Attorney-General Mark Dreyfus has asked the Australian Law Reform Commission (ALRC) to conduct an inquiry into privacy protection.
The inquiry will address prevention and remedies for serious invasions of privacy in the digital era including the right to sue for breach of privacy.
According to a terms of reference document signed by Dreyfus, the ALRC should make recommendations regarding innovative ways in which laws may reduce serious invasions of privacy in the digital era and the necessity of balancing the value of privacy with other values including freedom of expression and justice.
He said that further work needs to be done to improve the rights of individuals when their privacy is breached.
“I am asking the Australian Law Reform Commission to consider this issue in light of changing conceptions of community privacy and rapid growth in information technology capabilities,” Dreyfus said in a statement.
“Our privacy laws need to address future challenges and ensure people can take action against a person or organisation that seriously violates their privacy.”
Dreyfus added that earlier consultations by the ALRC in 2008, and responses to the government’s 2011 discussion paper, showed “little consensus” on how a legal right to sue for breach of privacy should be created, or whether it should be created at all.
He said that a range of issues were raised, including whether a civil wrong or tort could create a more litigious culture, how it could impact on free speech and how the implied right to political communication could be balanced with an individual’s right to sue.
Dreyfus added that the government would consider the findings of the new ALRC inquiry before making a final decision.
In August 2008, the ALRC released 295 recommendations for changes to the Privacy Act, with a government response detailing it would respond to the recommendations over two tranches.
In October 2009, the government released the Australian Government First Stage Response to the ALRC’s report, <i>For Your Information: Australian Privacy Law and Practice</i>, responding to 197 of the recommendations.
The first set of responses included integrating the public and private sector privacy principles together, creating a credit reporting framework, giving individuals rights to control their health records and strengthening the privacy commissioner’s powers.
A total of 98 recommendations would be addressed by the government in its second stage response, which include the removal of exceptions, compulsory data breach notifications and the potential for civil penalties for serious breaches of privacy.
Follow Hamish Barwick on Twitter: @HamishBarwick
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.