Review of Privacy - Issues Paper

On behalf of the Council, I thank you for the opportunity to make a submission on this very important topic.

We will address each of the questions raised at the start of the paper. Where an issue is not specifically addressed we either have no comment or reserve comment until the Discussion Paper is released.

Question 1.1
The Council takes the view that privacy is fundamentally directed at protecting the interests of natural persons. We certainly see no reason to extend the concept to commercial entities.

As to extending it to protecting the rights of ethnic or indigenous groups, we would query whether or not the issues to be addressed here might not be better addressed in some other legislation. We have no final view on this and would reserve our comments till we see some concrete proposal.

Question 1.2
We note the comment in the discussion paper that this issue is being discussed by the New South Wales Law Reform Commission in its inquiry into this area. As we read it the ALRC intends to leave this issue to that body. Accordingly, we pass on.

Question 2.1
We note that New South Wales, Victoria and the Australian Capital Territory, all have legislation that regulates the handling of personal health information in the private sector. It is obviously undesirable that health service providers in those jurisdictions be required to comply with both federal and state or federal legislation.

On the other hand we would however oppose an arrangement by a federal government that prevented the states from improving on the Commonwealth’s minimum standards.

We do not subscribe to the present mania for uniformity across the Commonwealth. It is our view that federalism has a number of benefits including the capacity of the states to experiment with different approaches to problems, which may in the end result in better solutions being developed.

Question 3.1
No doubt the structure and clarity of the Privacy Act could be improved. Although it is important of course, to be wary when doing such things not to make changes which deprive people of their rights by changes of language.

Question 3.2
We acknowledge the commentary made about the name of the Act but express no particular view one way or another about what its name should be.

Question 3.3
We accept that appropriately expressed objects are a useful aid to the interpretation of legislation and if they can be agreed upon, should be included in the Privacy Act.

Question 3.4
We agree that the definition of personal information is too limited. In our view it would be preferable to adopt the definition of “personal data” contained the OECD guidelines which is “any information relating to an identified or identifiable individual. We would also agree that the reference in the Act to “records of personal information” is also too narrowing.

We would adopt the submission of the Australian Privacy Foundation to the Senate Legal and Constitutional Committee inquiry into the Privacy Act that the OECD definition should be extended to included an “ability to contact” test along the lines of “or information sufficient to allow communication with a person”.

Question 3.5
The basic question is whether or not the Privacy Act should extend to information about deceased persons. The writer has some sympathy for the traditional common law approach that a person’s right to privacy ceases on death. However at this stage I do not commit the Council to that position. But I would certainly agree that it should extend to health information, particularly genetic information about dead people.

Questions 4.1 - 4.5
In our view if there is any doubt that Privacy Principles 4, 5 and 11 do not apply, to unsolicited information, that doubt should be removed. It is clearly our view that unsolicited information should be subject to the requirements relating to a decision maker ensuring that it is accurate, that a person can have access to it, correct it and it can be used for relevant purposes only.

The next question raised is whether or not it is appropriate to impose an obligation on agencies to collect information only from the individual concerned.

We certainly agree that an obligation should be imposed on agencies to collect information to the greatest extent practical directly from the subject when the information may result in adverse determinations about an individual’s rights, benefits and privileges. Beyond that, we would have thought as discussed earlier, that the application of the other privacy principles to unsolicited information would deal with most other areas of concern.

The obligation to ensure that an individual is aware of the organisations to which information is usually disclosed should extend to all organisations to whom the information is normally disclosed.

There should be limits to the steps which an agency is required to take to meet the requirements of National Privacy Principles 1.3 and 1.5. We would be happy in that regard to limit those requirements to what is ‘reasonable’ in the circumstances.

Similarly, we would also think it better that the principles should provide that the collection of information should be limited to purposes that a reasonable person would think appropriate in the circumstances. It is our view that it is preferable that an individual is able to require the collector of the information to point to some objective standard rather than their own subjective opinion.

