pdf (31.54 KB)

1. Introduction

1.1 The protection of the individual’s person and their body parts is one of the most fundamental parts of the fabric of civil society imaginable. Without such protection, there is the threat of physical violence and assaults; theft of body parts for medical purposes such as transplant surgery (as already happens in parts of the world); and theft of body samples for genetic purposes, such as the extraction of a rare and valuable genetic mutation. Some parts of this fabric are ages old; other parts are more recent, such as controls over transplantation of human body parts and controls over human experimentation.

1.2 The question of the appropriate protection for body parts in light of the emerging field of human genetics is extraordinarily important; but it also needs to be explored very carefully. When assessing the available options for that protection, the criteria to be applied should include:

1. What protections are already provided by the existing array of laws, prohibitions and voluntary constraints?
2. Are any additional legal protections best provided by writing new law or amending existing laws?
3. If existing laws are to be amended, which laws are the most appropriate to amend?
4. Whether special provision is needed for body parts in terms of their genetic properties compared with their other properties?
5. Which options will be effective and acceptable in today’s society?
6. Given that the complexity of society and the existing laws that protect society will work against unduly complex solutions, is the proposed solution the simplest one, with the lowest impact necessary to achieve the desired outcome?

1.3 The Commissioner’s first Submission to the Joint Inquiry argued that genetic information should be regarded, in terms of privacy protection, as a sub-set of health information[1], which is afforded a higher degree of protection under the Privacy Act 1988 (the Act). That remains fundamental to the Office’s approach. Nonetheless, to ensure the adequate privacy protection of genetic information, the special characteristics of genetic information and their privacy implications were recognised as requiring careful amendments to the Act[2].

1.4 Against the criteria identified in paragraph 1.2, serious thought must be given to whether amending the Privacy Act, as suggested in the Working Paper, is the least complex and most effective means of providing the desired outcomes. The reasons for saying this include:

a) The fact that a range of other laws and mechanisms are already designed to protect body parts more directly.

b) The current philosophy and provisions of the Privacy Act. The Act, as currently written, provides primarily for informational privacy. The audit, investigation, complaints handling and enforcement provisions are all built around this concept. The resourcing for the administration and enforcement of the Privacy Act also reflect this concept.

1.5 Hence, before the Privacy Act could be expected to provide an effective, but different, form of protection, which goes beyond information privacy, the legislation would need fundamental amendment and a major review of resources available to the authorities administering it. Proposals for such fundamental change would also have to be tested against the extent to which they are in conflict with, or duplicate, existing legislative provisions for the protection of the human body and its individual parts.

1.6 A further, but related, question is whether merely amending the definitions in the Privacy Act will be capable of providing effective (or any) protection to the privacy of genetic or bodily samples. It is doubtful whether simply defining a physical sample as a form of information, with the attendant incongruities of that approach, could achieve adequate protection of those samples. In these circumstances, it may be necessary for consideration to be given to a fundamental re-thinking of the Privacy Act in order to accommodate the scope of the changes and their implications. This approach would require input from a wide range of policy-makers, legislators and community representatives. The relevant concepts are discussed in more detail in the Annexure to this Submission.

2. The Adequacy of Existing Protection of Physical Samples

2.1 Large quantities of physical samples, containing much sensitive personal information, including health information for example, an individual’s HIV serostatus, have been, and are currently, in use. These samples have been employed for a range of purposes, including clinical, scientific and commercial applications. The handling of those samples remains subject to a range of voluntary or involuntary constraints.

2.2 Before any solution to the question of the protection of bodily samples is finally proposed, it may well be necessary to resolve the question of whether those existing mechanisms are in any way deficient to protect not only the samples themselves, but the information which can be derived from them.

2.3 On page 8 of the Working Paper is the claim that the individual does not have a privacy right which may be asserted. This is not the case. The question is more accurately and helpfully posed as whether the laboratory has obligations under NPP1 and NPP2 regarding the health information which has been collected from the individual. Furthermore, it is unrealistic to consider the ‘simple example’ in a vacuum. It is not helpful, we suggest, to ignore the ‘professional, regulatory, contractual or other consequences’ which attend the pathologist’s actions and from that premise argue a need to regulate the handling of bodily samples by amendments to the Act. The failure of existing mechanisms, together with necessary corrections to them, would need to demonstrated before those mechanisms are considered inadequate.

2.4 The Working Paper refers to the New South Wales experience where body samples are covered by Section 4(2) of the Privacy and Personal Information Protection Act 1998. It is observed that the coverage of body samples has not led to noticeable legal or policy controversy.’[3] While this may well be the case, there would need to be further research conducted on the ease of implementation and prevalence of complaints relating to this section before definitive conclusions could be reached as to its legislative efficacy. The absence of controversy may, in fact, argue for the adequacy of existing alternative constraints on the handling of physical samples and the protection of information to be derived from those samples.

