Delays in dealing with complaints by Privacy Commissioner
September 13, 2013 |
The regulation and enforcement of privacy protection in Australia under the Privacy Act 1988 operates on a gatekeeper system. But for applications for injunctive relief under section 98 the Privacy Commissioner controls all aspects of complaints to do with interferences with privacy, including whether he will consider a complaint. An individual can not bring an action under the Privacy Act or any other legislation alleging an interference with his or her personal information or breach of privacy. That is a severe faililng in the system. But that is the system. Given the system as it stands it is therefore incumbent upon either or both the Government to properly resource the Privacy Commissioner so that he may fulfill his statutory functions and the Act can have force or the Privacy Commissioner to become more efficient. The Sydney Morning Herald in Long delays before privacy complaints assessed reports on the delay in dealing with complaints.
What is clear is that privacy protection is important and having a dead letter law is often worse than no law at all. Privacy Commissioners in Australia have had a modest record of achievement, even with the limited powers under the Act. The current Privacy Commissioner is by far the most active and pro active occupant of that office. Once the amendments to the Privacy Act come into force in March next year he will have significant powers. If he does not have the resources to do anything with them then the situation becomes farcical. Of course it would be better to have a two path system of privacy protection, with individuals having a statutory right of privacy or an ability to bring an action under the Privacy Act (suitably modified) as well as the Privacy Commissioner having a role. It is not difficult to do at law. A model might be the Corporations Act with individuals having a right to bring an action, as does ASIC.
The SMH article provides:
Australia’s federal Privacy Commissioner has blamed the federal government for long delays in assessing breach-of-privacy and freedom-of-information complaints.
Complaints about privacy are not being allocated to case officers until just over five months after submission, taking about 19 weeks longer than the usual four-week period.
Separately, freedom-of-information matters (complaints and requests for reviews) are not being allocated to officers for up to seven months.
At present, the Office of the Australian Information Commissioner, which incorporates the Privacy Commissioner, is allocating privacy complaints received in April and freedom-of-information complaints and reviews from February.
Privacy Commissioner Timothy Pilgrim said that while overall privacy complaints increased by 10 per cent during the previous financial year, “staffing levels have decreased in line with the [office’s] need to meet efficiency dividends imposed by government”.
The combination of an increase in complaints and fewer staff was the reason for the backlog, he said.
“The OAIC is experiencing delays across both its functions of privacy and FOI. However, the OAIC undertakes a triage process and if an urgent matter is identified then it will be expedited to a case officer,” Mr Pilgrim said.
Freedom-of-information complaints to the office concern people who dispute an adverse ruling relating to FOI requests made to a government agency. A number of years ago the Privacy Commissioner’s Office became part of the Office of the Australian Information Commissioner, which handles FOI complaints, and staff are now shared between the two.
As of July 3, there were the equivalent of 74.23 full-time staff, 25.78 of whom worked in the dispute resolution branch.
Mr Pilgrim’s office said waiting time fluctuated and it expected it would reduce “with staff recruitment over the next couple of months”.
David Vaile, executive director of the University of NSW’s Cyberspace Law and Policy Centre and vice-chairman of the Australian Privacy Foundation, said he sympathised with Mr Pilgrim.
Mr Vaile said the delays would likely discourage people from lodging complaints.
“I think they have been required to constrain and trim their budget or what they’re given,” he said.
“And with the level of complaints going up, it just sort of means that if people are faced with delays then they’re unlikely to press through with them.”
Mr Vaile said privacy should be a focus for government because it was often being abused.
“The privacy threat is expanding because of the use of big data and social networks. There are threats from both government and business to the very principle of privacy,” he said.
ABC TV’s Four Corners program revealed this week that NSW Police stores millions of photographs of number plates in a central database, and NSW Roads and Maritime Services stores the media access control addresses of mobile phones at 16 sets of traffic lights in inner Sydney.
It also reported on a capability Westfield is looking at but has not yet implemented to track people’s devices in its Australian shopping centres.
[…] by the Office of the Australian Information Commissioner (OAIC), an agency that is seriously under-resourced. There are questions about its expertise and apparent permissiveness in dealing with big business […]
[…] by the Office of the Australian Information Commissioner (OAIC), an agency that is seriously under-resourced. There are questions about its expertise and apparent permissiveness in dealing with big business […]