With Timeline there is another potential privacy problem.  On PM last night the implications were discussed.  Here is the transcript:

MARK COLVIN: With billions of users all over the globe, social media sites like Twitter and Facebook now affect the lives of an awful lot of people. So when they make changes it can have big effects.

Facebook, a company which has been plagued with accusations that it has no respect for privacy, is in the firing line again for introducing a new feature called Timeline, and making people who don’t like it opt out rather than giving the choice to opt in.

And Twitter is embroiled in a row about censorship after it said that it would block some messages to conform with local laws.

Nate Cochrane is former editor of a number of IT magazines, now a freelance contributing to outlets, including the Sydney Morning Herald.

He joined me a short while ago.

(to Nate Cochrane) Let’s begin with Twitter which has gained itself a reputation over time as being very interested in freedom of speech and then it made this announcement this week and the Twitter-sphere exploded with people saying, oh this is a disaster. Was it?

NATE COCHRANE: I think people need to take a breath and a bit of a step back. Twitter is a fairly recent innovation. Prior to this we had Usenet newsgroups, most especially during the Gulf War 1.0 that we fought about 20-odd years ago.

But I actually view it as a positive because for the first time we’re going to see exactly what Twitter is censoring and why it’s censoring it. Previously, these tweets were just taken offline for the whole world. Now they’re just going to be taken offline for individual countries.

MARK COLVIN: What has been taken offline before? I’ve seen lists which are mostly about copyright infringement.

NATE COCHRANE: I think you’ve got to bundle this all up into one big issue of freedom of speech and whatever the vector is, whether it’s about copyright infringement or whether it’s political dissent, I think it all boils down to basically the same thing and that is that one group, through a medium such as Twitter, is stopping another group from expressing themselves.

And in this particular case I’d actually like to see Twitter go further. I mean at the moment all they’re saying is that when you go to see…

MARK COLVIN: You don’t mean to censor more?

NATE COCHRANE: No, no not to censor more but to be more transparent about what it is they’re censoring. So at the moment the theory is that under this system you will go to a tweet and it will tell you this has been censored for whatever reason.

What I would like to see is Twitter actually aggregate all those and produce a real time report saying, alright these are all the tweets that have been blocked, these are the people who have asked to block it, this is the rationale that we’ve been given to block it and, you know, these are the hash tags that are being blocked that are associated with those tweets.

MARK COLVIN: Okay but just describe what might happen. If, for instance, you’re a tweeter in Syria and you say something about the government, Twitter may have to block that but it may well still be visible here in Australia or in America. Is that right?

NATE COCHRANE: Indeed and in fact there was some analysis that I saw that came out of the Iran situation where people were tweeting about what was happening there that many of the connectors, many of the people who were being re-tweeted the most, actually weren’t even in Iran at the time.

So they were picking up tweets that were happening inside Iran and then refreshing that and reflecting that to all of their audience so none of that will be affected by this. Where we get into a bit of an issue is…

MARK COLVIN: But you’re saying that you could envisage a system where everyone would be able to see a box that says, “The Syrian government has censored 100,000 tweets this week.”

NATE COCHRANE: Exactly and that’s what I would like to see and I’d like to see groups such as Reporters San Frontiers, which recently just released its list of the country’s with list of free speech countries, actually integrate that into their methodology and if you get you know more than a certain number of these ban requests you get knocked down the list.

MARK COLVIN: Alright now what about Facebook? What is this new Timeline?

NATE COCHRANE: I confess I actually don’t use the Timeline. I’ve seen it used on other people’s Facebooks. I think what you’ve got to…

MARK COLVIN: Did you have to take a deliberate decision not to use it?

NATE COCHRANE: I had to make a deliberate decision not to use it. And some people use it and they like it. I think what you’ve got to understand is that…

MARK COLVIN: Should it be the default setting?

NATE COCHRANE: I definitely don’t think so and I think the problem with Facebook is it keeps changing its default settings. Every day I’m virtually going onto Facebook trying to work out what’s changed.

And it’s not just Facebook, it’s LinkedIn. I found out something about LinkedIn today that I didn’t know and I’ve been using LinkedIn since day zero and I found out that they can use my name and photo to advertise services to other people.

Now as a journalist I have a problem with that and I’ve been using it since the day dot and it was news to me.

MARK COLVIN: I looked at the video with which Facebook is advertising Timeline this afternoon and you know I’m an old geezer, the way it struck me; it looked like The Truman Show. It looked like your whole life is there just laid out for everybody to see.

