Dated 8 July 1992
This document is at http://www.privacy.org.au/Papers/SubmnHoR9207.html
The Australian Privacy Foundation was founded in 1987 to campaign against the 'Australia Card' national ID system. Among its founders were Midnight Oil's Peter Garrett, the late Ben Lexcen, Janine Haines, Sydney broadcaster Alan Jones, Civil Liberties advocate Tim Robertson, Ron Castan QC, and academics Roger Clarke and Graham Greenleaf. From its inception, the Foundation involved individuals from all positions on the political spectrum, and continues to do so. The Foundation was largely responsible for creating the wave of opposition which eventually made the ID Card politically untenable.
The Foundation is Australia's only non-government privacy organisation and is the only activist on privacy issues. It works with civil liberties organisations, and with other groups concerned with specific privacy issues. Where possible, it co-operates with and supports official agencies, but has a reputation for outspoken criticism of officialdom. It is a member of Privacy International, the world-wide privacy protection network.
The Privacy Foundation is a non-profit and an entirely voluntary membership organisation.
In 1988 the Foundation's focus was to ensure that the Government's alternative to the ID Card, the Tax File Number (TFN) scheme, was not an ID Card in disguise, and to lobby in favour of the long-overdue enactment of national privacy legislation. The first 'Summit Meeting' organised by the Foundation brought Australian Taxation Office officials, politicians and privacy advocates together to examine the TFN proposals, and exposed many weaknesses in the proposals which the Government subsequently rectified. The Foundation also made significant contributions to the political debate which resulted in a greatly strengthened Privacy Bill being enacted in 1988.
In the following year, the Foundation turned its' attention for the first time to the private sector, and commenced a highly successful campaign against the credit industry's proposals to introduce 'positive reporting', a system whereby the payment performance of every consumer debtor in Australia would be reported on a monthly basis to the monopoly industry credit bureau, whether an individual was in default or not.
At the Foundation's second 'Summit Meeting', the responsible Commonwealth Ministers announced that the Government would legislate to ban positive reporting, and to impose comprehensive national credit reporting laws as well. Later in 1989 the Foundation fought a successful media and Parliamentary campaign to counter the credit industry's attacks on the proposed legislation.
The APF has also enjoyed success in fighting the signing of the international Tax Assistance treaty and the Government's proposed pharmacy "Blackbox" scheme, which would have created a computer linkage of all pharmacies.
The principal authors of this submission are Timothy Edwin Dixon and Simon Gordon Davies. Mr Dixon is an economics graduate of the University of Sydney, and is the Director of the Australian Privacy Foundation. Mr Davies is Honorary Associate in the School of Law of the University of New South Wales. He is Chairman of the Australian Privacy Foundation, and is Director General of the peak world privacy advocacy organisation, Privacy International, the Secretariat of which is located in Washington DC.
This submission concentrates on four components of fraud identificaion and control :
This submission is therefore directed principally to addressing the following terms of reference of the Inquiry :
2. The extent to which there should be coordination of the assessment, prevention and control of fraud in the Commonwealth, the responsibility for any such coordination, and the scope for improved liaison and cooperation amongst all agencies;
3. Progress made by departments and agencies in developing and implementing fraud prevention and control strategies, including the role of internal and external audit, and the adequacy of performance information to assess the sucess of the strategies;
6. The appropriateness and adequacy of mechanismsfor the investigation and follow-upof less significant instances of fraud by departments and agencies , and the consistency of treatment of offenders by various agencies
9. The potential for the use of information exchanges, including the use of information technology, in combating fraud, and the privacy implications of such exchange;
The Foundation's comments on current and proposed Government fraud detection and recovery schemes are based on our concern that the establishment of a web of surveillance will permanently affect the balance between citizen and state. We are not concerned with the justification of individual schemes, as much as with the cumulative impact that they produce.
We have chosen to adopt the term "surveillance" throughout this submission because it best expresses the most dangerous and permanent aspect of the fraud detection proposals within the scope of this inquiry.
SUMMARY OF CONCLUSIONS
We would like to present a context for this submission by discussing our general concerns about the overall direction being taken by the Commonwealth, and the general state of surveillance over the population.
There appears to be general agrement that Australia has developed revenue collection and public administration systems that are amongst the most sophisticated in the world. It is no exaggeration, however, to warn that the extent of this development equates to mass surveillance. The information technology matrix being constructed by the Government will, in the view of the Australian Privacy Foundation, soon rival those of the world's most tightly governmed nations. This submission will argue that recent developments are pushing Australia into a level of surveillance known as "Zone 5" - the highest and most restrictive of all levels of surveillance.
These developments, in our opinion, are vastly increasing the power and scope of government. The APF is concerned that individual Australians are more than ever becoming subordinate to the administation and authority of government.
We need to think beyond the traditional arguments used to justify mechanisms for efficiency and fraud control. In other words, it is no longer safe or appropriate to accept on face value the Government's simple intention to catch cheats and criminals. More than sixty years ago, US judge Louis Brandeis warned "Experience teaches us to be most on our guard to protect liberty when the government's purposes are beneficent".
