Nick Gardner reports:
Consumers will have black marks lodged on their credit files for missing just one utility bill or credit card repayment under proposed changes to the Privacy Act.
The controversial proposals will give banks carte blanche to view every aspect of our financial affairs, including accounts with other institutions, relationships with utility companies, when accounts are opened and closed, and, crucially, the repayment history of all accounts going back two years.
Read more in The Herald Sun.
Related: Government to re-write Privacy Act (Australian IT)
The full response from the government can be found here (pdf), while the original 2700-page report by the ALRC can be found here.
Update: The ALRC issued this statement:
The Australian Law Reform Commission (ALRC) has welcomed today’s announcement by the federal Government that it will implement a large portion of the recommendations of the ALRC’s review of Australian privacy laws.
The first stage of the Australian Government’s formal response to For Your Information: Australian Privacy Law and Practice (ALRC 108) considers 197 of the 295 recommendations made by the ALRC—and accepts about 90 percent of them.
ALRC President, Emeritus Professor David Weisbrot AM, said 141 of the 197 recommendations have been accepted in full or in principle, with another 34 recommendations accepted with qualification and two further recommendations noted (but not requiring action).
The ALRC report—released in August last year—was the product of two years of extensive research and international benchmarking, and included the largest community consultation exercise in ALRC history. Releasing the Government’s response, Cabinet Secretary and Special Minister of State, Senator Joe Ludwig, said the implementation of the ALRC’s recommendations would be the most significant reform of privacy laws since the inception of the Commonwealth Privacy Act more than 20 years ago.
Senator Ludwig said the first stage response focuses on the foundations: a clear and simple framework for privacy rights and obligations, including a harmonised set of Privacy Principles; a redrafting of the Privacy Act to make it more accessible; a new comprehensive credit reporting framework; improvements in health sector information flows; and enhanced powers for the Privacy Commissioner.
As recommended by the ALRC, these reforms will be technology neutral—but technologically aware— providing protection for personal information held in any medium.
Professor Weisbrot said the Privacy Act was introduced “before the advent of supercomputers, the Internet, mobile phones, digital cameras, e-commerce, sophisticated surveillance devices and social networking websites—all of which challenge our capacity to safeguard our sensitive personal information.
“These days, information privacy touches almost every aspect of our daily lives, including our medical records and health status, our finances and creditworthiness, the personal details collected and stored on a multiplicity of public and corporate databases, and even the ability to control the display and distribution of our own images.”
Commissioner in charge of the Privacy Inquiry, Professor Les McCrimmon, said that the ALRC’s reforms were carefully crafted to streamline complex and costly privacy laws and practice, and to make the law much easier to understand and to comply with. In particular, the move to a unified set of Privacy Principles, covering both the public and private sectors, will make an important contribution in this area.
“The overwhelming message from our report was that Australians do care about privacy, and they want a simple, workable system that provides effective solutions and protections. We’re confident our recommendations will achieve this, and so we are delighted with the Government’s very positive response.”
An exposure draft of the new legislation is expected in early 2010. The remaining 98 recommendations made by the ALRC— which consider such important matters as the removal of exemptions, a scheme for compulsory data breach notification, and the creation of a cause of action for serious invasions of personal privacy—will be considered in Stage 2 of the Australian Government response.