Questions 4.6 - 4.13
We note the submission made by the Australian Federal Police that there is reluctance by some organisations to provide personal information for law enforcement purposes due to ignorance of the fact that they are permitted to do so under the Privacy Principles. The AFP submitted that it should be empowered to issue a Notice to Produce in these circumstances.

The Council is opposed to providing police with the power to issue Notices to Produce to obtain personal information. It is our view that access to personal information for the purposes of investigating offences leading to a sanction should only be by judicial warrant. This is not to say that we object to the Privacy Principles in their present form. If there is any difficulty with convincing organisations that the Privacy Principles permit them to release information to the police then this should be the subject of an education campaign.

Whilst we think that the exceptions in the NPP are adequate we would have no objection to a further exception which allows the use or disclosure of personal information where the relevant body believes that it is necessary to prevent a serious and imminent threat to an individual’s welfare.

Whilst conscious of the cost issues the Council would adopt the view that agencies ought to be required to log the disclosure of sensitive information.

Bundled consent (i.e. the practice of bundling together consent to a wide range of uses and disclosures without giving an individual an opportunity to select those of which they disagree) raises difficult issues. It is certainly clear that this practice may in fact, deprive individuals of an opportunity to freely choose whether to consent or not. On the other hand, it must be accepted that a more extensive range of possibilities will have costs implications. In this regard, the Council would like to see draft guidelines prepared upon which it would be able to comment.

Direct Marketing
The writer has some sympathy for the view of Ruth Gavison that unsolicited mail and telephone calls do not raise privacy issues themselves. It is the exchange and sale of mailing lists which is more troublesome. We would certainly take the view that the right to privacy involves the right to access to a mailing list to have your name removed from it. In some respects, the writer would have sympathy with the view that the problem of unsolicited mail, telephone and email etc should be the subject of separate legislation.

Research
Proposals for the principles to be amended to allow the disclosure of non health information for research purposes presumably involves the disclosure of identifying information. Obviously there is no objection to the disclosure of de-identified data.

We would support disclosure of non-health information for research purposes which meet the following criteria:

1. it is for statistical or scholarly study or research;
2. the purposes can not be achieved without using or disclosing this information;
3. it is impractical to obtain consent from the individual;
4. in the case of the disclosure, the organisation reasonably believes the recipient of the information is not likely to disclose it;
5. there is approval from the Privacy Commissioner.

Unjust Enrichment
One of the common misconceptions of privacy is that it is designed to permit people to evade the law. This is a misconception which should not be countenanced. Particularly, in our view privacy should not be permitted to allow people who have been mistakenly paid monies to avoid having to repay those monies to their rightful owner. It may be possible under certain court rules for the aggrieved person to obtain an order for the disclosure of the information from the Court. However, in many cases, that might be an uneconomical remedy and it would be better if the aggrieved person can rely upon an exemption of the principles to obtain access to the necessary information.

Due Diligence
We are not sure whether on a flexible and pragmatic approach to the privacy principles that due diligence actually raises serious privacy issues. However, if it is a serious concern, then a relevant amendment should be made. Similarly, one would have thought that a flexible and pragmatic approach to the application of the principles would not result in them being read as preventing disclosure for the purposes of an alternative dispute resolution process particularly in the course of litigation. However, once again, if there is any doubt about the issue the public interest in facilitating the speedy and efficient resolution of disputes would justify a clarifying amendment to the principles.

Questions 4.14 – 4.16
The Council agrees that the information privacy principles should be amended so that the data quality principle applies to their disclosure along the lines of the US Privacy Legislation and the National Privacy Principles.

Similarly, we think that it is important, that information be relevant. The National Privacy Principle 3 should be amended to include this requirement.

We certainly agree that the data quality principle should not be used to justify intruding upon an individual’s privacy. We would have thought that the reference to taking a ‘reasonable steps’ would be sufficient to indicate that there is no absolute obligation to ensure data accuracy in accordance with the principles. However, if there is any doubt over the issue, it should be removed by an amendment.