This concern was expressed by another US Supreme Court judge, Anthony Kennedy, in the words "There is a zone of liberty; a zone of protection; a line that's drawn where the individual can tell the Government 'beyond this line you may not go'."
These are the principles that form the basis of the Foundation's concerns. We believe that the balance of public interest can now no longer be determined principally on the basis of efficiency, law enforcement or public revenue. The synergistic effect created by each additional surveillance mechanism must be taken into account. We believe that the government's activities in this area should be viewed in a holistic manner.
We see a parallel between surveillance and the environment. Environmental restrictions to developments (such as wet lands protection in NSW) have been established with the aim of examining the impact of individual projects as a totality. Exemptions from this general state of protection on the basis of economic benefit are difficult to obtain and must be clearly justified. The fact that an individual project may not of itself have a significant impact on the balance of nature is no longer sufficient justification for its approval.
Systems which impact on the relationship between the individual and the state need to be examined in the same light. There may be individual justification for a whole range of privacy invasive uses of technology. On their own they may not appear to significantly impact the balance between the individual and the state. However, their accumulated impact may erode the most fundamental individual rights.
Systems to reduce fraud are most commonly justified on the basis of the public interest. However, the public interest is frequently defined in such a narrow fashion that it more accurately reflects the public sector interest.
There are three criteria for establishing public interest:
To this point, the third element has not at any time been a consideration. As with the environment, it is now essential that the third criterion be an integral part of justifying projects such as the LEAN system.
The Foundation believes that a free society must inherently have a quality of "looseness". The establishment of a web of surveillance initiatives paralyses this essential quality.
We are anxious to make it clear that we do not wish to oppose genuine and beneficial efforts to curb fraud. Every society, no matter how small and how trusting, allows a degree of surveillance. Citizens in every country accept that government has at least some right to exercise control in the interests of law enforcement and security. The question we have to explore is just how far a government should be allowed to travel down this path. There is a point where the rights of an individual citizen are more important than the right of government to exercise power.
There are a number of ways to illustrate the development of surveillance. Perhaps the clearest model is a simple five zone chart that shows the way surveillance and control has an influence on the life and environment of a community.
As a society becomes larger and more complex, as its links with other nations grow, and as its technological capacity increases, it is normal for it to creep upward on the surveillance scale. Many developed countries have, like Australia, progressed rapidly in recent decades from zone 2 to zone 4 on the scale. Some, including our own, are pushing gradually into the fifth and final level.
Once a community has become anchored to a zone of surveillance, its' institutions use that level as the foundation for their structure and activities. Reversal would be a difficult dislocation.
LEVEL 5 TOTAL SURVEILLANCE LEVEL 4 MASS SURVEILLANCE LEVEL 3 ROUTINE SURVEILLANCE LEVEL 2 CONDITIONAL SURVEILLANCE LEVEL 1 RESTRICTED SURVEILLANCE
Australia has progressed from the upper part of zone 2 in the early 1970s, to the lower part of zone 4 in the 1990s.
RESTRICTED (LEVEL ONE) SURVEILLANCE. This is the least intrusive zone of surveillance. In this rare environment, government is small, free enterprise is respectfull of individual privacy, legislation is directed largely toward the protection of rights, and the principal concerns of the state are law enforcement and national security. Functional seperation is standard practice, and large databases of personal information are rare because they are considered neither desirable nor necessary. The community generally respects rights of individuals, and is close enough to government to exert a positive influence on policy.
CONDITIONAL (LEVEL TWO) SURVEILLANCE In this, the ideal liberal democratic environment, surveillance is generally regarded as an undesirable practice which should be exercised by the state only when adequate debate has occured, and when proper safeguards are in place. The integrity and secrecy of records is maintained within individual departments, and general linkage between agencies is not permitted. The relationship between government agencies and the public is essentially one of trust and good faith, even though agencies are aware that criminality and fraud occur regularly. The role of government agencies is essentially one of serving the public.
ROUTINE (LEVEL THREE) SURVEILLANCE. In this environment, mass surveillance has been established in three principal areas : law enforcement, taxation, and government benefits. (which for convenience we will label the Tripartite). Linkage between these three sectors occurs on a case by case basis when there is suspicion or evidence of wrongdoing, and there is a general understanding within the community that a certain amount of monitoring is a reasonable trade-off for the benefits of living in a mixed economy. Despite general support for some surveillance, there is a healthy awareness of individual and democratic rights. In this environment, relationships within the community still retain a basis of trust. In zone three, government bodies have assumed the role of agents of public interest.
MASS (LEVEL FOUR) SURVEILLANCE. This is a zone of enforced, interactive and punitive surveillance. Numerous systems have been developed for the purpose of monitoring most aspects of people's movement, transactions, interactions and associations. The establishment of these systems has been justified on a case by case basis, and most computer systems are interlinked. Everyone's files are routinely and automatically matched against each other to detect inconsistencies. Because of powerful arguments of revenue, security and law enforcement, the community complies fully (though sometimes reluctantly) with these mechanisms. There is mass obedience with little or no resistance to the initiatives or their demands. Government agencies have the role of controllers and enforcers of public policy.
