Page 1572 - Week 05 - Thursday, 15 May 2014
Next page . . . . Previous page . . . . Speeches . . . . Contents . . . . Debates(HTML) . . . . PDF . . . . Video
In this context, I am actually quite happy that the ACT is establishing its own information privacy act and its own territory-specific privacy principles, and that it has set up a structure for an ACT information privacy commissioner. While I understand that we will not immediately appoint an ACT commissioner, I think it is important to closely monitor ongoing performance of the federal privacy commissioner in relation to issues such as time taken to handle complaints. It may be appropriate that we migrate to an ACT-specific commissioner in the future.
Given the uncertainty that the federal budget has created for the scheme, I understand that Mr Corbell will propose deferring the detail stage of this bill to a future date. I support that, as it is certainly important for the government to ascertain exactly how the federal changes might impact the proposed scheme established by this bill.
In relation to the actual scheme set up under the bill, and the privacy principles it enshrines, I am satisfied with them. Essentially this mirrors the commonwealth act. The act will apply to the public sector in the ACT, and the principles govern how the public sector deal with the collection of personal information, how they disclose it, how they keep it secure and how they deal with requests to access that information.
I will make one brief comment about the penalties that are included in this act. One of the differences between the commonwealth Privacy Act and this new ACT bill is that the commonwealth now uses civil penalty provisions. Civil penalties are intended to prevent or punish public harm, and involve the imposition of the penalty through civil court processes. They can operate as a deterrent without the stigma or seriousness of a criminal sanction. Breaches of information privacy provisions are the type of offence where civil penalties could be appropriate.
The ACT bill does not propose civil penalties. Instead it provides that the information privacy commissioner can make a report to the Attorney-General if reasonably satisfied that the act or practice which an individual has claimed constitutes a breach of their privacy is a serious or repeated interference with the privacy of the complainant. The attorney has to table that report in the Assembly, the idea being that this provides public accountability through the highest office of this jurisdiction, the highest institution. Having raised this issue with the Attorney-General, I am informed that the ACT will consider the use of civil penalties at a later stage after they have reviewed how effectively they work at the commonwealth level.
Lastly, I will comment briefly on the notion that the ACT could have a statutory offence for a serious breach of privacy, what is often referred to as a tort of privacy. My understanding of the ALP election promise was that it would introduce an offence of breach of privacy to the ACT. This change has already been recommended by the New South Wales Law Reform Commission, the Victorian Law Reform Commission and the Australian Law Reform Commission. In 2008, the ALRC said:
… federal law should provide for a private cause of action where an individual has suffered a serious invasion of privacy, in circumstances in which the person had a reasonable expectation of privacy.
Next page . . . . Previous page . . . . Speeches . . . . Contents . . . . Debates(HTML) . . . . PDF . . . . Video