Questions 4.17 – 4.19
We would support the amendment of the Information Privacy Principles along the lines of National Privacy Principle Number 4.2.

As it is important to extend the privacy protection as much as possible, we would support amendment of National Privacy Principle 4 along the lines of Information Privacy Principle 4(b).

The question of a deletion of personal information raises complicated issues. We would not wish to see the development of an Orwellian situation where history is changed by the deletion of information. It would preferable if the information were retained and as is the case under the Freedom of Information Act appropriate annotations or restrictions were placed on it in situations where it becomes out of date, irrelevant or is found to be inaccurate.

Questions 4.20 - 4.22
We would have thought that for the purposes of the private sector the development of short form privacy notices should be investigated in the interests of reducing costs.

Questions 4.23 - 4.25
On the question of changes to the circumstances in which organisations can deny an individual access to their personal information under NPP6, we would accept that principle 6.1(b) can be amended if it is considered necessary to provide that in the mental health care context access can be denied where doing so would harm their therapeutic relationship with a treating medical practitioner.

Principle 6.3 should be made stronger to provide where it is reasonable that the organisation should provide access through mutually agreed intermediaries.

Where an organisation is satisfied that it has inaccurate information, it should notify third parties to whom it has provided that information, where practical.

Questions 4.26 - 4.28
National Privacy Principle 7 should be kept. We prefer to have a clear principle prohibiting the development of a universal or approaching universal identifier.

For the same reason the Council would oppose individuals being allowed to consent to the use or disclosure of their identifiers as such an exception would allow organisations to make consent to the use and disclosure of the identifier a condition to providing a service. This would result in the widespread collection of identifiers. The application of the principles would be assisted by a definition of a unique identifier. In our opinion existing documentation is more than adequate to check the concessional status of individuals.

Perhaps rather than regulating the use of identifiers by organisations it would be better simply to broaden the prohibition on the use and disclosure of identifiers along the lines contained in Information Privacy Principal 3 in the Victorian legislation.


Questions 4.29 - 4.30
For the reasons enunciated by Ms Gavison we are of the view that the anonymity principle is one of the fundamental requirements of the Privacy Legislation.

The Council supports a redrafting of the principle to make it a more imperative one similar to that contained in the Northern Territory legislation.

Question 4.31
In an age of increasing outsourcing of functions overseas, it is the Council’s view that controls on trans-border data flows should be maintained. It is entirely appropriate that they are in the Privacy Act.

Questions 4.32 - 4.33
We do think that there is a case to regulate sensitive information more closely than other types of information. The exception contained in the Victorian and Northern Territory legislation as described in paragraph 4.181 of the paper is acceptable.

Questions 4.34 - 4.35
An obligation should be imposed on organisations to notify individuals where their personal information has been compromised. It seems to us that the Californian Model makes sense, the criterion in that model being whether or not the information has been acquired by another person. This would considerably improve accountability and create a real incentive for organisations to comply with their privacy obligations.

In relation to the APEC Privacy Framework, to the extent that choice is the same as ‘control’, we would suggest the remarks of Ruth Gavison at pages 426-8 of the article are applicable.

As to whether any revised privacy principles should include an ‘accountability’ principle; ‘prevention of harm’ principle; a ‘consent’ principle, we would subject to the comments previously made, withhold judgment until details of those principles are brought forward.

The privacy principles should involve a certain level of flexibility. They are indeed principles. They are not legal rules or prescriptions. They should not be treated as such. It seems to us that one of the benefits of the principles is they involve a certain level of flexibility. Privacy is by no means an absolute principle. It is subject to certain other interests which need to be considered on a case by case basis.

Question 5.2
The number of exemptions from the privacy principles should be as few as possible. Indeed, we would say that the starting point would be that the privacy principles ought to be sufficiently flexible to allow them to be applied to all organisations and at the same time, protect those interests that are said to be protected by granting an exemption to an agency.

