Privacy coverage 27 – 29 July 2011
August 1, 2011 |
In the Age Michael Pearce, the immediate past president of Liberty Victoria, has an opinion piece Legislate the right to privacy saying:
When new technologies threaten our personal space and invade our privacy, we need the right to sue.
THE Federal Government should be applauded for giving serious consideration to the recommendation of the Australian Law Reform Commission three years ago that Parliament legislate for a right to sue for damages for serious invasion of privacy.
Media companies have sprung to oppose the recommendations. But their arguments are unconvincing.
The reasons why Parliament should legislate are more fundamental than the need to respond to the passing wrongdoing of a rogue media company, even if it does control about two-thirds of metropolitan newspaper circulation in this country.
It is not particularly helpful to label News Limited a “rogue company”. That is as distracting as the irrelevant nitpicking that some of the opponents have been engaging in. So what if a media company controls two thirds of newspaper circulation. Monopolies and cartels have been a continuous problem in media ownership as well as many other aspects of the Australian economy. It is not the issue.
Parliament should act because technological change is eroding privacy to such a degree and so rapidly that, without some legal protection, very little privacy will be left to us before long.
Good point but a little on the emotional side. The erosion of a zone of privacy we traditionally expected is being reduced with the onset of new technologies.
The technological and other innovations that have encroached on privacy in recent years include:
The internet, with its capacity to broadcast personal information instantaneously around the world, its spyware to snoop on users and its social networking sites that turn users into open books.
Mobile phones, with their GPS systems that can track your movements.
Smartcard technology that records your movements (through public transport, toll roads and credit and debit card purchases), profiles your spending habits and your health details.
The spread of CCTV.
Anti-money laundering legislation that swept away banker-customer confidentiality and compels a range of people from bankers to solicitors to report ”suspicious” activities of clients to the government.
Mandatory reporting legislation that requires health care and other professionals to report suspicions of abuse of various kinds to the government.
Copying and scanning technology that enables nightclub bouncers and taxi drivers to make permanent records of the personal details of their customers.
These innovations no doubt have many positive applications. But they have fundamentally redefined privacy and it is futile to think we can enjoy the sort of privacy that prevailed before this technology.
Fair enough.
There are good reasons why we should try to retain as much privacy as possible in the information age.
Privacy can be thought of as denoting that sphere of a person’s life that they control completely, to the exclusion of others. What we keep private is a matter of personal choice. The key thing is that choice.
And in many respects that is the nub of the debate, from the protection perspective. Against this is the
A common feature of democratic societies is the recognition that all citizens are entitled to a private life and to a wide range of choice about what is kept private.
By contrast, the control exercised by totalitarian and authoritarian states is inconsistent with personal privacy. They deny any right to choose to keep things private and permit the state to reach into the deepest recesses of personal lives.
The first sentence is the key issue. The second paragraph is just a debating point. There is not utility in bringing a comparison with totalitarian and authoritarian states.
Most of the great human rights instruments marking out the freedoms of democratic societies include a right of privacy: the Universal Declaration of Rights, the International Covenant on Civil and Political Rights, the EU Convention for the Protection of Human Rights and Fundamental Freedoms. The Victorian Charter of Human Rights and Responsibilities recognises a right of privacy.
But the Victorian Charter gives only limited legal recognition to this right. It merely requires courts to interpret other legislation in a manner consistent with the right and requires public officials to act in accordance with it.
While this is true that charters and conventions refers to rights of privacy the stronger argument is that there is a both a strong philosophical and common law rights.
There is a patchwork of laws in Australia that requires government agencies and certain other bodies to deal properly with personal information but none of them gives redress of the kind proposed by the Law Reform Commission, i.e. a general right to sue for damages for a serious and intentional invasion of privacy.
This is the key. The problem with the current legal protections are that most are in the hands of regulators, such as the Privacy Commissioner. Whether that office is sufficiently determined to take action consistent with the desires of victims of privacy breaches is a real question. There are competing policy issues that the Commissioner must weigh, which are not in play with individuals.
Strict regimes for the protection of databases have not managed to defeat human inquisitiveness, leading to a number of serious breaches of privacy in Australia and overseas, quite apart from the recent News Corporation scandal.
In the aftermath of one such breach in the United Kingdom, the motoring journalist Jeremy Clarkson derided the alarm expressed about the disclosure of personal bank account details. He published his own bank account details and was then embarrassed when a hacker accessed his account and transferred £500 to a charity!