Presumably there’s a generational thing; some people don’t mind that.

NATE COCHRANE: They may not mind it now but they might mind it in 20 years or so when they’re standing for political office or you know they want to become CEO of a company.

I think in a way we have a much more transparent society than we ever did have and that has benefits and disadvantages. I think it’s really up to each individual to educate themselves about how they’re publishing.

MARK COLVIN: But as it is, if you don’t change your status, if you don’t change your settings rather, all the sort of drunken parties you were at 10 years ago could be there for everyone to see?

NATE COCHRANE: I’ve been online since about 1987 in one form or another so people can Google me, “Nate Cochrane” or “Nathan Cochrane” and you will find out pretty much everything there is to know about me.

But I have a central policy; if I didn’t want my parents to know about it or my best friends to know about it, I simply don’t say it online.

MARK COLVIN: Nate Cochrane, former editor of a number of IT magazines, now a freelance contributing to outlets including the Sydney Morning Herald.

In the spring of 2010, thousands of online customers clicked on the terms of service at Gamestation.co.uk and unwittingly sold their souls.

As an April Fool’s prank, the British gaming retailer slipped an “immortal soul clause” into its licence agreement, knowing full well that nobody looks at them.

“People don’t read privacy policies,” said Nick Bicanic, founder of Echoecho, a Los Angeles location app with baked in privacy features, last week. “Like nobody.”

f participants read these sorts of agreements “often and thoroughly”.

That puts everyone in a privacy quandary. It means consumers don’t really know how much personal information they’re giving up and how it might be used. It calls into question the informed consent rational for our primarily self-regulatory approach to online privacy in the United States. And it undermines the argument the industry has used to wash its hands of further responsibility: Hey we told users what we were doing.

But informing just isn’t informing when no on reads it – especially if you know no one reads it.

And let’s just get this out the way: People don’t ignore these policies because they’re lazy. People ignore them because they couldn’t possibly read all the terms they come across. It would take the average consumer more than 300 hours to read the privacy policy at the websites they visit each year, according to the high-end estimates of a 2008 study published in the technology policy journal I/S. That’s seven and-a-half standard work weeks.

The other wrinkle is that most people think the very existence of privacy disclosures means the company is operating in a responsible manner, as the Berkeley survey noted.

“When consumers see the term ‘privacy policy,’ they believe that their privacy will be protected in specific ways,” it said. “Of course, this is not the case.”

So where does this leave us?

If we choose to be honest about how human beings really behave, we’re left with a few options. First, we can place greater restrictions on how companies collect and use personal data. There are plenty of privacy advocates who argue it this way, and it should happen anyway to a certain extent.

But any such rules need to be carefully balanced against the risks of discouraging or hampering the creation of new technological tools – a point that’s easier to state in a newspaper column than it is to lay down in legal language.

The other option is to come up with improved ways of providing notice.

We’ve seen some of this already. Regulators around the world have been pushing companies to create simpler, more transparent disclosures. Citing those very directives, Google last week announced that it was consolidating the privacy policies of 60 products into a single, clearer document.

One certainly beats dozens and plain English trumps legalese. But it’ll make little difference for the vast majority of consumers.

“They’re still not going to read it,” said Jules Polonetsky, director of the Future of Privacy Forum, a Washington-based think tank.

He added that posting broad privacy policies is still important, even if consumers don’t read them. It forces companies to carefully consider how they use information, provides standards that regulators can hold them to and allows privacy wonks and tech writers to read and highlight the critical points.

But a better model for getting the message out is one developing around behavioural advertising, based on federal and industry self-regulation guidelines, Polonetsky said.

In early 2010, for instance, a group of industry and privacy groups, including the Future of Privacy Forum and TRUSTe of San Francisco, introduced a privacy label that indicates the use of targeted advertising in a more obvious way than some buried policy line.

Websites can post it to signal in a consistent way that information is being collected. Users can also click on the widget to find out more information or change their privacy settings.

One wonders, however, how the proliferation of such labels and their small, friendly appearance affects how consumers perceive the message. They can seem like stamps of approval rather than warnings, in the same way that the mere existence of broad privacy policies can.

Ryan Calo, director for privacy at Stanford’s Center for Internet and Society, offers another model for informing consumers that he calls “visceral” notice.