Question 5.2
The relationship between the Privacy Act and security intelligence agencies is no doubt a difficult one. The Council would accept that the constitutional arrangements of democracy, do not, to borrow a phrase from an American jurist, constitute a suicide pact. Democratic states are entitled to make arrangements to protect themselves. However, we would note recent remarks by Senator Bartlett that recent reports by the Joint Defence and Intelligence Committee would suggest that intelligence agencies are returning to the bad old days; regarding themselves as exempt from control and supervision. If agencies are prepared to flaunt supervision of the very conservative members of that committee, one must be concerned about their behaviour.

However, on the other hand, privacy is not a simile for liberty and it may be that other mechanisms should be sought to ensure that these organisations are accountable.
Question 5.3

Our view is that exemptions, where they can be justified should take the form of modifications to the National Privacy Principles necessary to meet the particular problems.

On this basis those agencies listed in Schedule 2, Part 1, Division 1 of the Freedom of Information Act should be required to demonstrate why they need to be exempt from the Privacy Act and if they do not do so, within a specified period of time, they should no longer be exempt. This follows from our generally accepted principle that privacy principles should apply universally unless there is some demonstrated reason why they should not be.

The same arrangement should apply to those agencies specified in Schedule 2 Part 2 Division 1 of the Freedom of Information Act.

Questions 5.4 & 5.5
Where state governments are operating commercial organisations which would otherwise be subject to the Act, we see no reason why that exemption should continue.

Question 5.6
This question considers the future of the exemption for small business which is defined as a business having a turnover of less than $3 million. As 94% of Australian businesses have a turnover of less than $3million a vast hole is created in the Privacy Act. The main justification for this exemption is the significant compliance costs it allegedly imposes on small business. However, it is to be noted that the House of Representatives Committee in its review of the private sector provisions of the Privacy Act 1988 apparently received no evidence as to the extent of these compliance costs https://www.aph.gov.au/parliamentary_business/committees/house_of_representatives_committees?url=/laca/privacybill/contents.htm.

One of the difficulties created by this exemption that it is impossible for a person whose privacy has been violated to know whether or not the business that they are dealing with falls within the exemption. The Council has encountered this problem recently in dealing with the complaints about licensed premises scanning copies of the identification of persons wishing to enter those premises as a condition of entry.

The Senate Legal and Constitutional References Committee at page 4.60 of its report https://www.aph.gov.au/Parliamentary_Business/Committees/Senate/Legal_and_Constitutional_Affairs/Completed_inquiries/2004-07/privacy/report/index noted that the Privacy Commissioner Ms Karen Curtis had not made an estimate of the actual costs of removing the small business exemption. Despite this she continued to support the exemption subject to removing certain categories of small business from it.

The discussion in the paper identifies a number of significant difficulties with this exemption.

The exemption assumes that small businesses are unlikely to hold significant private information or that they are unlikely to disseminate it widely. But the discussion in the paper, particularly that related to small internet businesses, to the collectors of tenancy information such as real estate agents and similar in itself puts a lie to the notion that small businesses do not collect significant personal information. In some cases important genetic information may even be exempt from the application of the Privacy Act. Our view would be that small businesses should be the subject of the legislation but with the power given to the Privacy Commissioner to make public interest modifications.

We agree with the approach of the Australian Privacy Foundation in its submission to the Senate Legal and Constitutional Committee enquiring to the Privacy Act at page 14 and we quote:

“We recognise that the vast majority of small businesses either handle no personal information at all or do so without any significant risk or threat to the privacy of the individuals concerned. However, privacy risks are always contextual – any organisation which holds information as basic as name and address could potentially use or disclose it in circumstances which could cause damage to the individual concerned.

The core requirements of the national privacy principles – being open about use of personal information, handling it in accordance with reasonable expectations, and keeping it secure, should apply to all organisations. It would however be reasonable to exempt many smaller businesses from any formal requirements to take particular actions, in advance of enquires.