Clarkson had the sense and good grace to admit he was wrong to be blase about privacy.
Let us hope the nay-sayers in Australia can learn the same lesson but less painfully. They should recognise the many and far-reaching intrusions into privacy wrought by recent technological and other innovations. They should acknowledge the need to provide some legal redress for serious breaches of privacy, even if it means less celebrity gossip in the press.
Such a right will no more prevent invasions of privacy than the law of negligence prevents car accidents. But it should serve to reduce them and to provide legal redress in cases of serious personal harm. Just as the law of negligence developed in response to changing technology and social conditions of the early 20th century, a similar legal development is needed now in the early 21st century.
The analogy between negligence law and litigation and that of privacy is quite an arid one. It may be, probably on more logical grounds, that a privacy tort could be more like a trespass or nuisance action. Both trespass and nuisance actions have been present for many years but have not given rise to policy or financial issues for insurers or any others.
There are serious restrictions on the equitable action for breach of confidence, which prevents it from developing to fill this gap. A legislative response is therefore the best solution. And so the ALRC’s recommendation deserves serious consideration and support. The self-interested complaints of media organisations should not drown out the important policy issues behind this proposed reform..
This is the nub of the current problem. A breach of confidence action makes any quasi privacy protection moot.
In Centrelink spy videos fed to media the Australian looks at the use by private investigators to use covert surveillance of welfare cheats.
CENTRELINK is using private investigators to take covert surveillance of welfare cheats and then supplying the material to the media in a practice labelled a “double standard” as the government pursues privacy reform.
The Department of Human Services’ fraud and compliance media strategy, obtained by The Australian, reveals that the release of this material is systematic and sanctioned by departmental policy.
“Where there is surveillance footage available for a prosecution case, the Business Integrity Division will let the Media Section know as soon as possible,” the strategy says.
“This gives both teams plenty of time to view the tape and to decide if the vision is suitable for release to the media.”
Human Services Minister Tanya Plibersek has also sanctioned the release of the footage. She wrote last month to welfare groups that were complaining about the treatment of disability support pensioners by television current affairs programs, admitting the practice occurred and defending it.
“Centrelink will only provide footage obtained from fraud investigations if it relates to a matter that has already been finalised by the courts,” Ms Plibersek’s letter says.
“Any footage provided is pixelated by Centrelink staff prior to release. Releasing footage under these circumstances does not breach the strict privacy laws Centrelink is bound by.”
The department’s media strategy details how its advisers are encouraged to alert the media to notable fraud cases before the courts and have a protocol for doing so.
“Important note: In instances where the Media Section makes a tip-off to the media prior to a court appearance, it does not supply written material about the case,” the protocol says.
The department’s media strategy says the reason it releases this information is for “building confidence in Centrelink” and providing “assurance to government, clients and customers that . . . Centrelink is able to identify and take action against welfare fraud”.
NSW Council of Civil Liberties president Cameron Murphy, an advocate for tougher privacy laws, said it appeared there was “in a sense a double standard at play” in the government’s calls for better privacy protection.
“If you’re going to have integrity about your privacy law, the government has got to be just as culpable as anyone else,” he told The Australian.
“You can’t just have a system where there is one rule for the government and another for everyone else.
“You don’t have a department out there leaking information because it is convenient.”
Opposition human services spokesman Kevin Andrews said yesterday a reply to a question he placed on notice had revealed that there had been 197 code of conduct investigations of employees of Centrelink, Medicare, the Child Support Agency and other agencies in the year to June 10. Sixty seven of these involved staff accused of improperly accessing personal information.
“At a time when the Labor-Greens alliance is making noises about regulating the media to apparently strengthen the privacy of citizens, the department which holds information on
every Australian has had 67 investigations for improper access to personal information,” he said. “I think it’s important to know what happened to the 35 investigations where the employee resigned prior to the case being finalised, and three cases where the employee’s contract expired prior to the case being finalised.”
The concerns about the release of covert footage come after parliament passed government legislation that will allow independent doctors who are Medifraud investigators to look at patient records when they are trying to gather evidence against a doctor.
A spokeswoman for Acting Health Minister Mark Butler said yesterday: “When Medicare requires documentation for compliance purposes, these materials are managed by the patient’s health practitioner and a medical practitioner at Medicare to maintain strict privacy provisions.”
