RECOMMENDATIONS
Recommendation 1
6.13
The committee recommends that the application of the exception in
proposed APP 2.2(b) in item 104 of Schedule 1 be clarified to make it clear
that APP 2.1 does not apply where it is impracticable for the APP entity to
deal with 'individuals who have not identified themselves or who have used a
pseudonym'.
Recommendation 2
6.27
The committee recommends that, to avoid confusion, the subheading to
proposed APP 7.1 in item 104 of Schedule 1 of the Bill be amended to read
'Use or disclosure' or 'Direct marketing', rather than 'Prohibition
on direct marketing'.
Recommendation 3
6.31
The committee recommends that proposed APP 7.2 and APP 7.6 in
item 104 of Schedule 1 of the Bill be amended to ensure consistency with
the notification requirement in APP 7.3, and enable individuals the opportunity
to opt-out of direct marketing communications at any time.
Recommendation 4
6.37
The committee recommends that proposed APP 8.2(b) in item 104 of
Schedule 1 of the Bill be amended to require an entity to inform an individual
of the practical effect and potential consequences of any informed consent by
the individual to APP 8.1 not applying to the disclosure of the individual's
personal information to an 'overseas recipient'.
Recommendation 5
6.38
The committee recommends that the Explanatory Memorandum to the Bill be
revised to clearly explain that an entity will be required to inform an
individual of the practical effect and potential consequences of any informed
consent by the individual to APP 8.1 not applying to the disclosure of the
individual's personal information to an 'overseas recipient'.
Recommendation 6
6.42
The committee recommends that the Attorney-General's Department revise
and reissue the Explanatory Memorandum to the Bill to clearly explain the
enforcement‑related functions and activities of the Department of
Immigration and Citizenship, as justification for the classification of the
'Immigration Department' as an 'enforcement body' in item 17 of Schedule 1 of
the Bill.
Recommendation 7
6.43
The committee recommends that the Attorney-General's Department revise
and reissue the Explanatory Memorandum to the Bill to clearly explain the scope
and intended application of the terms 'surveillance activities', 'intelligence
gathering activities', and 'monitoring activities' in item 20 of Schedule 1 of
the Bill.
Recommendation 8
6.47
The committee recommends that the provisions contained in item 82 of
Schedule 1 of the Bill and for each Australian Privacy Principle which contains
a 'permitted general situation' or 'permitted health situation' exception, a
note should be added at the end of the relevant principle to cross‑reference
proposed new section 16A of the Privacy Act 1988 and/or proposed new
section 16B of the Privacy Act 1988, as appropriate.
Recommendation 9
6.48
The committee recommends that the Attorney-General's Department revise
and reissue the Explanatory Memorandum to the Bill to explain the intended
scope and application of the 'diplomatic or consular functions or activities' exception
set out in item 6 in the table to proposed new subsection 16A(1) of the
Privacy Act in item 82 of Schedule 1 of the Bill.
Recommendation 10
6.59
The committee recommends that proposed new subsection 6Q(1) in
item 69 of Schedule 2 of the Bill be amended to require an appropriate
amount of time, such as 14 days, to have elapsed from the date of a written
notice before a default listing can occur.
Recommendation 11
6.1
The committee recommends that the written notification in
proposed new subsection 6Q(1) in item 69 of Schedule 2 of the Bill be
amended to include a warning about the potential for a default listing by a
'credit provider' in the event that an overdue amount is not paid within a set
period of time.
Recommendation 12
6.61
The committee recommends that proposed new subparagraph 6Q(1)(d)(i) in
item 69 of Schedule 2 of the Bill be amended to reflect $300, or such higher
amount as the Australian Government considers appropriate, as the minimum
amount for which a consumer credit default listing can be made.
Recommendation 13
6.62
The committee recommends that the Office of the Australian Information
Commissioner, in formulating guidelines under proposed new section 26V in
item 29 of Schedule 3 of the Bill, include as a criterion the timeframe
within which an individual's 'default information' can be listed by a 'credit
provider'.
Recommendation 14
6.63
The committee recommends that the Office of the Australian Information
Commissioner, in formulating guidelines under proposed new section 26V in
item 72 of Schedule 2 of the Bill, include a requirement for credit
providers to fully consider an application for financial difficulty assistance
under the National Consumer Credit Protection Act 2009 before an
individual's 'default information' can be listed.
Recommendation 15
6.78
The committee recommends that the Australian Government consider
prohibiting the re-identification of 'credit reporting information' which has
been de-identified for research purposes in accordance with proposed new
subsection 20M(2) in item 72 of Schedule 2 of the Bill, and whether a
proportionate civil penalty should apply to any breach of that prohibition.
Recommendation 16
6.81
The committee recommends that proposed new sections 20T and 21V in item
72 of Schedule 2 of the Bill be amended to:
- create an obligation for the recipient of a request to take
reasonable steps to have the information corrected by the entity which holds
the disputed information;
- create an obligation for the entity which holds the disputed
information to correct the information within 30 days, if satisfied that the
information is inaccurate, out-of-date, incomplete, irrelevant or misleading;
and
- create an obligation for the recipient of a request to notify the
individual about the outcome of their request if that request has been
determined by another entity which holds the disputed information.
Recommendation 17
6.84
The committee recommends that the regulations made pursuant to section
100 of the Privacy Act 1988 provide a mechanism for 'credit reporting
bodies' and 'credit providers' who have received a request for the correction
of an individual's personal information to note on the individual's credit file
that a correction is under investigation, with the notation to be removed upon
completion of that investigation.
Recommendation 18
6.86
The committee recommends that the Bill be amended to enable a
'credit reporting body' or 'credit provider' to correct an individual's
personal information in exceptional circumstances, such as in the case of
natural disasters, bank error, fraud, medical incapacity, and mail theft.
Recommendation 19
6.93
The committee recommends that the commencement date for the Bill remain
at nine months after the Bill receives Royal Assent in order to provide
certainty for all relevant stakeholders.
Recommendation 20
6.96
The committee recommends that, before the Bill's commencement date, the
Office of the Australian Information Commissioner – in consultation with the
Attorney-General's Department, as appropriate – develop and publish material
informing consumers of the key changes to privacy legislation as proposed by
the Bill, and providing guidance to Commonwealth agencies and private sector
organisations to ensure compliance with the new legislative requirements.
Recommendation 21
6.98
Subject to the preceding recommendations, the committee recommends that
the Senate pass the Bill.
Navigation: Previous Page | Contents | Next Page