Privacy amendments weaken consumer protections

Powered by SC Magazine
 

Some amendments 'fatally undermined'.

The Federal Government's proposed amendments to Australian privacy legislation could “unintentionally" weaken the protections for individuals already provided under current laws, the Australian Privacy Commissioner has warned.

In a submission to a senate inquiry into the amendments (pdf), commissioner Timothy Pilgrim said the proposal could broaden the scope for collection of user information by companies and water down regulatory wording.

A current mandated that solicited collections be “necessary” (a factual test) would be replaced with the amended wording “reasonably necessary” under the proposed reforms; a significantly weaker test.

Pilgrim's concerns were backed by a submission (pdf) made by the Australian Privacy Foundation (APF), which argued the proposals were “consumer-hostile” and should be withdrawn and overhauled.

The organisation suggested the Government had "cherry picked" recommendations made by the Australian Law Reform Commission (ALRC) in 2008 on privacy reform, and ignored many of the commission's better recommendations.

The commission had recommended mandatory disclosure of data leaks, a statutory action for privacy breaches, as well as the removal of exemptions for small businesses, employment records and political matters.

In addition to pressing for mandatory data breach notifications — which already form part of the privacy laws in South Korea, Taiwan and many US jurisdictions — the foundation was scathing of the Government for retaining the exemption for small businesses under the proposed reforms.

“[It] seems to have been unduly influenced by both business and agency interests, to the detriment of the interests of the citizens and consumers that the Privacy Act is intended to protect," the APF argued.

Protections 'fatally undermined'

The foundation was most caustic with amended privacy principle 8.1, which requires any company that discloses personal information outside Australia to take “reasonable steps” not to breach the proposed principles.

The APF said such protections were “fatally undermined” by the belief that the recipient country of such information would have equivalent privacy protections, or that there were international treaties requiring such disclosures. On this basis, a data exporter could be exempt from even theoretical accountability.

Instead, the foundation suggested a binding whitelist scheme of countries with adequate protections be adopted to more clearly delineate between like-minded countries and those that did not have the same ideals.

The foundation also criticised plans to exempt companies from information sharing amendments under international agreements as "policy laundering", leading the Government only to hide behind often spurious claims of "international obligations" to justify actions which would not otherwise be lawful.

The Privacy Commissioner submitted that an international agreement did not have any direct legal effect in Australia until it was incorporated into domestic law by statute, and pushed for the proposed exception to overseas data transfers be dropped.

“A treaty that has not been implemented through domestic legislation can affect neither rights nor obligations in Australian law,” the commissioner added.

The Senate Committee is scheduled to have its first hearings in Canberra on August 10 and 13.

Copyright © iTnews.com.au . All rights reserved.


Privacy amendments weaken consumer protections
 
 
 
Top Stories
The True Cost of BYOD - 2014 survey
Twelve months on from our first study, is BYOD a better proposition?
 
Photos: Unboxing the Magnus supercomputer
Pawsey's biggest beast slots into place.
 
ANZ looks to life beyond the transaction
If digital disruptors think an online payments startup could rock the big four, they’ve missed the point of why people use banks, says Patrick Maes.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
What is delaying adoption of public cloud in your organisation?







   |   View results
Lock-in concerns
  29%
 
Application integration concerns
  3%
 
Security and compliance concerns
  27%
 
Unreliable network infrastructure
  9%
 
Data sovereignty concerns
  22%
 
Lack of stakeholder support
  3%
 
Protecting on-premise IT jobs
  4%
 
Difficulty transitioning CapEx budget into OpEx
  3%
TOTAL VOTES: 1124

Vote