Australian Medical Association president Steve Hambleton said patient privacy was “sacrosanct”. He supported auditing Medicare, but “nobody should get to see a patient record without good reason”, particularly someone not bound by the same privacy code as a doctor.
Home Affairs Minister Brendan O’Connor said last week he would produce a discussion paper based on a 2008 Australian Law Reform Commission report that proposed the creation of a legal right to privacy.
Privacy has been in the spotlight since revelations emerged in Britain of telephone hacking by News of the World journalists.
“There is no general right to privacy in Australia, and that means there’s no certainty for anyone wanting to sue for a breach of privacy,” Mr O’Connor said on July 21. “The News of the World scandal and other recent mass breaches of privacy at home and abroad have certainly turned the spotlight on the issue of whether Australians should have such a right.”
The push for additional protection on privacy coincided with Julia Gillard saying News Limited, publisher of The Australian and the Australian arm of News Corporation, which owns News of the World, had some “hard questions” to answer.
Mr O’Connor has this week insisted the Gillard government’s consideration of new privacy laws was not targeted at the media, but at protecting privacy across the community.
A spokesman for Ms Plibersek said last night the release by Centrelink of surveillance footage occurred only in cases where there had been a welfare fraud conviction. “These are made available under strict privacy protocols that have been followed for many years under successive governments,” he said. “This includes pixelation of all vision of convicted individuals and only providing information that is on the public record.”
Creating public awareness about Centrelink’s fraud prevention activities was important for educating customers about their obligations, deterring people from breaking the law and enhancing community confidence in the integrity of the social security system, the spokesman said.
Centrelink staff treated the protection of customer information seriously, which was why there were guidelines for media officers, he said.
The department’s media strategy came to light after a coalition of welfare groups wrote to Ms Plibersek and Families Minister Jenny Macklin earlier this year to complain about the vilification of Disability Support Pensioners in recent media stories.
“As you know, only 307 of the 800,000 DSP recipients were prosecuted for fraud last year, and the numbers losing payments as a result of medical reviews (most of which do not involve ‘fraud’) are not much higher,” the groups said in their letter. They sought an assurance “the privacy of customers will be protected by Centrelink, that public humiliation of individuals is not part of the government’s compliance strategy, and that the government will contest the vilification of disability pensioners as a group in media stories such as these”.
Privacy Commissioner Timothy Pilgrim said yesterday he could not comment in detail as he was unaware of the specific allegations against Centrelink, but as a government organisation, it was required to comply with the National Privacy Principles, which regulated the use of personal details. The principles would not apply if the agency “de-identified” someone by blurring a picture or removing any identifying information.
Regarding the political party exemption there are two pieces, an excellent piece of It’s surprising what political parties know and Senator Nick Xenophon pushes privacy bill.
Chris Merritt’s piece State uproar over Gillard plan to expose all public agencies to civil suits, is extrapolation ad absurdam.
EVERY public sector agency, federal and state, could be sued over privacy breaches under a proposed civil action being considered by the Gillard government.
The prospect of a wave of litigation triggered by Canberra’s planned privacy tort led to furious protests by the states yesterday.
Where exactly is this wave? What otherwise hidden privacy breaching behaviour lurks out there which will give rise to many and varied suits.
The governments of Victoria and Western Australia called for Canberra to rule out any changes that would expose their agencies to litigation.
Victorian Attorney-General Robert Clark said: “Poorly designed commonwealth privacy laws imposed on state government agencies could cost Victorian taxpayers considerable sums of money in compliance costs and in potential damages.”
Victoria and other states have privacy obligations in the control of data in their possession. Poorly designed laws should be avoided at all costs. Victoria should have a say and raising the issue of compliance may be relevant.
Under the plan being considered by federal Privacy Minister Brendan O’Connor, a proposed privacy tort could be used against all government agencies. At present, there is no provision under the Privacy Act.
The Privacy Act does not give a right to an individual bringing any sort of action. The complaints process must go through the Privacy Commissioner. The Privacy Act does not cover all possible breaches of ones privacy. It focuses upon the collection, use and storage of data.
The plan is outlined in a 2008 Australian Law Reform Commission report that Mr O’Connor has said will form the basis of an issues paper on his privacy plans.
The report recommends that state and territory public sectors be included in a federal tort.
Victoria and Western Australia said they were not consulted before Mr O’Connor began a media blitz aimed at promoting the government’s plan for the new federal tort to enable people to sue each other — and the media — for serious invasions of privacy.