This approach takes advantage of technology we’re familiar with or our anthropomorphic responses to warn people about how technology is working. It’s the tech equivalent of using rumble strips instead of a “road narrows” sign, he wrote in a recent paper for Notre Dame Law Review.

For instance, laws have been proposed that would require mobile phone cameras to include a shutter-like clicking sound, so people are aware when they’ve been photographed. Another example would be to add the image of a face to a website that’s monitoring your behaviour.

The paper noted that studies have shown people are more likely to pay for coffee available on the honour system when there was a nearby picture of a set of eyes. Calo suggests the appearance of an avatar when third-party advertisers are monitoring a person’s behaviour online could make users similarly self-conscious.

They might avoid such sites, opt out of the tracking or reconsider their online actions. Or they might do nothing at all. But it would seem, at least, they’re making something closer to an informed choice.

“Experience as a form of privacy disclosure is worthy of further study before we give in to calls to abandon notice,” Calo said.

• Section 28B provides the Australian Information Commissioner with the power to investigate an act or practice that may be an interference with the privacy of an individual under subsection 157(4) of the PPS Act (which relates to notice requirements) or 173(2) of the PPS Act (which relates to the prohibition on unauthorised searches of the PPS Register, or use of the personal information obtained as a result of an unauthorised search).  These interference with privacy provisions cover any entity or individual whether or not they are otherwise subject to the Privacy Act.

• Section 49A, which  states that an investigation under s 40 of the Privacy Act is to cease if the civil penalty provision under the PPS Act may have been contravened.

The problem arising out of Google and Facebook’s (see Sorry, friends) approach to privacy is that there is no real commitment to a right to privacy.  That is fine as long as there are regulations to force compliance.  The problem in America and, to a lesser degree, Australia is that the regulations are weak and often anaemically enforced.  Until there is an egregious breach, in which case there is a flurry of activity.  Until the next breach.  This stop start approach to an ongoing issue makes for poor policy and worse practice.

The Economist has undertaken a very useful analysis of privacy regulation throughout the world in Private data, public rules.

FACTS

Jones and Tsige worked at different branches of the Bank of Montreal (“BMO”). Jones maintained her primary bank account there.  While Jones and Tsige did not know or work with each other Tsige was involved in a relationship with Jones’ former husband. For about four years, Tsige used her workplace computer to access Jones’ personal BMO bank accounts at least 174 times. The information displayed included transactions details, as well as personal information such as date of birth, marital status and address.        Jones became suspicious that Tsige was accessing her account and complained to BMO. When confronted by BMO, Tsige admitted that she had looked at Jones’ banking information, that she had no legitimate reason for viewing the information and that she understood it was contrary to BMO’s Code of Business Conduct and Ethics and her professional responsibility. Tsige explained then and maintained that she was involved in a financial dispute with Jone ’s former husband and accessed the accounts to confirm whether he was paying child support. Jones does not accept that explanation, saying it is inconsistent with the timing and frequency of Tsige’s enquiries ([4] – [5]).

Jones alleged  that her privacy interest in her confidential banking information has been “irreversibly destroyed” and claims damages of $70,000 for invasion of privacy and breach of fiduciary duty, and punitive and exemplary damages of $20,000.

Jones moved for summary judgment and Tsige brought a cross-motion for summary judgment to dismiss the action [8]. On application the judge found that Tsige did not owe Jones a fiduciary obligation and dismissed that claim [9] and, inter alia, that given the existence of privacy legislation protecting certain rights, any expansion of those rights should be dealt with by statute rather than common law  (see [12] – [13]).

DECISION

At [15] – [18]  the Court considered the genesis of the tort of privacy, in particular the articles of S.D. Warren & L.D. Brandeis, “The Right to Privacy” (1890) 4 Harv. L. R. 193 and William L. Prosser, “Privacy” (1960), 48 Cal. L. R. 383. The four-tort catalogue set out by Prosser was:

1.      Intrusion upon the plaintiff’s seclusion or solitude, or into his private affairs.

2.      Public disclosure of embarrassing private facts about the plaintiff.

3.      Publicity which places the plaintiff in a false light in the public eye.

4.      Appropriation, for the defendant’s advantage, of the plaintiff’s name or likeness.

This classification has been adopted by the Restatement (Second) of Torts (2010) [19] and the court said that the tort that is most relevant to this case, the tort of “intrusion upon seclusion”, is described by the Restatement, at § 652B as:

One who intentionally intrudes, physically or otherwise, upon the seclusion of another or his private affairs or concerns, is subject to liability to the other for invasion of his privacy, if the invasion would be highly offensive to a reasonable person.

