'Safe harbour' for Facebook, Google proposed for Aus privacy law

 

ALRC offers sneak peek of unreleased recommendations.

The Australian Law Reform Commission last night offered up a sneak preview of recommendations it will make around new privacy law, which will include a 'safe harbour' provision for internet platform providers such as Facebook and Google.

In June last year then-Attorney-General Mark Dreyfus asked the ALRC to inquire into the possibility of a new statute that would apply to serious invasions of privacy conducted by individuals and organisations (as opposed to the existing Privacy Act which is focused on data protection and applies to organisations with a turnover exceeding $3 million only).

Unlike many European countries and the US, Australia has never offered an explicit legal protection to its citizens against gross invasions of privacy.

On Monday, the ALRC will offer up the fruits of its investigation in the form of a 204 page discussion paper featuring 47 recommendations for the application of a new privacy law and the kinds of damages a court might be able to award.

It will recommend the establishment of a privacy ‘tort’ (a civil offence) as part of Commonwealth law, rather than trying to pass uniform state laws nationwide “which could take 20 years”, according to commissioner Professor Barbara McDonald.

McDonald said the new tort should be confined to two types of invasions of privacy: "intrusion upon the plaintiff’s seclusion or private affairs, including unlawful surveillance or misuse or disclosure of private information about the plaintiff”.

“That disclosure will apply whether the information is true or not,” she said in an address held at the University of Sydney last night.

In news that will no doubt please web giants like Facebook and Google (both of whom made submissions to the inquiry), the draft recommendations will include a ‘safe harbour’ provision to protect the providers of internet platforms from prosecution for carrying invasive material.

But the immunity clause might not even prove necessary, McDonald said, as the new law should only apply to conscious and intentional invasions of privacy.

“You might argue that they don’t need that because they don’t have an editorial role, they merely provide a platform,” she said.

“They are not intending to invade anyone’s privacy, they might not even know the facts which make something an invasion of privacy.”

Regardless, she said the recommendations would include strong suggestions that online service providers like Facebook provide mechanisms whereby users can easily request personal information to be taken down, echoing more dramatic proposals made earlier this year by the Federal Government.

She also hinted that the Commission hadn’t ruled out the potential for further action against companies who ignore legitimate take-down notices.

“It is not out of all possibility that once someone has been given notice and they fail to do something, that then it becomes intentional or reckless for them to keep following a course of action. We haven’t gone into that at this stage but it may be something that we look at for the final report,” she said.

Successful legal action under the proposed law will have to meet a number of key tests, the ALRC will recommend next week.

Firstly, McDonald said, a person in the position of the plaintiff would have to be deemed to have had a “reasonable expectation of privacy” in all of the circumstances concerned, and the invasion will need to be classified as “serious” by the courts.

“We are saying that the court may consider whether or not the invasion was likely to be highly offensive, highly distressing, or harmful to a person of ordinary susceptibilities in the position of the plaintiff,” McDonald said.

Action will also be subject to a public interest test “from the outset” according to the ALRC.

“The plaintiff only has a course of action for serious invasion of privacy where the court is satisfied that the plaintiff’s interest in privacy outweighs the defendant’s interest in freedom of expression and any broader public interest.”

McDonald said making the public interest balance a condition for the commencement of action, rather than a defence, seeks to inhibit “unmeritorious claims” claims brought with the purpose of stifling legitimate public debate.

In its 47 recommendations the ALRC will also seek to bring some uniformity to the legislation governing surveillance devices, from voice recorders to drones, across the country.

McDonald described it as “unacceptable” that state law deems it illegal to record a private conversation without someone’s knowledge in NSW, when such action was fine in the eyes of Queensland and Victorian courts.

Once the discussion paper is released, it will be open for public feedback for around five weeks, before the ALRC compiles its final report for submission to the Government by the end of June.

Copyright © iTnews.com.au . All rights reserved.


'Safe harbour' for Facebook, Google proposed for Aus privacy law
 
 
 
Top Stories
NSW Govt gets ready to throw out the floppy disks
[Opinion] Dominic Perrottet says its time for government to catch up.
 
iiNet facing new copyright battle with Hollywood
Fighting to protect customer details.
 
The CISO’s dilemma: Do you trust your partner’s partner?
[Blog post] How far down the chain do you check?
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
In which area is your IT shop hiring the most staff?




   |   View results
IT security and risk
  25%
 
Sourcing and strategy
  12%
 
IT infrastructure (servers, storage, networking)
  22%
 
End user computing (desktops, mobiles, apps)
  15%
 
Software development
  26%
TOTAL VOTES: 321

Vote
Would your InfoSec team be prepared to share threat data with the Australian Government?

   |   View results
Yes
  57%
 
No
  43%
TOTAL VOTES: 126

Vote