Law Reform Commission proposes a ‘right to be deleted’

 

Suggests amendment to Privacy Act.

The Australian Law Reform Commission has suggested individuals be given the power to compel organisations to delete or de-identify information held about them.

As signalled by iTnews last week, the ALRC handed down a set of 47 proposals this morning for how privacy protections could be strengthened in Australia.

One proposal involved the addition of a new Australian Privacy Principle (APP) to the recently reformed Privacy Act.

The new law would give individuals the power to have their identities and details effectively erased from the databases of entities that have collected information about them legitimately.

Entities would also need to offer a “simple mechanism” for users to make the erasure requests, the ALRC said.

Under the proposed changes, APP entities (organisations with a turnover of more than $3 million per annum) would need to demonstrate that they took “reasonable steps” to meet the request within a “reasonable time”, to avoid fines of up to $1.7 million.

“Ensuring that individuals have a means to rapidly remove such information is one way to reduce the availability of private information,” the Commission said.

The ALRC said the proposal would strengthen the current list of APPs which include “similar, but weaker, requirements”.

The amended Privacy Act, which took effect earlier this month, gives individuals the right to access information held about them, to ask for it to be corrected, and makes provisions for the destruction of information once the purpose it was originally collected for has expired.

But the ALRC made clear it did not endorse the adoption of a “right to be forgotten” of the type currently being considered by the European Union.

Unlike the EU proposal, the ALRC's suggested changes are strictly limited to information that has been provided by the requester themselves.

It would not give individuals any scope to demand that information posted online or provided by a third party be removed, meaning that posts about an individual – but not made by them – would not become subject to erasure requests.

The ALRC has also invited feedback on whether or not a regulator, such as the Office of the Australian Privacy Commissioner (OAIC) or the Australian Communications and Media Authority (ACMA), should be able to enact take-down notices on an aggrieved individual’s behalf.

But it steered clear of taking a stance on such an approach, acknowledging there was a risk that "such a system may have an undesirably chilling effect on online freedom of expression”, despite having merit in some circumstances, it said.

The ALRC put forward a model whereby three conditions would have to be met before a regulator took action: it must have received a complaint from an individual; the individual must have already made a failed request to the website etc. to have the content removed; and the content must been deemed by the regulator to constitute a serious invasion of privacy.

The ALRC is inviting feedback on its discussion paper until 12 May 2014, before it submits its final advice to Government before the end of June.

Copyright © iTnews.com.au . All rights reserved.


Law Reform Commission proposes a ‘right to be deleted’
 
 
 
Top Stories
NSW Govt gets ready to throw out the floppy disks
[Opinion] Dominic Perrottet says its time for government to catch up.
 
iiNet facing new copyright battle with Hollywood
Fighting to protect customer details.
 
The CISO’s dilemma: Do you trust your partner’s partner?
[Blog post] How far down the chain do you check?
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest articles on BIT Latest Articles from BIT
Do you direct debit customers? Read this
Oct 10, 2014
Authorities have been targeting direct debit practices with iiNet and Dodo receiving formal ...
Optus expands 4G coverage
Oct 10, 2014
If you rely on an Optus phone for work you might be interested to know that there are now 200 ...
Microsoft Office is now free for some charities
Oct 10, 2014
Microsoft has announced that eligible Australian non-profit organisations and charities can now ...
Vodafone lights up 4G in Adelaide
Oct 9, 2014
Live and work in Adelaide? Vodafone has switched on its 4G network in the city and suburbs.
Next year tradies will be able to take payments using ingogo
Oct 3, 2014
Ingogo is going to provide a card payment service for Xero users.
Latest Comments
Polls
In which area is your IT shop hiring the most staff?




   |   View results
IT security and risk
  25%
 
Sourcing and strategy
  12%
 
IT infrastructure (servers, storage, networking)
  22%
 
End user computing (desktops, mobiles, apps)
  15%
 
Software development
  26%
TOTAL VOTES: 319

Vote
Would your InfoSec team be prepared to share threat data with the Australian Government?

   |   View results
Yes
  57%
 
No
  43%
TOTAL VOTES: 124

Vote