Page 623 - Week 02 - Thursday, 20 March 2014
Next page . . . . Previous page . . . . Speeches . . . . Contents . . . . Debates(HTML) . . . . PDF . . . . Video
The bill balances the primacy of personal information privacy with the realistic constraints of costs and ability of operational areas to perform their functions effectively. The principles and supporting provisions in the bill are thorough and represent a comprehensive protection of individual personal information, tempered by reasonableness. For example, information is only personal information if it is about an identified individual or an individual who is reasonably identifiable. This means that if it is technically feasible to identify an individual from the information but to do so would be so impractical or excessively resource intensive that there is almost no likelihood of it occurring, then it would not generally be regarded as personal information.
The bill also recognises that there are situations where information will need to be collected without consent or notice, such as where a natural disaster might cause an imminent threat to the life or safety of individuals. The bill creates exceptions from all the requirements of the TPPs where an agency is carrying on enforcement-related activities, or where the collection, use or disclosure is necessary to prevent threats to life, health or safety or prevent criminal activity or serious misconduct. Other laws may also authorise the sharing of identified information that would otherwise not be able to be shared under the bill.
The bill is not about being overly cautious or shackling government operations; it is about encouraging agencies to develop conscientious information-handling practices which can be integrated and adopted as part of their daily business. The bill recognises that managing information flows and facilitating the dialogue between individuals in the government and community is the core business of the public sector. This bill commits public sector agencies to promote responsible handling of personal information, and this commitment is supported by a robust and accessible complaints resolution mechanism.
The bill contains a number of provisions to clarify the role of the information privacy commissioner. The commissioner will be empowered to conduct inquiries into complaints, including referrals from the Ombudsman and commissioners within the Human Rights Commission. The privacy commissioner will work with both the complainant and the respondent agency to come to a satisfactory resolution. If the agency has interfered with the privacy of a complainant by breaching a TPP, then the commissioner can make a finding which entitles the complainant to seek an order to redress the breach in the Magistrates Court. In situations where those investigations reveal serious or repeated interferences with the privacy of one or more individuals by an agency, the commissioner may report these findings to the minister and they must table a report.
The bill enhances public oversight and scrutiny of personal information handling practices in the public sector. At this point in time the Australian Privacy Commissioner will continue to act as the ACT information privacy commissioner under the MOU that has provided the ACT with quality privacy protection services at a value which could not be replicated with equivalent resources within the ACT.
Next page . . . . Previous page . . . . Speeches . . . . Contents . . . . Debates(HTML) . . . . PDF . . . . Video