This is not relevant to whether a statutory right of action is a good thing. At best this becomes nit picking.
The backlash from the states over the privacy tort comes after the government’s plan triggered moves backed by independent senator Nick Xenophon to end the exemption for political parties from privacy laws.
When informed of the concerns of the states, Mr O’Connor’s office issued a statement saying the minister stood by his earlier statement that while the issues paper on the privacy tort would be based on the ALRC report, “it won’t be confined to those recommendations alone”.
As well as exposing state and federal government agencies to damages claims, the ALRC’s plan is at odds with legal changes introduced almost a decade ago aimed at easing the risk of legal liability facing government agencies.
This is pure nonsense. Changes to the law of negligence is not analogous. There is no evidence that the scope of operation is even close. By the Australian’s own claim there is no evidence that there is widespread breaches of privacy.
If the plan is implemented, it would be easier to sue most state government agencies for breaches of privacy than to sue them over negligence that causes physical injuries. Mr Clark said his government would be very concerned by any move by the commonwealth to extend privacy laws to regulate the state public sector.
“If poorly thought through, it could inhibit the proper and legitimate exchange of information between state government agencies such as law enforcement,” Mr Clark said.
There is no evidence that the proper and legitimate exchange of information between law enforcement has been hampered by privacy laws elsewhere. Abusing someone’s private information, such as releasing it for no good policy or forensic reason should be the subject of censure and action.
While the proposed federal tort is aimed at protecting “serious” invasions of privacy, Mr Clark said there was “a serious risk with open-ended phrases that there will be unintended consequences”.
But the ALRC did consider a range of factors which are included in the balancing act.
His views are in line with those of West Australian Attorney-General Christian Porter.
“The Western Australian public sector should not be legislated for by the commonwealth,” Mr Porter said.
He said the federal government had previously proceeded on the basis that privacy regulation of state and territory public sectors would remain the legislative responsibility of state governments.
But Queensland Attorney-General Paul Lucas said the law of negligence applied to the states “and so should any statutory tort of privacy”.
“I can’t comment on whether that should be through federal co-operative legislation or state legislation until . . . we see what the details of the commonwealth proposal are,” Mr Lucas said.
The report being considered by Mr O’Connor says the federal government has sufficient constitutional power for its legislation to cover state government agencies as well as the commonwealth.
“The statutory cause of action for invasion of privacy should be in federal legislation and should cover federal agencies, organisations and individuals,” the ALRC told the federal government in its 2008 report.
“As no states or territories currently have a statutory cause of action for invasion of privacy, failure to extend the coverage of the cause of action to state and territory public sectors would result in gaps in coverage.”
The commission’s plan differs sharply from the normal law governing the liability of government agencies. Unlike claims for physical injuries, payout for breaches of the privacy tort would be made even if the invasion of privacy caused no damage.
The nature of the breach is actionable per se, much like nuisance or trespass. The loss is the humiliation. That is the damage. Claims for physical injuries do usually include a component for pain and suffering as well as loss of income. Not to have a claim actionable per se would render the action meaningless.
The privacy tort would also clash with some of the “tort reforms” that were introduced by state governments almost a decade ago to end excessive damages claims and address a blow-out in insurance premiums. Those changes introduced a higher threshold test when negligence claims were brought against most government agencies.
Nonsense. What clash? They are different rights dealing with massively different issues As for the excessive damages claim it is purely and simply assertion to claim there is a similarity.
Plaintiff lawyer Tom Goudkamp, managing director of Stacks Goudkamp, said: “This has made it almost impossible to sue local councils over potholes that cause injuries unless you can prove somebody had actual knowledge of the risk.”
The states introduced those tort reforms after former NSW chief justice Jim Spigelman criticised excessive damages payouts and warned that the law of negligence had become “the last outpost of the welfare state”.
The test for negligence in most of the state public sectors now focuses on whether a reasonable government agency in the position of the agency being sued could have foreseen the damage caused by its actions. But for the privacy tort, the test for liability proposed by the ALRC places more weight on the views of a judge. The test for the privacy tort would require a judge to decide whether there was a “reasonable expectation of privacy”.
A judge makes a determination on the facts, and applying that to a test on a reasonableness or what is a reasonable expectation of privacy as against any defences. It is a false dichotomy and one that is pretty silly.
While the privacy tort could be brought against all public-sector agencies, the ALRC has recognised that constitutional limitations mean top state officials and ministers will be beyond its reach.