Privacy in Australian law

There is no absolute right to privacy in Australian law and there is no clearly recognised tort of invasion of privacy or similar remedy available to people who feel their privacy has been violated. Privacy is, however, affected and protected in limited ways by common law in Australia and a range of federal, state and territorial laws, as well as administrative arrangements.^[1]

What is privacy?[edit]

There is no statutory definition of privacy in Australia.^[1] The Australian Law Reform Commission (ALRC) was given a reference to review Australian privacy law in 2006. During that review it considered the definition of privacy in 2007 in its Discussion paper 72.^[2] In it, the ALRC found there is no "precise definition of universal application" of privacy; instead it conducted the inquiry considering the contextual use of the term "privacy".^[2]^{: para 1.37–1.45}

In reaching that conclusion, the ALRC began by considering the concept of privacy:^[2]^{: para 1.29}

"It has been suggested that privacy can be divided into some separate, but related concepts:

Information privacy, which involves the establishment of rules governing the collection and handling of personal data such as credit information, and medical and government records. It is also known as "data protection";^[3]
Bodily privacy, which concerns the protection of people’s physical selves against invasive procedures such as genetic tests, drug testing and cavity searches;
Privacy of communications, which covers the security and privacy of mail, telephones, e-mail and other forms of communication; and
Territorial privacy, which concerns the setting of limits on intrusion into the domestic and other environments such as the workplace or public space. This includes searches, video surveillance and ID checks.

Privacy at common law[edit]

It is unclear if a tort of invasion of privacy exists under Australian law.^[4] The ALRC summarised the position in 2007:^[2]^{: para 5.12, 5.14}

"In Australia, no jurisdiction has enshrined in legislation a cause of action for invasion of privacy; however, the door to the development of such a cause of action at common law has been left open by the High Court in Australian Broadcasting Corporation v Lenah Game Meats Pty Ltd (Lenah Game Meats).^[5] To date, two lower courts have held that such a cause of action is part of the common law of Australia. ..."
"At common law, the major obstacle to the recognition in Australia of a right to privacy was, before 2001, the 1937 High Court decision in Victoria Park Racing & Recreation Grounds Co Ltd v Taylor (Victoria Park).^[6] In a subsequent decision, the High Court in Lenah Game Meats indicated clearly that the decision in Victoria Park 'does not stand in the path of the development of … a cause of action (for invasion of privacy)'. The elements of such a cause of action – and whether the cause of action is to be left to the common law tradition of incremental development or provided for in legislation – remain open questions."

However, in 2008, the Court of Appeal of the Supreme Court of Victoria held "damages should be available for breach of confidence occasioning distress, either as equitable compensation, or under Lord Cairns' Act."^[7] This is a reference to the equitable doctrine of breach of confidence, which is different from a tort of invasion of privacy, although it has some applications to situations where one's privacy has been invaded.^[8]^[9]

In 2013, Attorney-General of Australia Mark Dreyfus QC MP again referred the issue of privacy to the ALRC. Its terms of reference included a detailed legal design of a statutory cause of action for serious invasions of privacy, and to consider the appropriateness of any other legal remedies to redress for serious invasions of privacy. The final report, Serious Invasions of Privacy in the Digital Era (ALRC Report 123), was tabled in September 2014, after there had been a change of government. There has not been a formal response from the Australian government.

Postal confidentiality[edit]

Since at least the 19th century, it has been the practice to enclose mail in an envelope to prevent infringement of confidentiality. The unauthorised interception of mail of another is a criminal offence.^[10]

Telecommunications privacy[edit]

Telecommunications (Interception and Access) Act 1979[edit]

An Attorney-General discussion paper notes:

"The primary objective of the current legislation governing access to communications is to protect the privacy of users of telecommunications services in Australia by prohibiting covert access to communications except as authorised in the circumstances set out in the Telecommunications (Interception and Access) Act 1979."^[11]

Telecommunications (Interception and Access) Amendment (Data Retention) Act 2015[edit]

On 26 March 2015 both Houses of Parliament passed the Telecommunications (Interception and Access) Amendment (Data Retention) Act 2015, which received royal assent on 13 April 2015.^[12]

The Act implements recommendations of the Parliamentary Joint Committee on Intelligence and Security (PJCIS) Report of the Inquiry into Potential Reforms of Australia’s National Security Legislation by amending the Telecommunications (Interception and Access) Act 1979 to:

require telecommunications service providers to retain for two years telecommunications data (not content) prescribed by regulations;
provide for a review by the PJCIS of the mandatory data retention scheme no more than three years after the end of its implementation phase;
limit the range of agencies that are able to access telecommunications data and stored communications;
provide for record-keeping and reporting the use of, and access to, telecommunications data; and
require the Commonwealth Ombudsman to inspect and oversight these records for compliance, and Telecommunications Act 1997 to make consequential amendments.