A [20] the court stated:

Of particular relevance to this appeal, is the observation that other non-physical forms of investigation or examination into private concerns may be actionable. These include opening private and personal mail or examining a private bank account, “even though there is no publication or other use of any kind” of the information obtained.

The court undertook an analysis of Ontario case law at [25] – [32], provincial case law [33] – [38], Charter jurisprudence [39] – [46] (which recognises privacy rights), Canadian legislation [47] – [54], none of which explicitly recognises an invasion of privacy.

The court reviewed US jurisprudence at [55] – [60] with the elements for intrusion upon seclusion being:

1.   an unauthorized intrusion;

2.   that the intrusion was highly offensive to the reasonable person;

3.   the matter intruded upon was private; and,

4.   the intrusion caused anguish and suffering.

• The first element focuses on the act of intrusion, as opposed to dissemination or publication of information and  “the type of interest involved and not the place where the invasion occurs”: Evans v. Detlefsen, 857 F(2d) 330 at 338 (6th Cir. 1988).

• the second element, factors to be considered in determining whether a particular action is highly offensive include the degree of intrusion, the context, conduct and circumstances of the intrusion, the tortfeasor’s motives and objectives and the expectations of those whose privacy is invaded: see J.D. Lee & Barry A. Lindahl, Modern Tort Law: Liability & Litigation, 2d ed., looseleaf (Thomson West, 2002) at § 48:6.

• the third element, the plaintiff must establish that the expectation of seclusion or solitude was objectively reasonable. The courts have adopted the two-prong test used in the application of the Fourth Amendment of the United States Constitution. The first step is demonstrating an actual subjective expectation of privacy, and the second step asks if that expectation is objectively reasonable: Katz v. United States, 389 U.S. 347 at 361 (1967).

• The fourth element is generally presumed once the first three elements have been established.

At [61] – [62]  the court reviewed the UK decisions, most recently Mosely v. News Group Newspapers Ltd. [2008] EWHC 1777 (Q.B.) which found at para. 7:

“[t]he law now affords protection to information in respect of which there is a reasonable expectation of privacy, even in circumstances where there is no pre-existing relationship giving rise of itself to an enforceable duty of confidence.”

At [63] the court reviewed the limited developments in privacy jurisprudence in Australia with Lenah Game Meats Pty Ltd v. Australian Broadcasting Corp., [2001] H.C.A. 63, where the High Court of Australia expressly left the door open to the recognition of a common law right to privacy despite earlier authority to the contrary. The court also considered the Queensland District Court decision in  Grosse v. Purvis, [2003] Q.D.C. 151, Aust. Torts Reports 81-706,  where the elements for the tort were found to be:

1.      a willed act by the defendant;

2.      which intrudes upon the privacy or seclusion of the plaintiff;

3.      in a manner which would be considered highly offensive to a reasonable person of ordinary sensibilities; and

4.      which causes the plaintiff detriment in the form of mental, psychological or emotional harm or distress or which prevents or hinders the plaintiff from doing an act which she is lawfully entitled to do.

At [64] the court considered the New Zealand decision of Hosking v. Runting, [2004] NZCA 34 where the New Zealand Court of Appeal recognized a common law tort of breach of privacy that is separate and distinct from the tort of breach of confidence where the elements of the tort are:

1. the existence of facts in respect of which there is a reasonable expectation of privacy; and

2. the publicity given to those private facts must be considered highly offensive to an objective reasonable person.

At [65] the court found there was a privacy action saying:

“In my view, it is appropriate for this court to confirm the existence of a right of action for intrusion upon seclusion. Recognition of such a cause of action would amountto an incremental step that is consistent with the role of this court to develop the common law in a manner consistent with the changing needs of society.”

At [66] – [69] the court underwent a detailed discussion supporting such a tort in Canada.

The court adopted as the elements of the action for intrusion upon seclusion the Restatement (Second) of Torts (2010) [70] and at [71] stated:

The key features of this cause of action are, first, that the defendant’s conduct must be intentional, within which I would include reckless; second that the defendant must have invaded, without lawful justification, the plaintiff’s private affairs or concerns; and third, that a reasonable person would regard the invasion as highly offensive causing distress, humiliation or anguish. However, proof of harm to a recognized economic interest is not an element of the cause of action. I return below to the question of damages, but state here that I believe it important to emphasize that given the intangible nature of the interest protected, damages for intrusion upon seclusion will ordinarily be measured by a modest conventional sum.