TOTAL (LEVEL FIVE) SURVEILLANCE. This is the rarely attained state of total surveillance. Not only are all movements and activities monitored or controlled by authorities, but there is total and willing obedience from the population. The crucial element in zone five surveillance is that there is an Orwellian willingness amongst people to support government control. Members of the public will voluntarily aid surveillance by surrendering their own liberty or privacy, or forcing the surrender of their neighbour's information or liberty. In the total surveillance society there is liberty of movement, freedom of association, but no right to keep anything secret. The role of government and the right of individuals becomes one and the same. Public, government and individual rights become indistinguishable.
Until the middle of the 1970s, Australia had generally exercised a limited or conditional form of surveillance (zone 2). Although law enforcement agencies have enjoyed relatively widespread powers, Australia's federal structure has until recently prevented a comprehensive linkage of agencies.
Social welfare departments have until recent years exercised restraint in monitoring clients. The Tax office, while it had considerable powers, tended to perform its function in an insular manner. The Office regarded its rights and responsibilities with some pride and care. The banking and finance system was not effectively linked to the Commonwealth Government until very recently, and the establishment of mass matching of files in different agencies has been established in only very recent years.
From the first years of the Fraser Liberal Government in the mid to late seventies, Australia moved out of the twilight of zone two and into the third zone. The trpipartite progressively gained more power and influence. Law enforcement agencies edged closer together, the Tax Office gained considerable power, and Social Security established rigourous monitoring procedures of clients. Throughout the late 1970s and 1980s, these agencies (including the Health Insurance Commission, Department of Social Security, Australian Taxation Office, Federal and State Police Agencies and a small number of emerging bodies such as the Cash Transactions Reporting Agency) developed stronger powers and closer links, pushing Australia further into Zone 3.
From the middle of the 1980s, Australia commenced a steep increase in the use of mass surveillance technology. Computer matching programmes linked the databases of major Commonwealth government agencies, and then in turn linked these agencies with banking and insurance companies, employers, investment bodies, superannuation funds and educational institutions. Links were also made to the electoral rolls, state registrar general's departments, corrective services departments, the Child Support Agency, land titles records, local government, Comcare, Telecom, Australia Post, the Australian Customs Service and the Department of Industrial Relations. The establishment of a multi purpose Tax File Number system created an administrative basis for some of this linkage.
While this activity was proceeding, numerous other invasions of rights and privacy were occuring. The Tax File. Number was dramatically extended in scope. The finance industry succeeded in establishing the world's first truly national electronic money (EFTPOS) system. The Credit Reference Association of Asustralia tried to establish a "positive reporting" system that would have created a comprehensive profile on all Australians. Bank employees were forced by law to report to the government all suspicions related to movements of cash. The Commonwealth Government almost succeeded in establishing a massive network of pharmacy computers. State Governments created large integrated intelligence and general record systems. Sophisticated vehicle tracking systems, workplace monitoring programmes and telecommunications surveillance systems were developed and implemented.
These developments, all of which have occured within the last seven years, have pushed Australia well into the fourth zone of surveillance.
The APF is disturbed that Australians appear to accept the government's plans with hardly a second thought. An environment of unquestioning obedience appears to beforming, paving the way for the establishment of a total surveillance society.
A very small number of countries have entered the fifth, or total, zone of surveillance. Singapore is the most prominent example. Not only has the government developed a ubiquitous high technology monitoring system, but compliance within the community is virtually absolute. There exists a mass consciousness in support of such a system.
Australia is approaching the fifth zone. At this level, people will no longer question the right of government to establish surveillance and monitoring systems. They will have become a natural part of the social environment. People voicing their concern about these initiatives will be suspected of working against the public interest. Giving information anonymously to agencies regarding the activities of other people will become natural for Australians.
It is for these reasons that we urge the Parliament to request the Privacy Commissioner to establish a public Inquiry into the generalissue of privacy and surveillance in Australia. It is only with the backdrop of such an initiative that Australians can clearly judge the importance of these issues.
The establishment of a surveillance society is not dependent on technology, but the recent history of Australia and other western nations shows that technology has a crucial role to play. China and many eastern European countries developed many of the characteristics of a Zone 5 surveillance society without sophisticated technology. Those governments relied instead on massive numbers of bureaucrats, informers and spies to enforce state requirements. Despite a chaotic intelligence system riddled with errors, these countries lived for years in an environment of suspicion, fear and control. Technology allows the same extensive information flows without the expense or political intrusion.
One of the most important lessons for western countries is that our transition from zone 4 to zone 5 will happen because of the attitude of citizens, not the enforcement of government systems. Of course, any free society will revolt against the unpopular imposition of surveillance and control measures, unless the people are lulled into submission. Technology is only partly to blame. It is the means by which government will establish effective and powerful control mechanisms. The motivation to use these systems to their fullest extent will depend on the will and awareness of the electorate.