Where an organisation only collects and handles personal information for a purpose which is or should be obvious to the individuals concern (a more constrained version of national privacy principle 2) it should not have to give any specific notices under national privacy principle 1.3 or 1.5. But all organisations should be required to answer enquiries (National Privacy Principle 5) and to give access and to make corrections on request (National Privacy Principle 6) subject to suitable exemptions from these principles. They should also be held accountable after the event for justifying their collection and use (National Privacy Principle 1.1 and 1.2) and for any data quality or security breaches (National Privacy Principles 3 and 4).”

Further modifications can be made as necessary by the power of the Commissioner to make public interest determinations.

Question 5.7 & 5.8
The Council fails to see how political parties are any different from private companies in their need to be able to respond ‘in a more targeted way to their electorate’. We accept that there may be some implications from the implied freedom of communication, but would have thought this would be minor.

Question 5.9
The House of Representatives Committee said that:

“Privacy is a right and therefore it should not be the subject of negotiation in the employment context. Employees usually have no effective choice but to give significant personal information, often of a sensitive nature to their employer. The fact that this has resulted in breaches of employee privacy is borne out in the submission of the Federal Privacy Commissioner. He stated that alleged interferences with individuals’ privacy in the workplace make up a significant number of privacy complaints in the Federal Public Sector where the existing Privacy Act applies (about 16% of all complaints concerning the information privacy principles received in his office and a significant proportion of all general enquiries). Privacy NSW also claimed that the exemption would run counter to widely held expectations in relation to privacy and transparent processes in the workplace which are reflected by complaints and enquiries to my office.”

In our view this exemption should be removed.

Questions 5.10 – 5.12
Freedom of Speech is a fundamental value of our society. It seems to us that all the models for limiting or eliminating the press exemption involve creating a system of government regulation of the press which would have an undesirable potential.

Question 5.13
The exemptions relating to personal or non business use serves an important function and restricting it ought to be approached carefully. On the other hand, we accept that it may be an exemption that is open to abuse. However, we would reserve further comments until we see some specific proposals.

Related Companies
Like the House of Representatives Committee we think that this exemption is not as bad as it looks.

It is our view that the recommendation of Professor Greenleaf to the Committee at paragraph 9.11 should be adopted to deal with possible abuse of this exemption for direct marking purposes i.e. the principle should be amended to prevent direct marketing that is contrary to the individuals reasonable expectation at the time of the original collection of the personal information.

Question 5.14
The Council sees no reason for extending the exemptions to the Privacy Act.

Question 6.1 - 6.2
We see no particular reason to alter the legislative structure of the Office of the Privacy Commissioner or constraints imposed by the Act on the exercise of powers by the Privacy Commissioner.

Question 6.5 - 6.7
We would submit that the Office of the Privacy Commissioner should be empowered to carry out Privacy Impact Assessments for all proposed Commonwealth legislation, or other proposed developments of agencies.

It would be our view that those reports should be prepared and presented to parliament in the same way is done with other regulatory impact statements and budgetary statements.

Questions 6.9 - 6.10
We have no comments on these questions at this stage.

Questions 6.12 - 6.13
As the Privacy Commissioner is the only place where a complaint can be made about a breach of privacy, it would be appropriate to give complainants a right to appeal to the Administrative Appeals Tribunal on a question of law against a decision of the Privacy Commissioner to reject or defer consideration of a complaint.

Question 6.12 - 6.15
The model for the Privacy Commissioner to deal with systemic issues would be the Commonwealth Ombudsman. In other words, the Privacy Commissioner should be given powers to:

1. on his or her own motion investigate any act or practice;
2. in the case where a determination is made, to require the respondent to take steps to prevent future harm arising from any systemic issues which may be identified.

Finally, it may be appropriate to give the Privacy Commissioner power to make reports to parliament in relation to systemic or even particular issues where it seems the more appropriate remedy.

Questions 6.16
At this stage, we have no reason to make comment on any of the issues raised under this heading.