At [72] the court stressed that recognizing this cause of action would not open the floodgates because:

A claim for intrusion upon seclusion will arise only for deliberate and significant invasions of personal privacy. Claims from individuals who are sensitive or unusually concerned about their privacy are excluded: it is only intrusions into matters such as one’s financial or health records, sexual practices and orientation, employment, diary or private correspondence that, viewed objectively on the reasonable person standard, can be described as highly offensive.

At [73] the court stressed that claims for the protection of privacy may give rise to competing claims, especially the protection of freedom of expression and freedom of the press and that no right to privacy is absolute and many claims for the protection of privacy will have to be reconciled with, and even yield to, such competing claims.

On the question of damages the court stated that proof of actual loss is not an element of the cause of action for intrusion upon seclusion [74].  At [77] – [86] the court reviewed the principals of damages, including aggravated and exemplary damages.

In this case the court found that damages for intrusion upon seclusion in cases where the plaintiff has suffered no pecuniary loss should be modest but sufficient to mark the wrong that has been done. In this case in the range at up to $20,000. The factors which provide a useful guide to assist in determining where in the range the case are [87]:

1.   the nature, incidence and occasion of the defendant’s wrongful act;

2.   the effect of the wrong on the plaintiff’s health, welfare, social, business or financial position;

3.   any relationship, whether domestic or otherwise, between the parties;

4.   any distress, annoyance or embarrassment suffered by the plaintiff arising from the wrong; and

5.   the conduct of the parties, both before and after the wrong, including any apology or offer of amends made by the defendant.

In reviewing the behaviour of Tsige in the context of damages the court stated at [89]:

It is my view that in this case, Tsige committed the tort of intrusion upon seclusion when she repeatedly examined the private bank records of Jones. These acts satisfy the elements laid out above: the intrusion was intentional, it amounted to an unlawful invasion of Jones’ private affairs, it would be viewed as highly offensive to the reasonable person and caused distress, humiliation or anguish.

and, at [90]:

In determining damages, there are a number of factors to consider.  Favouring a higher award is the fact that Tsige’s actions were deliberate and repeated and arose from a complex web of domestic arrangements likely to provoke strong feelings and animosity. Jones was understandably very upset by the intrusion into her private financial affairs. On the other hand, Jones suffered no public embarrassment or harm to her health, welfare, social, business or financial position and Tsige has apologized for her conduct and made genuine attempts to make amends. On balance, I would place this case at the mid-point of the range I have identified and award damages in the amount of $10,000. Tsige’s intrusion upon Jones’ seclusion, this case does not, in my view, exhibit any exceptional quality calling for an award of aggravated or punitive damages.

ISSUES

This is a particularly useful decision handed down in the shadow of the government response to a discussion paper on whether to legislate a tort of invasion of privacy.  The ultimate rationale for recognising a common law right is grounded on a broad consideration of the developments in other jurisdictions as well as the need to deal with the changing circumstances.  It is a very thoughtful decision and will no doubt be considered in future jurisprudential discussions.

The article provides:

A popular “meat-market” smartphone app that spawned a sexual revolution in Australia’s gay community has been compromised by a Sydney hacker, potentially exposing intimate personal chats, explicit photos and private information of users.

The location-aware Grindr app enables gay men to meet other gay men who may be just metres away, making use of their smartphone’s Global Positioning System (GPS). It had about 100,000 Australian users as of August last year and more than one million users worldwide.

Now a hacker has pushed the app developer into a security crisis that has left its users seriously vulnerable considering the vast amounts of private information traded through the app – in many cases naked photos.

The hacker discovered a way to log in as another user, impersonate that user, chat and send photos on their behalf.

The vulnerabilities are also present in Blendr, the straight version of the app, according to a security expert who said both apps had “no real security” and were “poorly designed”. Fairfax Media is not aware that Blendr has been hacked but the potential was there, according to the security expert.

The founder of the apps, Joel Simkhai, conceded both were vulnerable and he was rushing to release a patch to address the issues. He said he had originally been waiting until new architecture was built “within weeks” but was now releasing an update to both apps “over the next few days”.

In a telephone interview about the vulnerabilities last Friday he said it was news to him about the potential for text chats to be monitored and claimed the company had never experienced a “major breach” in which a large portion of users were affected.