Technology and technological practices can be divided into three categories :
GREEN TECHNOLOGY which includes all developments that help to protect rights and freedoms, strengthen democratic institutions, protect privacy, enhance the integrity and strength of relationships within the community, and improve the autonomy of the individual. Examples of such technology are smart cards which have been specifically designed to replace the need for cash (and therefore the need for intrusive electronic money monitoring); encryption techniques which strengthen the privacy and security of our communications, and new forms of medical technology that reduce dependence on medical institutions.
AMBER TECHNOLOGY. This form of technology can be generally beneficial to the community but is vulnerable to abuse or misuse. Amber technology is often established by the tripartite agencies to improve revenue systems, monitor welfare payments, or assist law enforcement. Examples include the Tax File Number, data matching (automatic mass matching of databanks), credit reporting systems, and the intelligent telephone network, which might force subscribers to divulge large quantities of personal information down the line. The dangers of amber technology are most evident when the systems are expanded or linked.with each other.
RED TECHNOLOGY is technology which poses considerable dangers to the community. Red technology reduces individual autonomy and rights, binds people to rigourous government requirements, increases the power of institutions, replaces trust with suspicion, reverses the onus of proof (assumes that everyone is guilty until proven innocent) and creates an atmosphere of repression and control in the community. Examples of red technology include satellite linked law enforcement tracking systems, multi-purpose general identification cards and genetic databases.
Many of the Amber systems constructed in recent years by our governments and private organisations have progressed to the Red zone. At this point, the community should demand that exhaustive justification be made, and rigourous safeguards be put in place. This has rarely been done, and the Red zone is becoming more populated with dangerous and unregulated surveillance and control systems.
Data matching (also known as parallel matching, bulk matching or computer matching) is the process of automatically comparing records of a person from two or more sources.
At first glimpse, the idea of automatically matching one set of computer records with another seems to be fairly innocuous. The process appears to be in the public interest. The reality is far more complex.
Data matching, in the view of the APF, is the technological equivalent of a general warrant on the entire population. It is no different to the notion of police being empowered to enter your home in your absence, search through your papers, and take what copies they wish.
Such a comparison might at first sound extreme, but it is an accurate parallel, and will become more obvious in future years as a greater amount of information about us is stored on computer. In 1986, the United States Office of Technology Assessment concluded "Computer matches are inherently mass or class investigations".
Despite the possibility of computer matching yielding revenue for the government, there are several fundamental problems with the process.
The first and perhaps most important is whether a government has a right to place a population under this form of surveillance (known as "dataveillance"). The mere fact that savings are possible should not sway us from an understanding that no government has a absolute right to do as it pleases with our personal details. Data matching is directly equivalent to arbitrary investigation without cause of suspicion. This question has not been satisfactorally addresed, and has not been debated in the Parliamentary or public arena.
Within this broad concern, there are three distinct human rights and privacy dilemmas. First, data matching is based on an assumption of guilt. Each member of the population, according to the rationale of the data matching programmes, is a suspect and therefore a potential criminal.
The presumption of innocence no longer exists. A computer matching programme therefore reverses the entire basis of the judicial system.
Another fundamental point relates to the Privacy Principles held in law throughout the world. One of the most important of these principles demands that information supplied for one purpose should not be used for another purpose unless the individual concerned has given consent.
Perhaps the most dangerous long term outcome of a mass data matching programme is that it tends to encourage governments to create a universal population numbering system. Since the greatest practical problem for computer matching is the way people identify themselves, such a numbering scheme would be most attractive.
The Universal Numbering System potential is itself a difficult matter to debate. Data matching can contain processes to merge various numbering schemes, aplying criterea for determining whether a number from one sector adequately matches a number from another. There is, in effect, a "working number" or "working identity" applied or created by the data matching system.
The second key area of concern relates to the accuracy of the information being matched. The key assumption underlying any data matching programme is that information from each of the sources is parallel and compatible. Such is rarely the case. Even apparently identical items of information or categories often have different meanings in different systems. Such terms as defacto, marriage, child, dependent, spouse, income, living costs, permanent or temporary can be used in different ways by different departments, and people often quite legitimately use them differently according to a changed circumstance. A person's information may also quite legitimately vary between departments because of the date the information was originally provided. Data matching may not take these discrepancies into account when determining if a person's file is a "hit". The decisions are made on a clinical basis, with the computer matching staff being unaware of the broader context of each case.
Once a person has been flagged (marked for scrutiny) by the system, it would invariably be the case that the onus of proof of innocence is on the person rather than the government. Once an investigation proceeds, information that may be wrong or out of date is then liable to be communicated with third parties, resulting in possible harm or embarrassment to the file subject.
The New South Wales Council of Civil Liberties gave evidence to a Senate Committee that false accusation was occuring because of computer matching. One man received a letter from the Australian Tax Office advising that his entire refund had been withheld by the department because of outstanding child support liabilities. The crime had been detected by the computer matching process. The only problem was that this victim had never had any children.
