth while and wishes to defer it for 12 months and then have the review in the fashion mentioned.

The final response is to cause the minister to ensure a further review is undertaken if the initial written report tabled identifies any inadequacies with the matters considered in the initial review--that is the review within two years after that first review that I mentioned. Proposed government amendment No. 27 deals with these matters. Proposed government amendment No. 24 merely adds the Commonwealth Ombudsman and joins the Privacy Commissioner as a person to whom database information can be disclosed without that disclosure constituting an offence. This amendment recognises the own motion investigation powers of the Ombudsman and will improve independent oversight of the legislation.

I mentioned that there were some other minor amendments put forward by the government. These are technical amendments contained in the proposals put forward by the government, all of which will improve the bill. I will not describe each of them individually. Suffice to say that they are government amendments Nos 1 to 9 inclusive, government amendments Nos 12 to 19 inclusive, and government amendments Nos 21 and 22. I direct those senators following the debate to those government amendments as being ones which are essentially technical in nature.

These amendments are required to ensure a neat fit between the existing forensic procedure provisions and those contained in the bill. For example, incorrect cross-references are corrected, section headings altered, protections and safeguards accorded to suspects are extended to offenders and volunteers, and the database index definitions refined to ensure references to a corresponding law of a jurisdiction are not inadvertently qualified by the defined terms within a meaning unique to the Commonwealth.

I have gone on at some length here because it was important that I place on record the reasons for these amendments and, also, the results of my discussions with the Commonwealth Ombudsman and the federal Privacy Commissioner. I know that the Democrats are proposing four amendments. The government will be agreeing to the Democrat amendment No. 1 on sheet 2143. However, we will be opposing the other three amendments. In all other respects I commend the bill to the Senate.

----------------------------------