“We [do] get people trying to hack into our servers,” he said. “That’s something that I am aware of and we certainly have a team in place that are working to prevent that.”

But by Tuesday Mr Simkhai admitted that he was “aware of some vulnerabilities” but he would not talk about them in detail to avoid a hacker exploiting them.

“We are certainly aware of a lot of these vulnerabilities and … they will be fixed as fast as humanly possible,” he said.

He could not say how many people had attempted to take advantage of the vulnerabilities but said a website created by the hacker had exploited some of the flaws in Grindr. That website was shut down after Friday’s interview with Fairfax Media after he sought legal action.

The website, registered on July 14 last year, allowed the hacker to search for any Grindr user regardless of their location, and capitalised on the vulnerabilities to offer other services not designed by the apps.

Material seen by this website suggests that a number of Australian users had their Twitter profiles linked to Grindr profiles on the web page, making it easier to find users.

At one point, according to sources who saw the website before it was taken down, it listed users’ Grindr pseudonyms, passwords, their personal favourites (bookmarked friends) and allowed them to be impersonated, and thus have messages sent and received without their knowledge. At one point, the website also allowed users’ profile pictures to be replaced.

It is understood the hacker changed the profile picture of numerous Sydney Grindr users to explicit images. One user who was targeted confirmed they had been banned due to a perceived terms of service violation.

It is understood the hacker took advantage of the fact the apps used a personalised string of numbers known as a hash, instead of a user name and password, to log in. The hash is exchanged between users’ smartphones so they can communicate with each other but the hacker discovered it could be replaced with another users’ hash to enable the hacker to:

- Log in as any user
- See the user’s favourites
- Change their profile information and profile picture
- Talk to others as the user
- Access pictures sent to the user
- Impersonate a user’s “favourite” and talk to them as a friend

A security expert – who did not wish to be named because he didn’t have Mr Simkhai’s permission to analyse his systems – said that the Grindr and Blendr apps “had no real security”.

They are “very poorly designed … [with] poor session security and authentication”, the expert said.  ”It wouldn’t be too hard to secure this.”

The security expert demonstrated with permission of a user how he could log in as them and take over the app.

In a statement Mr Simkhai said keeping his platform secure from hackers was a “number one priority”.

Using technological means and legal actions his company had “blocked the offending website and hacker”.

“We are diligently monitoring for hacking and we’ve added dedicated IT security specialists to our team,” he said. “In the coming weeks, we’ll be rolling out a major security upgrade to our platform.”

He maintained conversations on the app could not be monitored. “Not only can chat not be monitored, but since we don’t store chat history on our servers there is no way anyone can access all past chat history.”

If users are concerned about their security they can permanently delete their Grindr profile following a number of steps on the company’s website, which involves Grindr manually deleting it through a support request.

The story provides:

The facts in Giller v Procopets and what Mr Trevail did are analogous. In Giller all the parties knew a video was being made.  Here Trevail’s former partner did not know that a video was being made.  She may have vaguely suspected.

Under the principles in Giller a breach of privacy in this situation may be sustainable.  There was a relationship of confidence and it was breached.  As the law currently stands it is one of the few fact situations where a claim for a breach of privacy is enforceable.  If there was a stand alone tort of privacy the issue would not be establishing a duty of confidence then determining whether there is a breach and then establishing damages.

Of course Trevail’s problems are a little greater than a breach of confidence action.  There may be a claim

FACTS

As with all determinations and case notes the facts are, at best, sketchy.  The complainant attempted to access personal information held by a telecommunication company, which they believed included correspondence to a law enforcement agency. The telecommunication company relied on its internal privacy policy and denied access. The telecommunication company quoted exceptions under NPP 6.

The relevant exceptions are 6.1 and 6.7

NPP 6.1(j) permits an organisation to deny access to an individual when this would prejudice activities being carried out by, or on behalf of, an enforcement body. These activities include the prevention, detection, investigation, prosecution or punishment of criminal offences, breaches of a law imposing a penalty or sanction or breaches of a prescribed law.

NPP 6.7 requires an organisation to give an individual its reasons for denying access or refusing to correct personal information.

DECISION

The telecommunication company in relying on NPP 6.1(j) to deny the complainant access  claimed access would reveal strategy and procedures employed in law enforcement.

The Commissioner found that the telecommunication company could rely on the NPP 6.1(j) exception. It was not obligated to reveal whether it possessed records from a law enforcement agency, as such actions would prejudice the law enforcement activities of the agency. The Commissioner considered if law enforcement processes were revealed to the complainant this would prejudice activities carried out by the enforcement body.