The man was not alone. In 1990, 18,000 people received similar advice. Although less than a hundred formally appealed against the decision of the Tax Office, it is noteworthy that they were not advised that they had a right of appeal.
The Child Support schene matching process is a small-time operation compared to the major matching programmes operated by DSS and the Tax Office. In one programme alone, where nine million DSS records were computer matched against one million DEET records, 65,000 individuals were identified for further investigation.
One of the most alarming aspects of widespread data matching is that it gives the technical ability to develop a comprehensive profile on each member of the population. Government promises that this will never happen should be treated with the appropriate level of scepticism. The mere fact that at the push of a button such a detailed profile is possible should set alarm bells ringing in the ears of a population tuned to the dangers of an ID card.
A United Nations study entitled "Human Rights and Scientific and Technological Development" warns :
....the increased expansion of computerisation of personal data may result in a "dossier society" which would have "dehumanising" effects on the individual. The relative inflexibility of computer based record keeping resulting from the computers having been designed to use certain preconceived categories, coupled with the constraints that some computerised systems put on the freedom of persons concerned to provide explanatory details in responding to questions, have been considered as contributing to the dehumanising effect of computerisation.
The Australian Government has placed a great deal of emphasis on the absence of a central database in the computer matching programme. In response to this claim, the Australian National University's Roger Clarke studied the draft specifications in the Federal Government programmes tender documents, and concluded :
Any claims that the scheme involves no central register are dispelled by the Draft Specification's references to data maintenance and updating of the matched record in "the large file," (18.104.22.168), the loading of changed records (7.9.1), large volume historical data (8.2), future requirements for transaction processing (8.3), and "the National Database" (8.5). It is intended that data be not merely received and matched, and then discarded; the data is also to be stored and updated. There will therefore be an ongoing 'master-file', maintained by a single agency in one location, which is what is meant by the term 'central register'.
Roger Clarke went on to assess the likely magnitude of the computer matching proposals :
A total of 10 million separate individuals would appear to be the subject of records held by the system (22.214.171.124), although the same paragraph mentions another master-file of 7 million records. Further confusion arises from the statements that the largest table contains 20 million records totalling 2.7 gigabytes, or 135 bytes per record (7.7.3, 7.11.1); about "the full environment of 30 million records" (13.4); and that the planned data holdings are 70-100 million records (7.7.4). It would appear that DSS intends retaining all data in "long term storage". Current holdings of historical data are stated to be over 60 gigabytes (8.2) - which would be 300 million records if they averaged 200 bytes; and this is presumably before large-scale accumulation of data from multiple sources is commenced.
No growth rate in file volumes is provided, but tenderers are required to describe how they would "accommodate an environment of double, then treble the initial size over one to two years" (7.12.2).
Sydney Law Academic Graham Greenleaf, in a later analysis, confirmed these findings :
There is little doubt that the RFT describes a central register which is part of the matching system and is maintained by DSS, but its exact nature and purpose is unclear.
The Government's assurances on this matter appear to be absolutely deceptive. Not only does it appear from the tender documents and from expert analysis that the government has misled the people, but the government's assurances deliberately miss the point. The essential issue is that data matching creates the effect of a single computer even if no single master computer exists.
To understand this fundamental point, you only have to think of a computer as a mass of separate parts, each of which can communicate in a set way with the other parts. A large computer, in fact, is usually many smaller computers all communicating in harmony. Data matching is an extension of this process. The matching process allows one computer to talk easily with others, thus creating one giant computer. This is the one major error of so many of the old science fiction horror stories. The future "Big Brother" was not to be a single, all seeing, all knowing machine; it was to be countless thousands of machines, all linked; all communicating.
This, perhaps more than any single point, is the one that should be foremost in the minds of our more aware and sensitive politicians. Data Matching is not just a more efficient way for computers to speak; it is the systematic development of a vast, multi-faceted data base that reaches into every aspect of our lives. It is not good enough for a government to artfully engineer semantics and to use blackmail to achieve compliance. A government should think beyond the gains of the moment to consider what sort of society it is helping to create. Privacy advocates have always been deeply concerned that the linkage of computers will create a set of community and political norms which are inimical to a free society.
This dataveillance is likely to produce a "chilling effect" on the population. This chill comes about when people feel they are under constant surveillance. It is, in many ways, similar to the "environment of deterrence" philosophy favoured by many police forces. Once this emotion has set in, it is likely that it could never be reversed. This same impact was predicted for the Australia Card. Data Matching will produce a similar effect, but its effect will take some years to manifest.
Following the defeat of the Australia Card in 1987, the Government decided to pursue the alternative option of an Enhanced Tax File Number (TFN), which would improve the existing Tax File Number system which had been in use by the Tax Office since the 1930s.
The enhanced TFN was a scheme recommended by a 1986 Australia Card parliamentary inquiry, and was to be an administrative base for the Tax Office to help streamline the administration of revenue raising. The Parliamentary Opposition and privacy advocates were keenly aware of the importance of strictly limiting the number. Indeed a Senate report had warned that the scheme, if enacted, "be strictly limited in its terms....as to prevent a progressive extension of the ambit of the Bill". The popular view at the time was that, if unchecked, the TFN could become a defacto ID card.