Questions 6.17
We fail to see why there is a need for Administrative Appeals Tribunal Review when there is the process of seeking enforcement from the Court which would no doubt effectively act as a review.

Questions 6.18
At this stage, we see no reason why the Commissioner’s powers to make public interest determinations should be changed.


Question 6.19
We see no reason to alter the position in relation to obtaining injunctions.

Question 6.20
The Council is not really in a position to comment on the effectiveness of privacy codes. However, we see no reason why they could not be useful.

We make the following comments on giving the Office of the Privacy Commissioner extended capacity to make binding codes:

1. In an era when the Office of the Attorney General is becoming increasingly politicised we have some concerns about giving the Attorney General more powers to direct the Commissioner to develop codes or declare codes mandatory.
2. It may well be appropriate for the Office of the Privacy Commissioner to have a power to make a binding code after consultations. However, there would have to be a provision made for merits review and subsequent review on a question of law to the Federal Court.

Question 6.21-6.22
As Ms Gavison points out in her article “a typical privacy claim is not a claim for non interference by the state… It is a claim for state interference in the form of legal protection against other individuals”. In giving powers to the Privacy Commissioner, the Council’s traditional concerns about giving extensive powers to government bodies must also come into play.

The first observation we would make is that a reading of the Issues Paper would tend to indicate that the Privacy Commissioner has not so far made full use of its powers. It has only made eight binding determinations in twelve years. This would suggest that a much more extensive use of its powers is possible. We would therefore, be inclined to suggest that the Privacy Commissioner should be permitted, if necessary, to adopt a more aggressive approach to the use of its powers than it has done so to date. It would only be after that, that claims for more powers would be considered. We make this comment particularly in light of the fact that at the present moment, the processes of the Privacy Commissioner are quite opaque. The Commissioner should improve the publicity of the outcomes of complaints. We agree with the Privacy Foundation submission to the Senate Legal and Constitutional Committee that the in the absence of the regular and proper reporting of the outcome of complaints to the Commission it is difficult to generate public awareness of the existence of the Commission and its capacity to enforce their rights.

Question 7.2
It seems to us the problems faced by Commonwealth contracted service providers could be attended to by the Commonwealth making legislation relying on Section 109 of the Constitution which applies one set of privacy principles to them regardless of their size and overruling any inconsistent state legislation. In our view the National Privacy Principles would be the appropriate principles to apply.

Question 7.3
Should our recommendation that the small business exemption be removed be accepted then there will be no need to consider this issue further.

If that recommendation is not accepted then in our view a national binding code should be prepared by the Privacy Commissioner. Residential tenancy databases contain significant amounts of highly personal information which are regularly in our experience the subject of abuse and misuse.


Question 7.4
The Council does not have the time or resources to make a useful comment on this question.

Question 7.5
It would no doubt be desirable if a parliamentary committee were to develop a series of principles to which the Government subscribed identifying the circumstances in which an exemption would be created from the Privacy Act and prescribe` the rules to govern the drafting of such provisions. The Senate Standing Committee for Scrutiny of Bills Fourth Report provides an example of what we have in mind.

Question 7.6
We will not address all of the issues raised by this question.

With the proposal to introduce the access card the introduction of legislation covering data matching should be a top priority. We take the view that the legislation should be included in the Privacy Act with the Privacy Commissioner having the power to investigate any breaches and to review any proposals to permit data matching.

In relation to the census issues we would endorse concerns expressed by the Australian Privacy Foundation in relation to the 2006 census proposals.

In relation to the Anti Money Laundering and Counter Terrorism Financing Bill 2005 we endorse the remarks made by our sister organisation, the New South Wales Council of Civil Liberties in its submission to the Attorney General’s Department.

Question 8.5
The Council does think that the development of electronic health information systems requires specific examination by the Office of the Privacy Commission to determine whether extra regulation is required.

Question 8.7
We have already expressed some concern about the continuing exemption of small businesses from the Privacy Act. Given the especially sensitive nature of health information we would agree that if the general exemption is to remain the Privacy Act should apply to small businesses so far as they collect, hold or use health information.