3. The De-Identification of Genetic Information

3.1 The Working Paper appears to require attention regarding the issues surrounding the de-identification of genetic information. There are concerns relating to the capacity of de-identified information to be re-identified at a later date. In terms of the definition of ‘personal information’ in the Privacy Act, whether the identity of an individual can be reasonably ascertained at a later date will very much depend upon the circumstances of the individual case, for example, the form of the information and the technology available at the time.

3.2 In the field of genetics, scientific knowledge and the applications of that knowledge are continuing to evolve. Much work remains to be done in order to comprehend the social ethical and legal implications of that knowledge. The capacity to both de-identify and re-identify the genetic information of any individual will continue to evolve. It is a concern that legislative measures should be enacted, based on uncertain knowledge and with all the consequences for scientific research, clinical procedures and the free flow of information within society, only to discover that the amending legislation has had unintended consequences, has not been effective or requires further change.

Conclusion

Protection of bodily privacy and in particular protection of body parts, including in the genetics context is a critical pre‑condition for our civil society. As set out here, however, the simple changes floated in the working paper are likely to be ineffective and to disappoint Australians who would expect new laws to be effective. The Privacy Act already comes into play as soon as information, including genetic information, is extracted from a body part, but the protection of body parts up to that point may be better addressed in other law or a significantly more fundamental re-write of the Privacy Act.

ANNEXURE

A. Concepts of ‘Information Privacy’ and ‘Bodily Privacy’

A.1 The concept of ‘information privacy’, as a distinct form of privacy to be distinguished from its near-relations, including ‘bodily privacy’, is well-established. Reference is made to David Banisar’s categorisation:

• Information privacy – involving rules for the handling of personal data
• Bodily privacy – protection of our physical selves against invasive procedures
• Privacy of communications – security and privacy of mail, telephones etc
• Territorial privacy – setting limits on intrusions into domestic and other environments[4].

A.2 This analysis has been re-stated more recently in Canada by Dona Vallières

‘To me privacy has several different dimensions-territorial privacy, bodily privacy, the right to have a private life and informational privacy….

And we can certainly understand bodily privacy, the protection of our bodies against invasions such as drug testing or even more invasive bodily searches…

But, what we don’t often think about is the concept of informational privacy, the idea that we can, and should, control the collection and handling of personal data such as credit information, our personal medical records, and even records of our purchases.’[5]

A.3 Issues around ‘bodily privacy’ have come into recent focus in discussions around enhanced security measures at airports[6].

A.4 If the protection of bodily samples is to be brought within the scope of genetic privacy regulation, then there will be need for conceptual clarity. The alternative is a blurring of the clear distinction that has been established between ‘information privacy’ and ‘bodily privacy’, to the detriment of regulatory efficacy. A brief suggested analysis demonstrates the problem:

• The regulation of ‘information privacy’ could be said to protect private information or data about an individual which is not intended by the individual to made public or over which the individual wishes to retain control.
• The regulation of ‘bodily privacy’ could be said to relate to the preservation of an individual’s physical integrity and is related to legal concepts such as ‘trespass against the person’ or forms of assaults; in the medical arena, consent to invasive procedures is generally required.

This indicates that much further thought needs to be given to whether these apparently incompatible concepts of regulation can exist side by side, with any degree of efficacy, within the same definition or explanatory mechanism.

B. The Ordinary Meaning of ‘Information’

B.1 The distinction between ‘information privacy’ and ‘bodily privacy’ can be clarified by looking at the ordinary meaning of the word ‘information’. The Concise Oxford Dictionary (7^th. Edn.) includes among its definitions ‘thing told, knowledge, news’. The Macquarie Dictionary (2^nd. Edn.) defines ‘information’ as ‘knowledge communicated or received concerning some fact or circumstance; news’.

B.2 While it is possible to regard the source of information as roughly having equivalence with the information from that source, it would be straining the natural or ordinary meaning and sense of the word ‘information’ to broaden its scope to equate it with words such as ‘physical’ or ‘bodily’. If the communication to the public of accessible and readily comprehensible ideas around genetics, its applications and its implications is viewed as critical in policy development in this field, barriers to understanding arising from a lack of conceptual clarity should not be needlessly erected.

C. ‘Personal Information’ and ‘Record’ under the Act

C.1 It is suggested that the sources of genetic information – the bodily samples – could readily be covered by the Act, without confusion or controversy, by amending the relevant definitions in the Act. This Office takes issue with this assertion.