Controversy over 2015 Act[edit]

Despite being considered by some ^[who?] an absolute and whole violation of the right to privacy under the Privacy Act 1988, the topic, whilst debated,^[when?] was never brought to light by mainstream media.^{[clarification needed on the role of media and definition of "mainstream"]} The consideration was postured ^{[clarification needed on the meaning of this phrase]} due to the nature of the metadata being retained under the Act and the concept that ^{[clarification needed on how this concept relates to the law that was passed]} while not directly capturing the content of communications undertaken, the bill gives considerable leeway in the kind of metadata being collected.

Australian privacy laws[edit]

Commonwealth[edit]

Privacy Act 1988
Telecommunications Act 1997
National Health Act 1953
Data-matching Program (Assistance and Tax) Act 1990
Crimes Act 1914
Anti-Money Laundering and Counter-Terrorism Financing Act 2006
The Healthcare Identifiers Act 2010
Personally Controlled Electronic Health Records Act 2012
Telecommunications (Interception and Access) Amendment (Data Retention) Act 2015

New South Wales[edit]

Privacy and Personal Information Protection Act 1998
Health Records and Information Privacy Act 2002
Freedom of Information Act 1989 (Repealed)^[13]
State Records Act 1998
Criminal Records Act 1991
Surveillance Devices Act 2007
Workplace Surveillance Act 2005
Telecommunications (Interception and Access) (New South Wales) Act 1987
Access to Neighbouring Land Act 2000
Crimes (Forensic Procedures) Act 2000

Victoria[edit]

Privacy and Data Protection Act 2014
Health Records Act 2001
The Charter of Human Rights and Responsibilities Act 2006
Freedom of Information Act 1982
Public Records Act 1973
Surveillance Devices Act 1999
Telecommunications (Interception) (State Provisions) Act 1988

Queensland[edit]

Human Rights Act 2019
Public Interest Disclosure Act 2010
Information Privacy Act 2009
Right to Information Act 2009
Public Records Act 2002
Police Powers and Responsibilities Act 2000
Criminal Law (Rehabilitation of Offenders) Act 1986
Invasion of Privacy Act 1971
Private Employment Agents (Code of Conduct) Regulation 2005

South Australia[edit]

Freedom of Information Act 1991
State Records Act 1997
Surveillance Devices Act 2016
Listening and Surveillance Devices Act 1972
Telecommunications (Interception) Act 1988

Western Australia[edit]

Freedom of Information Act 1992
Health Services (Conciliation and Review) Act 1995
State Records Act 2000
Spent Convictions Act 1988
Surveillance Devices Act 1998
Telecommunications (Interception) Western Australia Act 1996

Tasmania[edit]

Personal Information Protection Act 2004
Right to Information Act 2009
Archives Act 1983
Annulled Convictions Act 2003
Listening Devices Act 1991
Telecommunications (Interception) Tasmania Act 1999

Northern Territory[edit]

Information Act 2002
Criminal Records (Spent Convictions) Act 1992
Surveillance Devices Act 2007
Telecommunications (Interception) Northern Territory Act 2001

Australian Capital Territory[edit]

Privacy Act 1988 (Cth)
Australian Capital Territory Government Service (Consequential Provisions) Act 1994 (Cth)
Health Records (Privacy and Access) Act 1997
Human Rights Act 2004
Freedom of Information Act 1989
Territory Records Act 2002
Spent Convictions Act 2000
Listening Devices Act 1992

References[edit]

^ ^a ^b "privacy" in Trischa Mann (ed.), Australian Law Dictionary, ISBN 9780199691449 via Oxford Reference Online, Oxford University Press, accessed 29 August 2011.
^ ^a ^b ^c ^d "Review of Australian Privacy Law". [2007] Australian Law Reform Commission Discussion paper 72. ISBN 978-0-9758213-9-8
^ Seven Network (Operations) Limited v Media Entertainment and Arts Alliance [2004] FCA 637, Federal Court (Australia).
^ Hosking v Runting [2004] NZCA 34, Court of Appeal (New Zealand).
^ Australian Broadcasting Corporation v Lenah Game Meats Pty Ltd [2001] HCA 63, 208 CLR 199 (15 November 2001) (Australia)
^ Victoria Park Racing & Recreation Grounds Co Ltd v Taylor [1937] HCA 45, (1937) 58 CLR 479 (26 August 1937), High Court (Australia).
^ Giller v Procopets [2008] VSCA 236, Court of Appeal (Vic, Australia).
^ Grosse v Purvis [2003] QDC 151, District Court (Qld, Australia).
^ Jane Doe v Australian Broadcasting Corporation [2007] VCC 281 (3 April 2007) County Court of Victoria.
^ Telecommunications and Postal Services (Transitional Provisions and Consequential Amendments) Act 1989 (Cth) s 5.
^ Attorney-General’s Department, Equipping Australia against emerging and evolving threats, Discussion Paper, July 2012, p. 12.
^ Telecommunications (Interception and Access) Amendment (Data Retention) Bill 2015
^ "FREEDOM of INFORMATION ACT 1989 - as at 1 July 2010 - Act 5 of 1989".