Question 8.8
There is a public interest in allowing the use of health information in the management activities of health service providers. This could be appropriately dealt with by an amendment to the Privacy Act similar to that in the New South Wales and Victorian legislation as described in paragraph 8.114 of the Discussion Paper.

Question 8.13
It seems to us entirely justified that the Privacy Act should be amended to allow health service providers to collect information about third parties without their consent in circumstances provided for in Public Interest Determinations 9 and 9A. Both of those determinations limit the collection of that information to circumstances where:

A. It is necessary to enable health service providers to provide services directly to the consumer; and
B. If a third party’s information is relevant to the family, social or medical history of that consumer.

Question 8.14
An appropriate mechanism should be developed to allow a patient of a health service provider to transfer their records to their new health service provider.

Question 9.1
A number of issues are covered in this question.

Generally speaking we will await the Discussion Paper before making further comment.

However, we make some specific remarks in relation to children. We agree entirely with the more modern approach to assessing the ability of children to deal with their own information which has regard to the fact that their capacity matures overtime. However, we accept that it may not be possible in certain circumstances for the relationship between the information holder and the individual to be sufficiently developed to allow a proper assessment to be made. We will await the discussions paper proposals on how to deal with that before commenting further.

Question 9.4
The Council accepts that it would be useful to amend the National Privacy Principles to permit the disclosure of non-health information along the lines provided for in existing National Privacy Principle 2.4.

We would expect that similar provision could appropriately be made in relation to collection, use or disclosure of non-health information on behalf of an individual who is incapable of giving consent.

Chapter 11
A number of the technologies identified in this chapter are of great concern to the Council including the Smart Card.


Biometrics is a technology the effectiveness of which appears at this stage to be highly overrated. But in any event the increasing use of this type of data must be watched very carefully.

The issues raised by radio frequency identification (RFID) are indeed significant and we express our support for the RFID Bill of Rights and related principles set out in paragraphs 11.64 and 11.65 of the Discussion Paper.

We would certainly think that organisations using RFID technology should be required to inform individuals how to remove or deactivate the tag.

We particularly agree that data matching and data monitoring practices raise significant privacy issues particularly with the development by the Commonwealth Government of the Access Card and by the Queensland State Government of the Smart Card. These have the capacity and we would submit the purpose of becoming unique identifiers which could be used to link vast amounts of data in a way which would significantly empower the Government to interfere in the lives of ordinary citizens.

The introduction of an objective requirement into the National Privacy Principle relating to the collection of personal information would restrict the circumstances in which biometric information could be collected.

The Council considers that the capacity to deal with organisations anonymously is one of the fundamental features of the right of privacy. We consider that National Privacy Principle 8 should be amended to require organisations to design systems that will comply with the anonymity principle or allow individuals to transact pseudo anonymously. This is particularly important in the context of biometric techniques.

Chapter 12
The Council would certainly join with those who are concerned that the tax file number scheme demonstrates exactly the risks of function creep in relation to the creation of unique identifiers like the Access Card. The Access Card because of the amount of data that will be held on it increases the risks considerably.

We would certainly support the Law Reform Commission continuing to monitor developments relating to the access card scheme since as we have submitted to the Access Guard Taskforce we have little confidence in the approach of that Taskforce to the development of appropriate legislation to address privacy concerns relating to the access card.

Paragraph 13.1
We observe the argument that National Privacy Principle No. l (a) should be amended to require an entity that transfers information to another country to ensure that the transferee country has an adequate level of privacy protection. We do however have some sympathy for the argument that many organisations would not have the resources to meet this requirement.

However, the principle should be altered to require an organisation to take reasonable steps before it transfers information to ensure that the transferee will deal with the information in a manner consistent with the National Privacy Principles.

In order to address issues relating to the costs of this the Office of the Privacy Commissioner should issue information in relation to the status of countries and suggested standard contractual terms.

29 January 2007