DATE: 5 May 2011
Recent privacy breaches at Sony and Dell Australia highlight concerns about Australia’s privacy framework and its ability to protect the right to privacy of Australian’s online.
In response to the privacy breach at Sony in which more then 1.5 million Australian user accounts were compromised, the Minister for Privacy, Brendan O’Connor has stated that the government will introduce mandatory disclosure laws relating to privacy breaches. These new laws are part of the government’s implementation of recommendations made by the Australian Law Reform Commission’s (ALRC) inquiry into Australia’s privacy frameworks.
The ALRC made 295 recommendations and the federal government has currently responded to 197 of these including setting up the Office of the Australian Information Commissioner and “preparing draft legislation to implement the proposed changes.”
Whilst these moves have been welcomed the most important elements of the ALRC report have been ignored. This includes recommendations for the establishment of a statutory right to privacy and the development of a statutory cause of action for serious breaches of privacy. This would give Australians the right to sue for damages if they believed their privacy had been breached.
Article 17 of the International Covenant on Civil and Political Rights recognizes privacy as a fundamental human right but Australia is yet to legislate for a general right to privacy. Bernard Keane has argued that the failure of parliament to “entertain a right to privacy may well see our courts follow British Judges down the path of creating a court driven right to privacy via superinjunctions, and that is in no one’s interest except those of powerful corporations.”
Concern has also been expressed about the Government’s proposals to force telecommunications providers to take part in a mandatory data retention regime, designed to allow law enforcement authorities to access information for investigations. A Senate Committee inquiry in April criticised the Attorney General’s Department’s failure to engage in consultation with the broader community or civil liberties organizations on the issue which could have wider privacy implications.
This highlights the complexity of legislating on an issue such as online privacy. A media press release by the Minister for Privacy, Brendon O’Connor to coincide with Privacy Awareness Week acknowledged that the government was working to ensure that Australia’s privacy laws are robust in changing circumstances, but Australians also need to take “responsibility for their actions, particularly online.”