Time after time the government promised, both inside and outside parliament, that the TFN would be used exclusively by the Tax Office for the sole purpose of improving revenue collection. It was not to become a national identification number, nor was it to be a link between departments.
In a press release issued on 25 May 1988, Paul Keating said `The Tax Office will be the only Government agency which uses the tax file number for the purpose of identifying and registering its client base....The tax file numbering system will be administered exclusively by the Tax Office for tax purposes.'
In his second reading speech for the Taxation Laws Amendment (Tax File Numbers) Bill 1988, 1 September 1988, Paul Keating pledged "No other government or non-government agency will have access to the Tax Office file number registration system, nor will it be able to use an individual's TFN for any registration system of its own."
The Opposition and the Democrats accepted these assurances, and allowed the passage of the Tax File Number.
Three years later, the government has ripped up all its promises, and extended the Tax File Number to the point now where it is effectively a national identification number.
The broken promises go even further. The Government's promise that [The Tax File Number] will not establish a citizen identification system.' was broken when 1990 budget provisions demanded use of the tax file number by non tax payers. Such a scheme can be nothing other than a citizens identification system.
In a 1988 speech in Parliament,  the treasurer also pledged "The amendments the Government has agreed to accept are designed to guarantee that the tax file numbering scheme is completely voluntary.' Then, in December 1989 amendments to Social Security Act, made a mockery of that pledge by making the quotation of a TFN a pre-requisite for unemployment and sickness benefits.
Paul Keating went on to promise `Exchanges of information between the Tax Office and other agencies will continue to be limited to those authorised under the very strict secrecy provisions of the tax law.'
Within a year, the provisions of the 1990 Budget: meant that any `strictness' in the secrecy provisions of the tax law were now abandoned. The Tax Office files will be cross-matched against those of all other government agencies granting benefits, and furthermore they will throw open the ATO's TFN files to facilitate the process.
Over the next two years, the government continued to break its promises about the Tax File Number. As Roger Clarke later observed "The Parliamentary Opposition, the Privacy Commissioner, and privacy and civil liberties groups were all caught napping"
The complex nature of Australia's political and administrative system has created problems over many years for fraud investigation. Commonwealth agencies have routinely consulted state records - most of which contain publicly available information such as land titles - but the work has been cumbersome and expensive. In an effort to streamline the process of investigation, the Attorney General's Department has developed a scheme that will establish a computer link for publicly available data between many state and federal agencies.
In mid 1991, the Government envisioned the immediate connection of 500 terminals to the system, with a total projected figure of 3,000 terminals. By the time the tender documents were released in late 1991, this figure had risen sharply to an initial connection of 6,484 terminals, rising to 10,254 terminals.
Despite the commitment made by the government to confidentiality and data security, there are numerous grave privacy and individual rights concerns that arise from the development of the LEAN scheme.
First, there is little justification for associating law-abiding members of the community with a criminal investigation system, nor is there adequate justification for prior suspicion of guilt.
Second, in the view of Privacy advocates, there is a very clear breach of the spirit of the Privacy Act. Information given for one purpose (for example, for land records) is being used for another entirely different purpose.
Third, it appears the LEAN system will not be governed by an Act of parliament, and thus there be only very limited legal authority or parliamentary scrutiny of the scheme.
Fourth, the information will be available to a large number of public service staff with limited investigative training.
Fifth, there is a very grave risk that the scheme will suffer "function creep" by being merged with information sources that are not publicly available, and by developing a wider range of purposes for state and commonwealth departments.
Finally, no consultation has been undertaken with public interest or advocacy groups.
In March 1992, at its meeting in Washington DC, the worldwide watchdog group "Privacy International" passed a resolution condemning the scheme. The meeting, involving many of the world's leading privacy experts, agreed that the government's handling of the LEAN proposal was inappropriate, and that the scheme's dangers far outweighed its benefits.
By October 1990, there were 31 active and proposed major data matching
programmes involving Commonwealth Government Departments These are, in summary
NAME OF PROGRAMME AGENCIES INVOLVED
_______________________________________________________________ Incoeme Matching System ATO, employers & investment bodies
Pensions/income match ATO, DVA, DSS
Prescribed payments/unemployment DSS, ATO
Pensioner match DSS, DVA
Veteran's Pension/superannuation DVA and superannuation funds
AUSTUDY, DSS pension & benefits DEET and DSS
Student assistance/pension DEET and DSS
DEET/employment income match DEET & DEET subsidised employers
AUSTUDY and enrolment DEET and educational institutions
Student Assistance/income match ATO and DEET
Social service benefits/departures DSS and DILGEA
Overseas student/student assistanc DEET and DILGEA
Social security and payroll DSS and Department of Finance
Benefits identification DSS and State registrar general offices
Benefits identification DSS and Australian Electoral Office
Benefits entitlement DSS and HIC
Benefits checks DSS and insurance company payments
Benefits checks DSS employment declarations and ATO
Child support checks DSS and Child Support Agency
Benefits entitlement DSS & state Corrective Services Deps.
