Serious invasions of privacy in the Digital Era
The Australian Law Reform Commission (ALRC) recently released a Discussion Paper on a proposed statutory cause of action (i.e. the right to seek judicial redress) for serious invasions of privacy.The paper seeks feedback on some 47 proposals for privacy related reforms. Among these are that new Commonwealth legislation be introduced to provide for a statutory cause of action for serious invasions of privacy, and a new Australian Privacy Principle (APP) should provide a “right to have personal information deleted”.Statutory cause of action – Serious invasion of privacyThe scope of the proposed statutory cause of action for serious invasions of privacy is broad and could substantially change the privacy obligations for organisations across a range of sectors, including the not-for-profit sector. Of significance to the NFP sector is that the ALRC proposes the tort (i.e. the civil wrong) should be available for (among other things) a disclosure of private information to one person (ie not publicly) where this is a serious interference with privacy. For example, if an organisation publishes sensitive health information about an individual to their allied health professional without consent. In this context, the tort will be relevant to all NFP organisations that hold personal information about individuals, including their clients, staff and volunteers. The paper proposes that if a tort of privacy is not introduced:
- legislation should be changed to allow plaintiffs to recover damages for emotional distress in cases where breach of confidence involves a serious invasion of privacy; and
- a new Commonwealth statute should be enacted to provide for a statutory tort of harassment and harmonises existing criminal offences across the States and Territories.
Right to be deletedThe paper also proposes a new Australian Privacy Principle (APP) for deletion of personal information. The proposed APP would require organisations to provide individuals with a simple mechanism to request that personal information which they provided to the organisation be destroyed or de-identified; and require the organisation to take reasonable steps (subject to suitable exceptions) to comply with such a request in a reasonable time or provide the individual with reasons for not doing so.The ALRC is seeking submissions on the discussion paper from interested organisations and community members. The closing date is Monday 12 May 2014. NFP Lawyers is reviewing the discussion paper. Feedback is welcome by email to joanne.redburn@nfplawyers.com.au by COB 29 April 2014.
Disclaimer – Reliance on Content
The material distributed is general information only. The information supplied is not and is not intended to be, legal or other professional advice, nor should it be relied upon as such. You should seek legal or professional advice in relation to your specific situation.