C.2 The categorisation of information covered by the Act has an integrity within a discernable legislative scheme which would not readily accommodate the inclusion of the exceptions necessary to cover physical or genetic samples, without fundamentally re-writing the Act. ‘Personal information’ (Section 6 of the Act) stands as the broadest category of information. ‘Sensitive information’ and ‘health information’ are sub-sets of personal information to which the Act accords higher standards of protection. This Office’s Submission to the Joint Inquiry said:

‘14.4 The virtue of this definitional approach is its simplicity of application. Instead of having a separate piece of legislation, or a separate section of the Act, which applies to health information and/or genetic information, the current scheme allows for consistency of application across all forms of personal information.’[7]

C.3 An attempt to introduce bodily samples containing genetic information into this definitional approach would detract from this simplicity and consistency of application. In the interests of consistency, it may be necessary then to extend the scope of the Act to cover all bodily samples containing health or other sensitive information. Whether it would be possible to reconcile that legislative step with the existing forms of constraint applying to the handling of physical samples containing sensitive information is a question requiring considerable thought. Whether this Office could (or even should) act as the regulator of such a regime or whether sweeping changes to the Act would be required, considerably expanding the roles of the Commissioner, is another vexed question.

C.4 Further support for this approach is to be found by reference to Section 16B of the Act, which, in summary, limits the application of the private sector provisions in the Act to:

1. the collection of personal information only if the information is collected for inclusion in a record or a generally available publication; and
2. personal information that has been collected only if the information is held in a record. (emphasis added)

C.5 When reference is made to the definition of a ‘record’ in Section 6, it is seen to be:

1. a document;
2. a database (however kept); or
3. a photograph or other pictorial representation of a person.

C.6 The Macquarie Dictionary includes among its definitions of ‘record’ that it is ‘information or knowledge preserved in writing or the like’. It is a question of whether the ordinary or natural meaning of these pivotal words can be ‘stretched’ so as to extend to physical samples.

C.7 It is also problematic whether the proposed amendment to the definition of ‘record’ could be limited to bodily samples containing genetic information. Conceivably there would be moves from a number of sectors in the community to extend the scope of the amendment to include within the term ‘record’ a range of physical entities from which personal information could be derived.

C.8 Again, the proposed amendment to this definition in the Act could have implications across the Commonwealth public sector as well as throughout the private sector, potentially affecting a great many number of transactions involving physical entities from which personal information could be derived. If it is sought to limit the scope and application of any amendment to the field of genetics (which is, of course, possible), then strong reasons would need to be found to justify according genetic information obtained in this fashion a privileged position.

C.9 As recommended by this Office, the definition of ‘health information’ should be amended to include ‘genetic information about an individual in a form which is or could be predictive of the health (at any time) of the individual or of any of his or her genetic relatives’.[8]

D. The Characterisation of Information-Handling Acts and Practices

D.1 Generally speaking, the focus of the Act and its Privacy Principles is upon the acts and practices of agencies and organisations when they are handling personal information (see, for example, Sections 7, 7A, 7B, 7C; 8; 13, 13A) . Again, it is a clearly discernible legislative intent, which has its aim a comprehensive regulatory scheme that is as simple and consistent as possible. These attributes would be compromised by seeking to extend coverage of those acts and practices to the handling of physical samples which contain sensitive information.

D.2 Unfortunate and unintended consequences may arise if the legislative emphasis shifts from regulating acts and practices to an emphasis upon the objects or entities which may contain information. For example, if coverage is extended to physical samples, barbers or hairdressers would be obliged to consider the privacy implications of the hair on the floor of their premises. At present, it is the collection use and disclosure of the personal information obtained from that hair which would, without consent, normally involve a breach of the NPPs.

D.3 This distinction is critical. Its genesis may be seen to lie in the early Australian debates around privacy, which focussed on the uses to which a central government would put the Australia Card. (This discourse is removed from the familiar and long-standing debates around the level of security against acts and practices violating one’s physical integrity.) There is a need to properly characterise inappropriate acts and practices as primarily involving privacy issues or as ones primarily involving other categories of the law. Examples of possible confusion would arise in DNA theft or the collection of physical samples for testing to establish or deny paternity. In the first case, as argued in the Office’s first submission, such a theft may constitute a violation of an individual’s bodily privacy, analogous to the offence of assault or to robbery. The characteristic elements of that act or practice are ones which are more properly the subject of the criminal law than privacy legislation[9]. Similarly, attempts to establish or deny paternity through DNA testing are more readily characterised as matters relating to family relationships and may well fall within the scope of the Family Law Act 1975, rather than as acts or practices involving violation of information privacy.