Facts

The appellant (Fiorelli) engaged the first respondent (Professional Fence Makers) to build a fence and its property. Under the terms of an agreement the price was $47,300; being a deposit of $17,300, a first instalment of $15,000 and a final instalment of $15,000.  At the time the parties entered into the agreement there was a lack of detail about the the characteristics of the gate, in particular the means by which it would move. This became a significant matter in issue. Fiorelli, through its director, telephoned the second respondent and said that Fiorelli had engaged another company to supply and install the fence and gates and would not require the assistance of Professional Fence Makers. Fiorelli sought repayment of the deposit and return a steel plates it had provided Professional Fence Makers and ultimately it sued Professional Fence Makers for the deposit.  At trial the Magistrate found that there was the wrongful repudiation of the agreement by Fiorelli, that Professional Fence Makers accepted that repudiation and that Professional Fence Makers was entitled to retain the deposit.

Fiorelli appealed but only took issue with the Magistrate’s finding that Professional Fence Makers was not required to repay the deposit. Fiorelli contended that Professional Fence Makers was required to remit the balance of the deposit less  the amount spent by Professional Fence Makers purchasing materials .

Issue

Fiorelli’s counsel submitted that a vendor is entitled to forfeit a deposit involving a contract of sale where there is rescission by the purchaser but only in relation to contracts for the sale of real property, [17]. Alternatively, if as a matter of law Professional Fence Makers was entitled to retain the deposit, equity would assist Fiorelli to recover the amount consisting the sum of the deposit less the loss incurred by Professional Fence Makers due to the repudiation, [18]. Because  the deposit was more than one third of the contract sum and that was substantially in excess the amount is required to secure compliance with the contract Fiorelli submitted it was penal in nature. As such it would be unconscionable for Professional Fence Makers to retain the whole of the deposit, [20].

Kaye J considered the authorities regarding the functions of a deposit, in particular Howie v Smith, and stated, at [31]:

In any contract, a deposit constitutes an earnest, to bind the bargain, and a guarantee of due performance, of the contract, by the payee. Those two functions, of a deposit, have been long entrenched in contract law. Indeed, as Fry LJ explained in Howe v Smith the practice of giving something to signify the conclusion of a contract is one of great antiquity, deriving originally from Roman law, and which passed into the early jurisprudence of England. That practice was not confined to contracts for the sale of real property, but, it would seem, was common to all forms of contracts.

His Honour also considered the issue in the context of Baltic shipping company v Dillon, [37], where the High Court compared the operation of and drew the distinction between a deposit and part payments. Mason CJ in that decision stated that one of the distinctions between deposits and a part payment is that the deposit is forfeited if the plaintiff does not perform the contract.

Fiorelli sought relief in equity on appeal but did not make a claim in equity in pleadings or arguments at trial. Kaye J highlighted the first, and fatal, difficulty with this approach was that section 109 of the Magistrates Court Act requires that an appeal is  brought on the question of law. Fiorelli submitted that had the issue been raised before the Magistrate she would have been obliged to find in its favour, [43]. His Honour found that the magistrate made a decision strictly on the principles of law but now raising an alternate, different claim in equity does not constitute an error of law and precludes it being raised on appeal, see [44] - [47].

Notwithstanding that finding Kaye J went further and noted that, as a general principle,  a party is not entitled, on appeal, to raise a point which is not taken at trial unless it could not possibly have been met by further evidence adduced [48]. At [49] – [50] Kaye J considered that to raise a viable equitable claim at trial there would have have been further evidence led.

At 49ff is Honour considered whether the equitable principles relied upon by Fiorelli were sustainable, in particular whether Denning LJ’s decision in Stockloser v Johnson was good law in Australia.  In Stockloser Court of Appeal held that for equitable principles to be engaged the forfeiture clause must be of a penal nature and it must be unconscionable for the party to whom the deposit was paid to retain it. His Honour considered that even if the Court of Appeal’s decision in Stockloser was applicable there is some doubt that it would apply to a deposit, [55].  At [56] – [61] His Honour considered treatment of Stockloser in Australia, which is at best at a equivocal.

