APF: Consent a danger to Australians' privacy

The Australian Privacy Foundation has fingered the concept of consent as the "single most serious weakness in Australia's privacy regulation".

Parliamentary committee investigates online privacy protections.

In its submission to a parliamentary online privacy inquiry, the APF called for stricter regulation of how data controllers might obtain and use consumers' consent.

"Consent works like a miracle cure for conduct that otherwise would have been contrary to the law," APF vice-chair Dan Svantesson wrote.

"No matter how dire, there is virtually no type of privacy violation that cannot be justified by reference to the victim having consented to the action in question."

When it was launched on 24 June, the inquiry into The adequacy of protections for the privacy of Australians online called for public submissions until 23 July.

The deadline has since been extended to 30 September, with the committee expected to report on its findings by 20 October.

To date, the committee has received and published 16 submissions from organisations including Pirate Party Australia, the APF, the Office of the Privacy Commissioner, Yahoo!7 and Google.

While the APF called for a broadening of the scope of application of the Privacy Act 1988 and greater consumer protection measures, industry groups like the Communications Council recommended a self-regulatory system.

The Council represented companies in the marketing and communications industry, and believed "the right to market brands responsibly across all channels is paramount".

"The Council encourages agencies to engage in interaction solely where consumers have genuinely consented to be contacted and/ or have opted into receiving communications," it wrote.

"Where it concerns data collection, it encourages agencies to take reasonable steps to put data security and quality, and access measures in place to safeguard, update, and correct personally identifiable information, while taking reasonable steps to destroy or permanently de-identify personal information if it is no longer needed for any purpose."

Yahoo!7 also supported self-regulation, noting that "market forces encourage companies like Yahoo!7 to bring privacy innovations to our customers quickly".

It urged the Senate Committee to "consider an approach that enables providers to keep pace not only with technological advances but with consumer demands and expectations as well".

Meanwhile, the Internet Safety Institute called for more Privacy Commissioner powers, data loss notification regulations, and a right to civil action that would encourage the market to improve security and privacy policies.

"We should not be scared of legislative regimes that enshrine privacy in both the public and private sectors," wrote the Institute's founder, Alastair MacGibbon.

"Predictability and stability brought through sensible regulation will create a more trusted and trustworthy internet, which will in turn stimulate growth."

Many submissions highlighted the risks of social networks, government data collection and security.

Pirate Party Australia secretary Rodney Serkowski took the opportunity to warn of "dystopic scenarios of 'Big Brother'" due to technology's potentials for surveillance.

Outlining the risks of the Attorney-General's data retention proposal, Serkowski wrote that the retention of traffic data could be used to "decipher and intrusively deduce" individuals' information.

"Should a data retention scheme ever be implemented, its expansion will be inevitable," he wrote.

"The threat to national security is understandable, however this does not make it acceptable for the Australian government to circumvent the democratic process, precluding public consultation and discussion, due to fear of scrutiny and debate."