Like what you've read?

On Line Opinion is the only Australian site where you get all sides of the story. We don't
charge, but we need your support. Here�s how you can help.

  • Advertise

    We have a monthly audience of 70,000 and advertising packages from $200 a month.

  • Volunteer

    We always need commissioning editors and sub-editors.

  • Contribute

    Got something to say? Submit an essay.

 The National Forum   Donate   Your Account   On Line Opinion   Forum   Blogs   Polling   About   
On Line Opinion logo ON LINE OPINION - Australia's e-journal of social and political debate


On Line Opinion is a not-for-profit publication and relies on the generosity of its sponsors, editors and contributors. If you would like to help, contact us.


RSS 2.0

Private sector privacy: not a ‘light touch’ but a ‘feather touch’

By Robert McClelland - posted Thursday, 15 June 2000

The Privacy Amendment (Private Sector) Bill 2000 reflects the federal government’s approach to data protection that is based upon the premise of a ‘light touch’ legislative regime.

The Bill gives limited effect to the National Principles for the Fair Handling of Personal Information, which provide a basis for business to develop practices to ensure the protection of individual privacy. The National Principles set out standards about how businesses and other private sector organisations should collect personal information, how that information can be used and disclosed, and how it should be maintained accurately and securely.

Under the Bill, private sector organisations will be bound by the National Principles unless they have their own privacy code that has been approved by the Privacy Commissioner. A code will only be approved by the Commissioner if it provides at least as much privacy protection as the National Principles.


However, as presently drafted, the Bill is inadequate to protect the privacy of Australians’ personal information. Among the many criticisms of the Bill - it will have no effective application to existing databases; the enforcement mechanisms are too weak; and it does little to protect families in this electronic age. It’s not a ‘light touch’, but a ‘feather touch’.

The first area of deficiency relates to the treatment of information in existing databases. The Bill specifically provides that Privacy Principle 2 – which relates to the use and disclosure of personal information – will not apply to existing databases. This means that the information privacy horse has bolted, it is riding away with the personal information of Australians, and the federal government is not prepared to take any action to halt its progress.

For example, the legislation will not affect the use of information held in a massive database by Axciom containing the personal information of some 15 million Australians. It has been reported that the information was collected from merging personal information obtained from numerous internet sites. It will remain possible to sell that information even though Australian citizens unquestionably did not consent to their personal information being used for that purpose.

The Bill also provides that Privacy Principle 6 – which relates to access and correction of personal information – will not apply to existing databases. Accordingly, any Australian citizens who suffer damage as a result of inaccurate information currently held on them will be unable to do anything about it.

For example, inaccurate information held on a database regarding somebody’s financial affairs could significantly impede that person’s ability to rent a property or even to obtain finance for a business venture. It will also mean that information held in the controversial private criminal history database CrimeNet will not be subject to correction on request. The damage that could be caused to an individual’s reputation by such a database speaks for itself.

The second area of deficiency is in respect to enforcement. While the privacy Commissioner has power to recommend compensation for privacy breaches, there is no provision in the legislation for civil penalties to be available to punish corporations who engage in particularly serious breaches. If experience under the Privacy Act 1988 – which currently only applies to the activity of Commonwealth departments and agencies – is any guide, Australians can anticipate that any recommendations for compensation made by the Privacy Commissioner will be extremely conservative.


At an individual level, damage sustained because of a breach of privacy can sometimes be relatively minor. For instance, disclosing that somebody has booked a particular movie or play through an online booking agency may have little effect on the reputation of that person. However, such a practice may reflect a far more intrusive and systematic breach of privacy with a considerably greater public impact. In April this year, it was reported that hackers in the United States had extracted subscribers’ phone numbers and log in names directly off an ISP's terminal server. Severe penalties should be available to deter organised abuses of privacy of this kind.

A third area in which the legislation is deficient lies in the fact that there is no special treatment of information collected from children. This compares, for instance, to the United States Children's Online Privacy Protection Act 1998 – which requires that operators of commercial web sites and online services directed to children:

  • provide parents with notice of their information collection practices;

  • obtain parental consent before collecting, using or disclosing personal information about a child, with certain limited exceptions;

  • obtain new consent from parents when information practices change in a material way;

  • allow parents to review personal information collected from their children;

  • allow parents to revoke their consent, and delete information collected from their children at the parents request;

  • not require a child to provide more information than is reasonably necessary to participate in an activity; and

  • maintain the confidentiality, security and integrity of information collected from children.

  1. Pages:
  2. Page 1
  3. 2
  4. All

Discuss in our Forums

See what other readers are saying about this article!

Click here to read & post comments.

Share this:
reddit this reddit thisbookmark with Del.icio.usdigg thisseed newsvineSeed NewsvineStumbleUpon StumbleUponsubmit to propellerkwoff it

About the Author

Robert McClelland MP is Shadow Minister for Defence and Federal Member for Barton (NSW). Previous ministerial positions include Shadow Attorney-General, Shadow Minister for Justice and Community Security and Shadow Minister for Homeland Security.

Other articles by this Author

All articles by Robert McClelland
Related Links
Australian Labor Party
Robert McClelland's home page
Photo of Robert McClelland
Article Tools
Comment Comments
Print Printable version
Subscribe Subscribe
Email Email a friend

About Us Search Discuss Feedback Legals Privacy