Issue

Kaye J undertook a very useful analysis of principles relating to deposits and forfeiture in the event of a breach of contract. The court made it very clear that grounds of appeal from the Magistrates Court are limited to questions of law. That precludes raising and arguing points on appeal not considered at trial. Pleadings remain important in the Magistrates Court. In this case equity,  available as an alternative to the statutory and common law claim, should have been pleaded. But as his Honour noted, when pleading an alternate cause of action it is vital to to consider what further evidence is required. His Honour pointed out very clearly that to establish the penal nature of a clause and/or its unconscionability so as to sustain a claim in equity required more than simply arguing that the principles apply.

It says:

The New York Time’s Nick Bilton announced recently that “privacy is on its deathbed”. This prediction was prompted by the “creepy” ease with which he hunted down the identity of a girl with not much more than his internet connection, the girl’s first name, a few photos, and a Facebook friend list. In stunned awe of his success at aggregating fragments of data and assembling a profile of the girl, he concluded by citing Federal Trade Commission advice: delete your Facebook account; protect your data. To that, Bilton added the following challenge: “Which one of us is going to do that?”

Yet what may surprise Bilton and others arguing that privacy is in terminal decline is the fact that many of us already guard our privacy online. For example, the results of an Asia Pacific Privacy Authority social media survey released last month revealed that most of us know how to use a site’s privacy settings. In fact, nine out of ten of us have actually changed a site’s privacy settings. Most of us only share information with people we know and only a few of us are concerned about how our information might be used by third parties. Were our information to be used in a way we had not expected, almost half of us would react rationally and deliberate whether to continue or to stop using the site altogether, before doing anything rash such as immediately deleting a Facebook account.

We would no more retreat from Facebook than we would from family and friends on the basis that we might be subject to gossip.

While emerging technologies have radically increased the speed ease, magnitude, and ability to harvest and share personal information, consider what levels of control this technology offers.

Once we are tagged in a photo on Facebook, we are immediately alerted to the fact and, once alerted, we have a couple of choices — not ideal, but near enough. One, we can refuse the tag. Two, we can ask the person to remove the photograph.

What is evident here is that we are exercising a choice: whether to refuse to share information about ourselves or whether we would rather participate in the network, so to speak. We already share information with others, it’s called socialising, and we don’t undertake a risk analysis every time we open our mouths.

A perfect state of privacy is impossible. It is not only impossible; it is undesirable. We want to live in world in which we can share our lives with other well-meaning family members, friends, acquaintances, colleagues, fellow hobbyists, and so on. We are social beings, and participating in social networks (online and off) is part of what makes our lives meaningful.

In order to enrich our social experience, we consensually share much of our personal information. We do this even when we do not fully understand what happens to our information. We do this even when we risk third-party access to our data.

But this does not mean that privacy is dead. This type of exhortation has been made every time innovations have forced us to reassess our society.

Newspapers in the 1890s brought society gossip and photos to the masses; in the 1970s came database technologies; and, of course, now the internet.

Over the years, when a new challenge threatens our privacy, we respond with an examination of the ethical and legal implications. We make moral demands.

We legislate measures that will ensure our rights are protected. Sometimes we do this only after we have already been harmed — the technology evolves so quickly, and it is difficult to keep up. Despite the difficulties, however, we ought never retreat in fear, and those who write to inform us should never use their media muscle to inflame that fear. Who are the likes of Bilton trying to scare?

If it isn’t fear then it is apathy. Not that Facebook founder Mark Zuckerberg was right when he proclaimed that we don’t care about privacy at all; that it’s no longer the “social norm”. While we may have redrawn the boundaries between the private and public spheres, and, yes, while it is also hard to define exactly what we mean by privacy these days, the concept of privacy does still matter.

More than that, privacy lives on because, without it, we could be unable to live as we do today. According to late 20th-century contemporary theorists such as James Rachels, Ruth Gavison, and Jean L. Cohen, privacy is still important to us. It gives us a sense of autonomy and freedom when we are able to control what others can come to know about us. It preserves our human dignity and sustains intimacy and variety in our relationships: allowing us to share share certain information which confers intimacy. Imagine trying to maintain a diversity of relationships if everyone had equal access to the most intimate details of our lives.

But everyone involved needs to take responsibility: Facebook ought to see us users as autonomous and rational creatures who like to be kept in the loop; Facebook users ought to respect the information shared and be mutually committed to presenting our best selves online; and third-parties ought to take care with the information we offer them in trust. Finally, an independent party ought to keep a watchful, though not censorial, eye over us all and make sure that our best interests are always protected, without, of course, restricting our freedom.