External links[edit]

Government agencies administering privacy laws[edit]

Australian Government:
- Office of the Australian Information Commissioner
New South Wales:
- Office of the Privacy Commissioner
Victoria:
Queensland:
- Office of the Information Commissioner
- Health Quality and Complaints Commission
South Australia:
- Privacy Committee of South Australia
- Department of Health
Western Australia:
- Office of the Information Commissioner
- Ombudsman Western Australia
Tasmania:
- Ombudsman Tasmania
- Office of egovernment
Australian Capital Territory:
- Human Rights Commissioner
Northern Territory:
- Office of the Northern Territory Information Commissioner

Other Government websites and publications[edit]

Telecommunications (Interception and Access) Amendment (Data Retention) Bill 2015 Australian Parliamentary Library
Civil and Human Rights: Privacy, Australian Parliamentary Library
The Australian Law Reform Commission has had two references concerning privacy law in Australia:

2006 – 2008

"For Your Information: Australian Privacy Law and Practice". [2008] Australian Law Reform Commission Report 108 (12 August 2008);

"Review of Privacy Reviewing Australia's Privacy Laws, Is Privacy passé? ... have your say" (PDF). [2006] Australian Law Reform Commission Issues Paper 31.
"Review of Privacy-Credit Reporting Provisions" (PDF). [2006] Australian Law Reform Commission Issues Paper 32.

1976 – 1983

"Privacy" (PDF). [1983] Australian Law Reform Commission Report 22

NSW Law Reform Commission landing page for the 2006 privacy reference (amended 2009).

World Legal Information Institute & Australasian Legal Information Institute[edit]

WorldLII - Australia - Privacy

[ALD-1] "privacy" in Trischa Mann (ed.), Australian Law Dictionary, ISBN 9780199691449 via Oxford Reference Online, Oxford University Press, accessed 29 August 2011.

[ALRC2007DP72-2] "Review of Australian Privacy Law". [2007] Australian Law Reform Commission Discussion paper 72. ISBN 978-0-9758213-9-8

[3] Seven Network (Operations) Limited v Media Entertainment and Arts Alliance [2004] FCA 637, Federal Court (Australia).

[2004_NZCA_34-4] Hosking v Runting [2004] NZCA 34, Court of Appeal (New Zealand).

[5] Australian Broadcasting Corporation v Lenah Game Meats Pty Ltd [2001] HCA 63, 208 CLR 199 (15 November 2001) (Australia)

[6] Victoria Park Racing & Recreation Grounds Co Ltd v Taylor [1937] HCA 45, (1937) 58 CLR 479 (26 August 1937), High Court (Australia).

[7] Giller v Procopets [2008] VSCA 236, Court of Appeal (Vic, Australia).

[8] Grosse v Purvis [2003] QDC 151, District Court (Qld, Australia).

[9] Jane Doe v Australian Broadcasting Corporation [2007] VCC 281 (3 April 2007) County Court of Victoria.

[10] Telecommunications and Postal Services (Transitional Provisions and Consequential Amendments) Act 1989 (Cth) s 5.

[11] Attorney-General’s Department, Equipping Australia against emerging and evolving threats, Discussion Paper, July 2012, p. 12.

[telecombill-12] Telecommunications (Interception and Access) Amendment (Data Retention) Bill 2015

[13] "FREEDOM of INFORMATION ACT 1989 - as at 1 July 2010 - Act 5 of 1989".

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]

[12]

[13]

v t e Privacy
Principles	Right of access to personal data Expectation of privacy Right to privacy Right to be forgotten Post-mortem privacy
Privacy laws	Australia Brazil Canada China Denmark England European Union Germany Ghana New Zealand Russia Singapore Switzerland United Kingdom United States California, amended in 2020
Data protection authorities	Australia Denmark European Union France Germany India Indonesia Ireland Isle of Man Netherlands Norway Philippines Poland South Korea Spain Sweden Switzerland Thailand Turkey United Kingdom
Areas	Consumer Digital Education Medical Workplace
Information privacy	Law Financial Internet Facebook Google Twitter Email Personal data Personal identifier Social networking services Privacy-enhancing technologies Privacy engineering Privacy-invasive software Privacy policy Secret ballot Virtual assistant privacy
Advocacy organizations	American Civil Liberties Union Center for Democracy and Technology Computer Professionals for Social Responsibility Data Privacy Lab Electronic Frontier Foundation Electronic Privacy Information Center European Digital Rights Future of Privacy Forum Global Network Initiative International Association of Privacy Professionals NOYB Privacy International
See also	Anonymity Cellphone surveillance Data security Eavesdropping Global surveillance Identity theft Mass surveillance Panopticon PRISM Search warrant Wiretapping Human rights Personality rights
Category