Last week was the scheduled final sitting week of this Parliament.  It is due to be prorogued in either August or September.

As such any bills not passed by both Houses of Parliament will lapse.  That seems to be the fate of the Privacy Amendment (Privacy Alerts) Bill 3023.  The political drama took effect upon the legislative schedule.

It will be for the next Parliament to introduce this Bill or a facsimile of it.  If it is so minded to do.  A new Parliament is a legislative Tabula Rasa.

Data storage the cloud in is ubiquitous.  Proper protection of that data is less so.

According to research (see report here)conducted by the Ponemon Institute,based on a survey of 4,205 business and IT managers in the US, UK, Germany, France, Australia, Japan and Brazil, 53% of businesses transfer sensitive or confidential data to the cloud.

The Victorian Court of Appeal in Lysaght Building Solutions Pty Ltd v Blanalko Pty Ltd [2013] VSCA 158 considered the test for summary judgment under section 63 of the Civil Procedure Act 2010.

At [35] the Majority (Warren CJ and Nettle JA) stated the test as:

a) the test for summary judgment under s 63 of the Civil Procedure Act 2010 is Read the rest of this entry »

The Senate Standing Committees on Legal and Constitutional Affairs has reported on the Privacy Amendment (Privacy Alerts) Bill 2013.  The Committee endorsed the Bill.

The report relevantly provides (absent footnotes, introduction and appendices)

RECOMMENDATION
Recommendation 1
2.30 The committee recommends that the Senate pass the Bill.

CHAPTER 1
INTRODUCTION
1.1 On 29 May 2013, the Privacy Amendment (Privacy Alerts) Bill 2013 (Bill) was introduced into the House of Representatives by the Attorney-General, the Hon. Mark Dreyfus QC MP.1 On 17 June 2013, the Bill was introduced into the Senate and was referred on 18 June 2013 to the Legal and Constitutional Affairs Legislation Committee (committee) for inquiry and report by 24 June 2013.
Background to the Bill
1.2 In his second reading speech, the Attorney-General Read the rest of this entry »

The Parliamentary Library has prepared a Bills Digest on the Privacy Amendment (Privacy Alerts) Bill 2013.  It is found here.

As usual it is an excellent resource. It provides:

Structure of the Bill

The Bill contains one Schedule of amendments to the Privacy Act. The main amendment in Schedule 1 is item 4 which inserts a new Part IIIC, titled ‘Data breach notification’, into the Privacy Act following existing Part IIIB. This new Part contains the substantive elements of the mandatory data breach notification provisions, which apply to entities that are regulated by the Privacy Act.

The new Part IIIC is divided into three Divisions. Broadly, the first Division sets out when a ‘serious data breach’ will have occurred, the second Division contains obligations for entities to notify of that serious data breach, subject to certain exceptions. The third Division concerns general matters including relevant definitions specific to Part IIIC and application provisions.

Background

Data breach notifications

As the Explanatory Memorandum notes, mandatory data breach notification commonly refers to:

… a legal requirement to provide notice to affected persons and the relevant regulator when certain types of personal information are accessed, obtained, used, disclosed, copied, or modified by unauthorised persons. Such unauthorised access may occur following a malicious breach of the secure storage and handling of that information (e.g. a hacker attack), an accidental loss (most commonly of IT equipment or hard copy documents), a negligent or improper disclosure of information, or otherwise.

Data breach notification is Read the rest of this entry »

The Committee has received 20 submissions to the Bill.  That is impressive given there was effectively 2 days from referral to cut off period to lodge submissions.

The submissions are:

Fundraising Institute Australia.

Opposed. It says, in part:

.. the Fundraising Institute Australia believes that insufficient consideration has been given to the effect which mandatory data breach notification would have on charities and not-for-profit organisations. Government decision­ makers seem unaware that fundraisers use extensive donor databases in the same way as business organisations do.

………

The additional burden and cost of Read the rest of this entry »

The Attorney General issued a media release announcing that at the next meeting of Attorneys General (and their equivalents) the Commonwealth will be pursuing uniform national protection for journalists and sources.

The press release provides:

LAW AND JUSTICE MINISTERS TO REVISIT JOURNALIST SHIELD LAWS

 Attorney-General Mark Dreyfus QC today announced that the Australian Government will pursue uniform national protection for journalists and their sources at the next Australian and state and territory law and justice ministers meeting.

