The Australian Law Reform Commission this week concluded its largest ever research and public consultation exercise ever with the launch of its report For Your Information: Australian Privacy Law and Practice, which recommends a re-write of the nation's 20-year-old privacy laws to keep pace with the information age.
The three-volume, 2700 page report was launched Monday by Senator John Faulkner and Attorney-General Robert McClelland, recommending 295 changes to privacy laws and practices that will be implemented in two stages over the next three years.
ALRC president, Professor David Weisbrot, told Computerworld that Australia's current Privacy Act, legislated in 1988, was created in a completely different environment before technologies like the Internet, e-commerce and social networking greatly augmented the challenge of safeguarding the flow of personal information.
"The commissioners who were in charge of the report at that time wouldn't have had a mobile phone or a PC on their desk, no digital cameras, no e-tags, e-mail, no e-anything. There were no high speed computers for individuals or private industry with which they could do data matching and data mining, and no high-tech surveillance cameras," he said.
Since then, the information we gather has stayed the same but technology has allowed us to access, control and manipulate that information in a much easier way; electronic medical records and health information, online banking, finance and credit history, personal information on public and corporate databases, and social networking sites are just a few examples of technologies revolutionising the relationship between public databases, individual privacy and third party users.
Weisbrot said the most significant recommendation for reform is a complete restructuring and simplification of the statutory framework of the Privacy Act, so that it is focused around 11 uniform principles as opposed to separate principles for government and private sectors, which left many individuals and businesses wading through massive amounts of complex material to find what laws apply to them.
"We're saying lets flip it around - lets make it general with higher-order principles that will cover most situations most of the time. Then if you're dealing with some specialised area like health information or credit reporting, you supplement that area with rules that are dedicated specifically to regulate that area," he said.