By TRAVIS JONES
For most individuals, the ability to conduct themselves free from oversight or violation is of profound importance.
But such protection in Australia is limited by gaps in legislation, a lack of public awareness and an array of underfunded regulatory bodies.
The campaign, organised by the Office of the Australian Information Commissioner (OAIC), focuses on the theme of privacy in your hands.
Acting Information Commissioner Timothy Pilgrim said in his opening address that Australians should be active in safeguarding their privacy.
“While the regulation of privacy will continue to evolve, particularly as technology advances, businesses, agencies and individuals must also step up to the challenge of taking control of privacy management,” he said.
Australia has few legal protections for invasions of private affairs.
The collection of personal data by governments and private enterprise worldwide has raised concerns about how people can protect themselves against breaches.
University of Canberra Professor Bruce Arnold said an acquiring information from the private sector would increasingly be seen as the Australian Government followed its peers overseas.
“There [will be] an increased merging, if you like, of big brother and big sister,” he said.
The OAIC is empowered by the federal Privacy Act of 1988 to investigate complaints and assign monetary punishment for breaches in the private sector.
But the office has been plagued with funding problems since the 2014 Federal Budget sought to eliminate it all together.
While some of its funding has been reinstated – $37 million over four years – it operates with reduced resources.
Prof Arnold said this had left the OAIC “on life support” for months, and far more legislative protection was needed.
“All of the Australian governments have displayed a fairly cavalier attitude to privacy. We have a national privacy regulator … it’s a sheep in sheep’s clothing and has not taken on its responsibilities in a meaningful way,” he said.
The OAIC has no jurisdiction over companies that don’t turn over in excess of $3 million each year, unless they are handling health information.
This means most businesses are not answerable to the Federal Commissioner.
Victorian Commissioner for Privacy and Data Protection David Watts said this “yawning gap” did not meet appropriate standards.
“That means that 80 per cent, maybe 85 per cent, of the private sector are just not covered … is it appropriate for most of the private sector to not have to comply with privacy law?” he said.
The Australian Law Reform Commission (ALRC) has likewise supported a change, stating in a 2014 report that “the removal of the exemption would have substantial benefits for the protection of privacy”.
As well as the OAIC, several states have appointed their own privacy regulators to govern the public sector. Western Australia and South Australia have not.
Prof Arnold said this disparity should be troubling for people in those states, but there was a solution to Australia’s lax privacy protection – the introduction of a privacy tort.
“If someone egregiously invades your privacy you should be able to take action … if you’ve suffered harm, you should be able to get some meaningful compensation,” he said.
“It’s not something that’s wild and wonderful, it's something that is directly achievable.”
A privacy tort would enable people to sue other citizens, businesses, and even governments for invasions of privacy, just as they can with defamation or trespass.
This development would ratify an Australian right to privacy, something that is not currently enshrined in Australian law, but has been incorporated in the US, UK and New Zealand.
This added protection has support from the ALRC, as well as its counterparts in Victoria and New South Wales. However, there is no current legislation aiming to enact more privacy protections.
Mr Watts said the introduction of a tort would be a step in the right direction, but it needed to be tailored to protect Australians against major conglomerates participating in data collection.
“We really have no idea at all whose keeping information, what are they collecting … If there was a tort for serious invasion of privacy in Australia, how would you go about suing Google or Facebook?” he said.
Facebook’s data policy states that the company collects information about “things you do and the information you provide” among several categories.
Prof Arnold said that just because people willingly participated in social media did not mean they consented to having their information tracked.
“When you talk to people on those services, and I’m one of them, people have a sense that they chose to share some things, but they chose not to share other things … they have some trust that when they put information on there it won't be misused,” he said.
The nature of an increasingly interconnected world, rife with invasive technologies, data collection and lax legal protections necessitate a population that is better informed.
But the state of the actual protections in Australia that support a person’s ability to a private life raise the question: is your own privacy really in your hands?