“Recent court proceedings have highlighted the inadequacy of protections for journalists in some jurisdictions and lack of uniformity in laws across Australia,” Mr Dreyfus said.

“Journalists play Read the rest of this entry »

Today the Senate referred the Privacy Amendment (Privacy Alerts) Bill 2013 to the Senate Legal and Constitutional Affairs Committee today (the Committee’s  home page is found here).

The Committee is due to report next Monday, 24 June 2013.  Submissions to the Committee close at midday on 20 June 2013.

The Committee’s inquiry page (found here)  provides:

Privacy Amendment (Privacy Alerts) Bill 2013

Information about the Inquiry

On 18 June 2013 the Senate referred the Privacy Amendment (Privacy Alerts) Bill 2013 for inquiry and report.

The bill seeks to amend the Privacy Act 1988 (Cth) to introduce mandatory data breach notification provisions for Commonwealth government agencies and certain private sector organisations.

Submissions should be received by 20 June 2013. The reporting date is 24 June 2013.

The Committee is seeking Read the rest of this entry »

In Prest v Petrodel Resources 2013] UKSC 34 the UK Supreme Court considered when it was appropriate to pierce the corporate veil of companies. It is a very significant decision which may be influential in Australia.

 FACTS

The appeal relates to ancillary relief sought by the respondent following divorce proceedings.  The Appellant, the wife, sought recovery under the Matrimonial Causes Act or orders which would permit the court to pierce the corporate veil of a number of companies which were wholly owned and controlled by the the husband.  At first instance the trial judge found there was no general principle which entitled him to reach the companies assets by piercing the corporate veil [6].  The wife was unsuccessful on appeal to the Court of Appeal.

DECISION

The wife was successful on the basis, the court found, that the husband, and not the companies, had originally provided the funds for the properties in dispute to be bought.  Trust law principles were applied and the court found that the companies held the properties in trust for him.  As he was ‘entitled’ to them the court could transfer them to the wife.

While the Appellant was unsuccessful in her appeal seeking order to pierce the corporate veil  the judgment was most significant in its consideration of the principle as to when the corporate veil may be pierced and the limitations on the doctrine.

LORD SUMPTION

His Lordship commenced his analysis by discussing what piercing the corporate veil actually means and, critically, what it doesn’t mean. As to its meaning he said “..properly speaking, it means disregarding the separate personality of the company…” where “.. a person who owns and controls a company is said in certain circumstances to be identified with it in law by virtue of that ownership and control [16].” he drew a distinction between those circumstances and where the law attributes the acts or property of the company to those who control including:

1. where the controller Read the rest of this entry »

 In a unanimous decision the High Court in Kakavas v Crown Melbourne Limited [2013] HCA 25 rejected an appeal by Harry Kakavas against Crown Casino in equity.  The court undertook a detailed analysis of the principles of unconscionable conduct and special disadvantage.

FACTS

Kakavas submitted, at [6], that the principles of Amadio applied, particularly that “..whenever one party by reason of some condition or circumstance is placed at a special disadvantage vis-à-vis another and unfair or unconscientious advantage is then taken of the opportunity thereby created”. He also submitted that Crown had constructive notice of his special disadvantage [150].

Crown submitted:

1. that Kakavas’ abnormally strong urge to gamble was not a compulsion which deprived him of the ability to make a worthwhile choice whether or not to gamble, or to continue to gamble, with Crown or anyone else [11];
2. Crown’s employees did not knowingly exploit the appellant’s abnormal interest in gambling. Kakavas presented as a successful businessman able to afford to indulge himself in the high stakes gambling in which he chose to engage [11]
3. Kakavas suffered no compensable loss [12]

DECISION

 The court undertook a detailed overview of the principle of equitable fraud.  When the considering the principles of equity enunciated in Amadio their Honours stated:

“..the task of the courts is to determine whether the whole course of dealing between the parties has been such that, as between the parties, responsibility for the plaintiff’s loss should be ascribed to unconscientious conduct on the part of the defendant.”

When seeking equitable intervention their Honours stated the following:

1. the principle which the appellant invokes Read the rest of this entry »