Legislative Assembly for the ACT: 1996 Week 14 Hansard (10 December) . . Page.. 4616 ..
MS TUCKER: Mr Speaker, my question is to Mr Humphries as Attorney-General, and I did give the Minister some notice of this question. An issue of emerging concern is privacy and the protection of government data, particularly with an increasing number of transactions being carried out electronically. As members will be aware, some of the most sensitive records of personal information are kept by State government agencies. The current data protection arrangements in Australia are apparently not particularly adequate, and the ACT is no exception. I understand that the Commonwealth Privacy Act has only limited application to the ACT. In Victoria, a Data Protection Advisory Council is examining data protection regimes around the world with a view to recommending an appropriate legislative regime for data protection and privacy. Would the Minister please inform the Assembly of the current framework for protection of ACT government data, including the application of the Commonwealth Privacy Act to the ACT? Secondly, what plans has the ACT Government to follow the Victorian initiative and come up with a more appropriate legislative framework for ACT government data protection and privacy?
MR HUMPHRIES: I thank Ms Tucker for this question. I had better make it clear that the ACT does not have any privacy legislation. The legislation we use to protect privacy in respect of at least the Government's handling of material and information in the ACT is by direct application of the Commonwealth's Privacy Act. I think you suggested in your question that there were some omissions or weaknesses in that application. The application is quite comprehensive as far as government agencies are concerned and also, I believe, applies to statutory corporations and to semi-government bodies within the ACT. It does not apply, of course, to private sector organisations or holders of information, and I will come back to that in a moment. That is the only area I would describe as a weakness in the general structure of the legislation in the ACT at the present time. As far as other information which is caught by the Commonwealth legislation is concerned, it is true to say that, generally speaking, information is private, whether it is captured in a handwritten or typed form on a file, say, or whether it is captured in a database stored electronically somewhere. There are some areas in which that analogy between those two means of capturing information breaks down; but, generally speaking, it is true that if it is privacy protected in one form it will be privacy protected in another form as well.
I note that the Victorian Government has established a body to examine these issues. The Data Protection Advisory Council has been appointed to report to the Victorian Minister for Multimedia later this month on issues concerning privacy protection, particularly to do with electronic data. It is important to bear in mind that Victoria does not have privacy legislation. In that respect, we are a great deal better covered for those issues than is Victoria. They have had a much less vigorous privacy protection regime than we do, and I would see the Victorian advisory council as being part of the process of catching up with what most other States have done; perhaps trying to leapfrog ahead in some respects, but certainly catching up in the broad sense. Generally, I think our legislation is adequate at the present time. I am prepared to look at what the Victorian advisory council advises the Victorian Government, if that is published, to see whether that gives rise to issues we ought to pick up here. If it does, I am certainly prepared at least to consider doing that.