committee recommends that the government consider and respond to the
recommendations in the Cyberspace Law and Policy Centre’s report: Communications
privacy complaints: In search of the right path, and recommendations from
the Australian Communications Consumer Action Network arising from that report.
committee recommends that the Australian Privacy Commissioner's
complaint-handling role under paragraph 21(1)(ab) of the Privacy Act be
expanded to more effectively address complaints about the misuse of privacy
consent forms in the online context.
committee further recommends that the Office of the Privacy Commissioner
examine the issue of consent in the online context and develop guidelines on
the appropriate use of privacy consent forms for online services.
committee recommends that the small business exemptions should be amended to
ensure that small businesses which hold substantial quantities of personal
information, or which transfer personal information offshore are subject to the
requirements of the Privacy Act 1988.
achieve this end, the committee urges the Australian Privacy Commissioner to
undertake a review of those categories of small business with significant
personal data holdings, and to make recommendations to government about
expanding the categories of small business operators prescribed in regulations
as subject to the Privacy Act 1988.
committee further recommends that the second tranche of reforms to the Privacy
Act 1988 amend the Act to provide that all Australian organisations which
transfer personal information overseas, including small businesses, must ensure
that the information will be protected in a manner at least equivalent to the
protections provided under Australia's privacy framework.
Committee recommends that the OPC in consultation with web browser developers,
ISPs and the advertising industry, should, in accordance with proposed
amendments to the Privacy Act, develop and impose a code which includes a 'Do
Not Track' model following consultation with stakeholders.
committee recommends that item 19(3)(g)(ii) of the exposure draft of amendments
to the Privacy Act 1988 be amended to provide that an organisation has
an Australian link if it collects information from Australia, thereby
ensuring that information collected from Australia in the online context is
protected by the Privacy Act 1988.
committee recommends that the government amend the Privacy Act 1988 to
require all Australian organisations that transfer personal information
offshore are fully accountable for protecting the privacy of that information.
committee further recommends that the government consider the enforceability of
these provisions and, if necessary, strengthen the powers of the Australian
Privacy Commissioner to enforce offshore data transfer provisions.
committee recommends that the Australian government continue to work
internationally, and particularly within our region, to develop strong privacy
protections for Australians in the online context.
committee recommends that the government accept the ALRC's recommendation to
legislate a cause of action for serious invasion of privacy.
committee recommends that before pursuing any mandatory data retention
proposal, the government must:
undertake an extensive analysis of the costs, benefits and
risks of such a scheme;
justify the collection and retention of personal data by
demonstrating the necessity of that data to law enforcement activities;
quantify and justify the expense to Internet Service Providers
of data collection and storage by demonstrating the utility of the data
retained to law enforcement;
assure Australians that data retained under any such scheme
will be subject to appropriate accountability and monitoring mechanisms, and
will be stored securely; and
consult with a range of stakeholders.
Navigation: Previous Page | Contents | Next Page