Criminal investigation DSS, AEO, State Reg Generals and HIC
Apprenticeship allowance checks DEET and DIR
Sales Tax Returns ATO and Customs
DSS Accelerated Claims DSS intra-agency
Benefits identification DSS and overseas welfare authorities
benefit entitlement DSS, land titles office and local government
overseas student matches DEET and DILGEA
insurance claim checks DSS, Telecom
" DSS, Australia Post
" DSS, Comcare
" DSS, Insurance company records.
Source : Privacy Commissioner's Draft Data Matching Guidelines, 1990.
RECOGNIZING THAT THE AUSTRALIAN GOVERNMENT is now considering the development of a comprehensive database containing personal information;
FURTHER recognizing that the Government of Australia is a signatory to the OECD convention on data protection, and has established a commitment to protecting the right to privacy :
THE PARTICIPANTS OF THIS MEETING OF PRIVACY INTERNATIONAL express concern about the Australia government's proposed Law Enforcement Access Network, especially with regard to:
PRIVACY INTERNATIONAL respectfully calls on the Australian government:
Resolution passed in Washington DC, March 1992, at the first General Meeting of Privacy International, representing privacy and civil rights advocates from fifty countries. The resolution condemns the LEAN system.
The harsh reality is that data protectors run the risk of being only a tiny force of irregulars equipped with pitchforks and hoes waging battle against large technocratic and bureaucratic forces equipped with lasers and nuclear weapons. Professor David Flaherty in "protecting Privacy in Surveillance Societies"
For the past three years, the Australian Government has been planning the construction of one of the largest and most invasive surveillance systems ever proposed for Australia. Known as the LEAN system (Law Enforcement Access Network) this massive network will link state and federal departments including the Australian Bureau of Criminal Intelligence, the Australian Customs Service, the Commonwealth Attorney General's Department, the Australian Federal Police, state public information registers, the Australian Tax Office, the Department of Employment, Education and Training, the Department of Defence and the National Crime Authority.
More than 10,000 computer terminals will be linked to the LEAN system, and it is expected that the system will grow rapidly over the next decade. 
This is the sort of scheme that Privacy advocates fear most of all. It links most, if not all, major databases. It paves the way for the introduction of national standards, including numbering systems, and it has the potential to become a tool of unparalleled surveillance of the entire population. Yet, despite the fact that Australia has a Privacy Act and a Privacy Commissioner, it seems there is little protection against the development of such systems.
Members of the Australian Privacy Foundation wrote in mid 1991 to the Commonwealth Privacy Commissioner, complaining that the proposal was illegal under the Privacy Act. He wrote back saying that there were real questions as to whether he had any power to take any action. Twelve months later, at the time of preparation of this book, action had still not been taken on the Privacy Foundation's complaint.
The Commissioner has said little about this proposal, and far from distancing himself from the scheme, is actually represented as an observer on the steering committee of the project.
The Privacy Foundation has received dozens of written requests for it to represent the concerns of people in New South Wales, but the Foundation can do nothing. Advice from the Privacy Commissioner's Office is that complaints cannot be dealt with until the system has commenced.
This absurd situation highlights a deception practiced on the Australian public. For all their posturing about privacy, Australian governments have done next to nothing to protect us from the very worst privacy violations. Commonwealth Privacy law does relatively little to stop the most dangerous government surveillance schemes. The New South Wales Government has intentionally starved its Privacy Committee of funds, and South Australia has a privacy committee with virtually no resources and therefore almost no influence on state government privacy violations. The other states have no laws, no watch dogs, and appear to have very little interest in privacy protection.
The New South Wales Privacy Committee has an excellent research and educational function, but is largely ignored by the state government. While the Attorney General's Department - the Committee's boss - spends three million dollars annually on its own information technology division, it allocates only a sixth of that amount for privacy protection for the entire state of New South Wales. Requests by the Privacy Committee for a reasonable increase in staff and resources have been routinely denied for years by the department. 
The scenario, however, grows more depressing. Queensland had a Privacy Act, but allowed this to expire in August 1990 because of a sunset clause (an automatic expiry provision). To date no replacement law has been passed by the Queensland Parliament.
The Western Australian Government proposed Privacy Legislation in 1991, but no funds were allocated for development and drafting of the legislation. As a result, government officers responsible for drafting the bill were forced to secure expert legal advice with little more than the offer of free coffee and biscuits.
Beyond those non existent or relatively powerless government instruments, Australia has a number of non-government organisations that contribute to the protection of privacy. The key organisation has been the Australian Privacy Foundation, formed in 1987 to fight the Australia Card plan.
On a broader level, each state has a Civil Liberties Council. Most of these organisations are impoverished, but have traditionally been in the forefront of surveillance issues. The Victorian Council for Civil Liberties, under the presidency of Ron Castan QC, gave great prominence to privacy issues. Consumer groups such as the Australian Consumers' Association have yet to develop comprehensive privacy policies. Other watchdog groups (the Welfare rights centre, Council on Social Service and so on) deal with issues of privacy and surveillance on an occasional basis, but have no special interest in the field.
