Chapter 1 Introduction
The Privacy Amendment (Enhanced Privacy Protection) Bill 2012 (hereafter
referred to as the Privacy Amendment Bill) was introduced into the House of
Representatives on 23 May 2012.
Scope of the Bill
The Privacy Amendment Bill will amend the Privacy Act 1988 (Cth)
and was developed in response to the Australian Law Reform Commission’s (ALRC) 2008
report resulting from its inquiry into Australia’s privacy laws.
The ALRC made 295 recommendations, which the Government has announced it intends
to respond to in two stages. This Bill is the first
stage response and addresses 197 of the ALRC’s recommendations.
The Bill will create the Australian Privacy Principles (APPs) to replace
the National Privacy Principles (NPPs) and the Information Privacy Principles
(IPPs), which currently apply to the private and public sectors respectively.
The APPs are a set of unified principles that will apply to both sectors. The
changes are intended to bring greater clarity and consistency to Australia’s privacy
laws and more comprehensive privacy protection.
The Bill will also introduce a more comprehensive credit reporting
system. The new measures will replace the current measures in their entirety
and aim to introduce greater simplicity, clarity and consistency. They also aim
to operate more effectively in light of developments in the way the system
operates since its introduction.
The Bill includes provisions on a code system which allows customised
privacy codes to be developed by organisations or industries. It also allows
the Privacy Commissioner to develop and register binding codes in the public
interest in some circumstances. The Bill also includes provisions governing the
credit reporting code.
The Bill will clarify the powers of the Privacy Commissioner and is
intended to improve the Commissioner’s ability to deal with complaints, conduct
investigations, make use of external dispute resolution services and promote
compliance with the APPs.
Referral of the Bill
On 24 May 2012 the Selection Committee referred the Privacy Amendment
Bill to the House of Representatives Standing Committee on Social Policy and
Legal Affairs for inquiry and report.
The Selection Committee provided the following reasons for
referral/principal issues for consideration:
n the adequacy of the
proposed Australian Privacy Principles
n the efficacy of the
proposed measures relating to credit reporting
n whether defences to
contraventions should extend to inadvertent disclosures where systems
incorporate appropriate protections, and
n whether provisions
relating to use of depersonalised data are appropriate.
Previous inquiries and consultation
The ALRC undertook a 28 month inquiry in Australia’s privacy laws and in
2008, produced a report of its findings (the ALRC report) including 295
recommendations for reform.
The Australian Government released its first stage response to the ALRC
report in October 2009, including exposure drafts of the APPs and the credit
reporting provisions. These exposure drafts were tabled in the Senate.
On 24 June 2010, the Senate referred the exposure drafts to the Senate
Standing Committee on Finance and Public Administration for inquiry and report.
In June 2011, the Standing Committee on Finance and Public
Administration tabled its report on the exposure draft of the APPs. In October
2011, it tabled its report on the exposure draft of the credit reporting
Concurrent Senate inquiry
On 19 June 2012 the Senate referred the Privacy Amendment Bill to the
Senate Standing Committee on Legal and Constitutional Affairs for inquiry and
The Senate Committee issued a call for submissions and received over 50
submissions from a range of individuals and organisations across Australia. Public
hearings were conducted on 10 August and 21 August 2012. Submissions, transcripts
and the Committee’s report can be accessed on the Senate’s website.
Conduct and scope of this inquiry
The House Standing Committee on Social Policy and Legal Affairs advertised
a public hearing and a call for submissions in The Australian newspaper
on 11 July and 8 August 2012.
The Committee received 39 submissions and six supplementary submissions
from a range of individuals and organisations across Australia. These
submissions are listed at Appendix A and can be accessed from the inquiry
The Committee held a public hearing on 16 August 2012. 
A list of witnesses that appeared before the Committee is at Appendix B.
The Committee notes that this is an extremely complex inquiry. The
Privacy Amendment Bill and its accompanying Explanatory Memorandum are both
lengthy, complex documents and implement an intricate and comprehensive privacy
regime. Privacy laws govern many facets of Australian life and the Committee
appreciates that these changes will affect not only every Australian in their
individual capacity but a wide variety of industries and organisations who hold
personal information as part of their business activities.
The submissions the Committee received raised a multitude of issues. The
Committee has not attempted to examine all these issues in detail, nor report
on each comprehensively.
The Committee is aware that, while significant consultation was
undertaken in the preparation of the Privacy Amendment Bill, there remain a
number of outstanding concerns from industry and consumers. The Committee
acknowledges the breadth of these concerns but has chosen to focus on those
concerns it considers the most significant and those that have been raised repeatedly
in submissions to this inquiry.
The Committee has endeavoured to acknowledge the majority of issues
raised, however the implementation of a privacy regime will necessarily involve
an assessment of balancing the protection of privacy rights while allowing for
the convenient flow of data. The Committee’s objective has been to evaluate the
success of this Bill in achieving that balance.
This Bill has also been examined by the Senate Standing Committee on
Legal and Constitutional Affairs. As far as possible, this Committee has
endeavoured not to duplicate those areas it anticipates the Senate will
consider in detail. Therefore, in some instances the Committee refers to the
evidence and discussion in the Senate inquiry.
Structure of the report
Chapter Two considers APPs, notably defences to contravention of APP 8,
compliance with overseas laws, direct marketing and the ‘opt out’ provisions
for direct marketing.
Chapter Three considers credit reporting provisions, particularly the
Australia link requirement, repayment history data provisions and the storage
of addresses on file.
Chapter Four considers a number of additional issues, including de‑identified
data, the commencement period and the complexity of the regime.