Skip to main content
Skip to secondary navigation
Australian Government - Office of the Australian Information Commissioner - Home

Submission to the Australian Law Reform Commission's Review of Privacy - Discussion Paper 72 (December 2007)

21 December 2007

The Australian Privacy Commissioner, Karen Curtis, has strongly endorsed making privacy laws in Australia consistent so that business, government and individuals can easily understand their rights and responsibilities.

"It is time to address the complexity of privacy regulation in Australia," Ms Curtis said.

"The current situation of different principles for government and business at the national level, and different State and national laws, creates unnecessary confusion for individuals and additional compliance costs on business.

"One set of privacy principles across the country and complementary State public sector legislation would go a long way to making the regulation of the handling of personal information within Australia more effective."

Ms Curtis''s endorsement for national consistency was made in a 786-page submission to the Australian Law Reform Commission (ALRC) in response to its Discussion Paper 72: ''Review of Australian Privacy Law''.

The submission also supports:

  • Maintaining a principles-based and technology neutral approach - to provide flexibility and responsiveness to change.
  • Creating codes where specific privacy concerns emerge - to apply in addition to the uniform principles.
  • Minimising exemptions - exemptions from the Privacy Act should be minimised.
  • Data breach notification - notification should be proportional to the severity of the breach. This would provide organisations with a strong market incentive to adequately secure their databases.
  • Health sector - the Privacy Act should "cover the field" for the regulation of private sector health service providers.
  • Credit reporting - further independent research on comprehensive (or positive) credit reporting is required before it is clear whether its introduction will be beneficial.
  • Audits - a qualified audit power would allow the Office to conduct privacy performance assessments of private sector organisations for compliance in certain circumstances.