Subscribe to CIO Magazine »

OAIC should have more power: Cyberspace Law and Policy Centre

The centre claims the OAIC should be able to enforce decisions and impose fines on ISPs and those who breach internet users’ privacy

The UNSW Cyberspace Law and Policy Centre has called on the Federal Government to expand the Office of the Information Commissioner’s (OAIC) powers to better protect personal information and privacy online.

Speaking at a Joint Select Committee on Cybersafety, the centre’s executive director, David Vaille, said the Cybercrime Legislation Amendment Bill 2011 should not continue without fixing the deficits within the jurisdiction of the OAIC.

“Providing safe guards for Australian internet users, particularly about the enforceability of decisions and the power to impose fines on ISPs and others where there are unwarranted and unauthorised breaches of an internet users’ privacy, without that and a number of other protections, even a revised version of the bill would not be suitable,” Vaille said.

According to Vaille, research from “a number of people in the field” pointed to a range of deficiencies in Australian privacy laws that could not be fixed by only a minor extension of the OAIC’s jurisdiction.

“This bill should not go ahead without the introduction of some sort of robust, statutory protection for privacy.”

The centre’s research associate, Chris Connolly, said the Australian Law Reform Commission had previously reviewed privacy laws within Australia and had also made recommendations to strengthen the powers of the OAIC.

He said within the last 10 years, from the time privacy provisions were extended to the private sector, only one termination has been made by the Privacy Commissioner and was the result of a class action by consumers.

“No organisation has been named as in breach of the Privacy Act as a result of a complaint and this compares unfavourably with sectors such as the regulation of telecommunications, financial services, activities of regulators like ACMA [the Australian Communications and Media Authority] where organisations are named fairly regularly as in breach of legislation,” Connolly said.

“We believe there’s a strong body of evidence and a good 10 year history showing that the conciliation approach, which would be that the privacy commissioner remains unusual in the regulatory sphere, really doesn’t provide any motivation to comply with privacy laws.”

Dual criminality

Connolly expressed a major concern at the Bill’s failure to address the issue of dual criminality – by which any criminal offence that is the subject of mutual assistance should be considered an offence both in Australia and the target country.

“That’s the core part of our test of whether or not the bill is acceptable, whether or not there is a clear unambiguous requirement for dual criminality,” he said.

“We’re unclear whether it’s the intention of drafters or a drafting error but normally what you would expect to see in a Bill of this type implementing a convention, is a specific decision by the legislator to act on the recommendation in the convention that countries can choose to impose a dual criminality requirement for all of the subsequent cooperation arrangements such as data preservation notices, mutual assistance and so on. There is no dual criminality requirement in the bill there’s nothing set out at all.”

Follow Chloe Herrick on Twitter: @chloe_CW

Follow Computerworld Australia on Twitter: @ComputerworldAU

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: Bill, Federal Government, UNSW
References show all
Comments are now closed.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: Office of the Information Commissioner, cyber crime, Cyberspace Law and Policy Centre, privacy, Cybercrime Legislation Amendment Bill 2011
Latest Blog Posts
  • The CIO Paradox
    As there are timeless leadership principles underlying IT value, there are unfortunately also timeless challenges that thwart the IT organisations efforts and make for a rocky path to CIO success. These are the inherent contradictions we call the CIO Paradox.
    Learn more »
  • ERP in the Cloud and the Modern Business
    Businesses are realizing that the cloud is the future of enterprise software and offers many attractive business benefits. But there is much to think about when evaluating the potential move to a cloud model, especially for core systems like ERP. View IDC’s White Paper ERP in the Cloud and the Modern Business, written by Mike Fauscette, Group Vice President, Software Business Solutions, IDC, to review IDC CloudTrack Survey findings, gain expert insight into the challenges and opportunities the cloud presents, and determine which deployment option could provide the biggest benefits for your organization. View the White Paper to discover: How to run your business more effectively in the cloud; How to choose the right deployment model for your ERP solutions; How new technologies create opportunities to innovate, giving you that competitive advantage
    Learn more »
  • Information Management
    Valuable data can be a needle in a haystack, but by leveraging the value in existing information assets, organisations can generate real and achievable gains in revenue generation, IT investments and productivity gains. This whitepaper discusses how Information Management (IM) is a multi-faceted discipline that can be employed to meet or exceed your business objectives.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.
Latest Jobs
Salary Calculator

Supplied by

View the full Peoplebank ICT Salary & Employment Index

Recent comments