Government
Contact Centre
1300 366 356
Main Menu
Resize Text
Categories, RSS and More
RSS News Feeds
Rate this Site
Members Forum
The adequacy of protections for the privacy of Australians online - Report and Recommendations
The Senate - Environment and Communications References Committee
April 2011
On 24 June 2010, the Australian Senate referred the matter of the adequacy of protections for the privacy of Australians online to the Senate Environment and Communications References Committee for inquiry and report by 20 October 2010.
The reporting date was subsequently extended by the Senate until 22 March, 24 March, and 7 April 2011.
The terms of reference required that the committee have regard to:
(a) privacy protections and data collection on social networking sites;
(b) data collection activities of private companies;
(c) data collection activities of government agencies; and
(d) other related issues.
Recommendations
Recommendation 1
2.31 The committee recommends that the government consider and respond to the recommendations in the Cyberspace Law and Policy Centre's report: Communications privacy complaints: In search of the right path, and recommendations from the Australian Communications Consumer Action Network arising from that report.
Recommendation 2
3.30 The committee recommends that the Australian Privacy Commissioner's complaint-handling role under paragraph 21(1)(ab) of the Privacy Act be expanded to more effectively address complaints about the misuse of privacy consent forms in the online context.
3.31 The committee further recommends that the Office of the Privacy Commissioner examine the issue of consent in the online context and develop guidelines on the appropriate use of privacy consent forms for online services.
Recommendation 3
3.50 The committee recommends that the small business exemptions should be amended to ensure that small businesses which hold substantial quantities of personal information, or which transfer personal information offshore are subject to the requirements of the Privacy Act 1988.
3.51 To achieve this end, the committee urges the Australian Privacy Commissioner to undertake a review of those categories of small business with significant personal data holdings, and to make recommendations to government about expanding the categories of small business operators prescribed in regulations as subject to the Privacy Act 1988.
3.52 The committee further recommends that the second tranche of reforms to the Privacy Act 1988 amend the Act to provide that all Australian organisations which transfer personal information overseas, including small businesses, must ensure that the information will be protected in a manner at least equivalent to the protections provided under Australia's privacy framework.
Recommendation 4
3.86 The Committee recommends that the OPC in consultation with web browser developers, ISPs and the advertising industry, should, in accordance with proposed amendments to the Privacy Act, develop and impose a code which includes a 'Do Not Track' model following consultation with stakeholders.
Recommendation 5
3.96 The committee recommends that item 19(3)(g)(ii) of the exposure draft of amendments to the Privacy Act 1988 be amended to provide that an organisation has an Australian link if it collects information from Australia, thereby ensuring that information collected from Australia in the online context is protected by the Privacy Act 1988.
Recommendation 6
3.109 The committee recommends that the government amend the Privacy Act 1988 to require all Australian organisations that transfer personal information offshore are fully accountable for protecting the privacy of that information.
3.110 The committee further recommends that the government consider the enforceability of these provisions and, if necessary, strengthen the powers of the Australian Privacy Commissioner to enforce offshore data transfer provisions.
Recommendation 7
3.116 The committee recommends that the Australian government continue to work internationally, and particularly within our region, to develop strong privacy protections for Australians in the online context.
Recommendation 8
3.122 The committee recommends that the government accept the ALRC's recommendation to legislate a cause of action for serious invasion of privacy. Recommendation 9
4.74 The committee recommends that before pursuing any mandatory data retention proposal, the government must:
- undertake an extensive analysis of the costs, benefits and risks of such a scheme;
- justify the collection and retention of personal data by demonstrating the necessity of that data to law enforcement activities;
- quantify and justify the expense to Internet Service Providers of data collection and storage by demonstrating the utility of the data retained to law enforcement;
- assure Australians that data retained under any such scheme will be subject to appropriate accountability and monitoring mechanisms, and will be stored securely; and
- consult with a range of stakeholders.
The full report is available from the Senate Environment and Communications References Committee site.
Last updated: 9 May 2011Related Links
- Communications privacy complaints: In search of the right path - in pdf format (977kb)
- (This document requires the use of Adobe Acrobat Reader). University of New South Wales, Cyberspace Law and Policy Centre. A consumer research report by the Cyberspace Law and Policy Centre, UNSW. 2010. "... The aim of this study is to analyse and compare common communications privacy complaint paths in order to obtain optimum outcomes for consumers through the development of a more straightforward, fairer system for managing privacy complaints in the sector... This study examines and compares three commonly used complaint paths for privacy complaints in the Australian communications sector: 1. Complaints to the Office of the Privacy Commissioner (OPC) – typically general privacy complaints, telemarketing complaints and Internet related complaints. 2. Complaints to the Australian Communications and Media Authority (ACMA) – typically spam and Do Not Call complaints, plus a small number of general privacy complaints. 3. Complaints to the Telecommunications Industry Ombudsman (TIO) – typically general privacy complaints and Internet related complaints..."
- The adequacy of protections for the privacy of Australians online
- The Senate Standing Committee on Environment, Communications and the Arts is seeking written submissions for its Online Privacy inquiry. Submissions should be received by 30 September 2010. The reporting date is 20 October 2010. On the 24 June 2010 the Senate referred the following matter to the Environment, Communications and the Arts References Committee for inquiry and report by 20 October 2010: The adequacy of protections for the privacy of Australians online, with regard to: (a) privacy protections and data collection on social networking sites; (b) data collection activities of private companies; (c) data collection activities of government agencies; and (d) other related issues..."
Search, Login and Options
Search
Mailing List
Enter your email address to subscribe or unsubscribe from the eGov What's New mailing list.
Email a Friend
Please enter email address of the person you wish to send this page to.
