Member Article

The Commonwealth Attorney General, Mark Dreyfus QC, yesterday issued Terms of Reference requiring the Australian Law Reform Commission (ALRC) to conduct an inquiry into the prevention of and remedies for serious invasions of privacy in the digital era. This latest development is part of the government's second stage response to the recommendations in the ALRC's 2008 Report into reforming the Privacy Act 1988 (Cth), together with the recent proposed compulsory data breach notification scheme (which we reported on last month).

Terms of Reference

In referring the inquiry to the ALRC, Mr Dreyfus observed a number of contextual considerations driving the inquiry, including:

 -  the extent and application of existing privacy statutes;

 -  the rapid growth in capabilities and use of information, surveillance and communication technologies;

 -  community perceptions of privacy; and

 -  relevant international standards and the desirability of consistency in laws affecting national and transnational dataflows.

The scope of the inquiry requires the ALRC to make recommendations in relation to:

 -  innovative ways in which the law can reduce serious invasions of privacy;

 -  the best way to balance the concept of privacy with other fundamental values, including freedom of expression and open justice;

 -  how a statutory cause of action could be designed, taking into account matters such as legal thresholds, jurisdiction, fault elements, proof of damage, defences, exemptions and restrictions, awards of damages, limitation periods; 

 -  whether any common law causes of action should be abolished; and

 -  the nature and appropriateness of any alternative legal remedies to redress serious invasions of privacy, such as actions for breach of confidence, defamation, trespass, nuisance or criminal sanctions.

The path to the inquiry

This is the latest chapter in Australia's recent spate of privacy reforms and in the decades long consideration of a statutory tort of privacy. The issue was kick started again in 2008, with the ALRC's recommending that a statutory cause of action for serious invasions of privacy of natural persons should be introduced into the Privacy Act 1988 (Cth). 

The Australian Government's first stage response to the ALRC's 2008 Report deferred addressing the recommendation of a new cause of action for invasion of privacy and it was not included in the amendments to the Privacy Act that were passed in November last year. 

Instead in September 2011, the Government released an Issues Paper inviting comments to inform its response to the ALRC's recommendation. Whilst over 60 submissions were received, the review process went quiet. 

Then as part of the Government's otherwise ill-fated media regulation reform package introduced in March 2013, it unexpectedly referred the issue of whether Australia should have a new privacy cause of action back to the ALRC for reconsideration. 

In the meantime the New South Wales and Victorian Law Reform Commissions also separately recommended the introduction of a statutory cause of action but with differing approaches.

What next?

The ALRC will provide a final report to the Attorney-General in June 2014. It is likely that comment will again be sought by the ALRC from interested stakeholders as part of the inquiry. 

The question is whether this time it will make it to the statute books. The complexity of the issue is beyond doubt. As Mr Dreyfus acknowledged yesterday, while this was an exciting time for privacy policy in Australia, there was still 'little consensus' on these issues and it was imperative that 'our privacy laws... address future challenges and ensure people can take action against a person or organisation that seriously violates their privacy.'

 

Link to article