In theory, at least, the safety valve against the creation of a national surveillance system rests with the Privacy Act. This piece of legislation, proclaimed in 1988, was intended to cover Federal Government agencies and departments, including Telecom (which has since then dropped out of the Act because of corporatisation).
Although the Privacy Act does not generally provide protection within the private sector (banks, commercial organisations etc) the law was extended in the wake of controversy over plans by the finance industry to increase the surveillance capability of credit reporting agencies. The Privacy Act now gives protection in that area.
The Privacy Act has a long and tortuous history. Its genesis can be traced to 1976, when the Government of Malcolm Fraser gave the Australian Law Reform Commission a reference to look into privacy invasions at the Commonwealth level. The important three volume report was not completed until 1983, and was presented to a new Government in December of that year.
The Report included a draft Privacy Bill based loosely on a set of internationally accepted privacy principles to which Australia was a signatory. The Organisation for Economic Cooperation and Development (OECD) had developed a set of privacy guidelines which were to find their way into the laws of many countries. Justice Michael Kirby, then chairman of the Australian Law Reform Commission, chaired the internationalgroup which originally produced these guidelines.
The passage of the proposed bill, however, was not to be an easy one. First, the introduction of the Bill was delayed, partly due to the planning of the Australia Card. By the time the Privacy Bill came up before Parliament, the Government had instituted a clever legislative device to confuse the potential opposition to the Australia Card. First, the operation of the Privacy Bill would be contingent on the establishment of a Data Protection Agency (not the originally proposed Privacy Agency).
The catch was that the provisions creating the Data Protection Agency were in the Australia Card Bill (part VII) instead of the Privacy Bill. So, if the Australia Card bill was opposed, the Privacy Bill could not commence.
Despite this tactic, the Australia Card Bill was rejected in the Senate, and the rest is burned well and truly into history.
The Privacy Bill that finally emerged after the defeat of the Australia Card was a much stronger and more internationally acceptable compromise. A number of strong amendments proposed by the Opposition were accepted, and the stage was set for reasonably effective privacy protection. A privacy commissioner with a respectable range of powers and a surprisingly healthy budget (now approaching two and a half million dollars a year) was appointed in 1989, and a set of principles were put in place to govern personal information in the Commonwealth domain. 
The principles governing the Act are set out in full at the end of this chapter but the following plain English version should serve as a more readable guide. In this analysis, when I use the term "Department" I mean any government, person or agency, as well as the Credit Reporting Industry.
The Commonwealth Privacy Act is an extremely limited law. It covers only Commonwealth Government Agencies and the credit reporting industry. It does not give protection against privacy invasion by state governments, the private sector, banking, telecommunications or the insurance industry. Nor does it cover privacy issues relating to any of the professions.
Even within its narrow scope, the Privacy Act has serious limitations. One of the most serious deficiencies relates to controls over the use of publicly available information (that is, information and records such as land titles and electoral rolls that are available for general public inspection) It is this sort of information that forms the basis for the LEAN system. The dilemma shows once again that law on its own is an inadequate mechanism to deal with modern surveillance techniques.
Another serious limitation of the Privacy Act is that it allows a great many privacy violations to occur in the name of law enforcement or taxation. The most well known of these violations relates to the recent extensions of the Tax File Number. Despite a government promise that the Tax File Number would remain the exclusive domain of the Tax Office, the system has been extended progressively to include such facets as Unemployment benefits, pensioner benefits, and the higher education Contribution Scheme. The Privacy Act or the Privacy Commissioner can do nothing to prevent such extensions. If a scheme has been established to assist law enforcement or to pursue public revenue collection, the Act has only a limited application.
The Privacy Act stipulates in Principles 10 and 11 that information collected for one purpose should not be used or disclosed for any other purpose. Then the Act goes on to say that purposes related to law enforcement or revenue collection may ignore those principles. Since just about every government scheme is aimed at strengthening law enforcement or revenue, it makes something of a mockery of legislative privacy protection.
Perhaps the gravest limitation of the Privacy Act is that it does next to nothing to prevent or limit the collection of information. The Act merely stipulates that information has to be collected by lawful means and for a purpose "directly related to a function or activity of the collector". Thus, a virtually unlimited number of information systems can be established without any breach of the Privacy Act.
It would be a mistake to assume that law is going to solve all our privacy problems. The Dutch privacy expert Dr Jan Holvast recently explained that Privacy Legislation "corrects the mistakes and misuses but it does not attack the way in which technology is used. On the contrary, experiences with data protection law in several countries show that these laws are legalizing existing practices instead of protecting privacy."
A year later, the world-wide watchdog group Privacy International warned in its 1991 report :
Protection's in law, where they exist, are sometimes ineffective and even counter-productive. Extensive information holdings by government are invariably allowed under exemptions and protection's in law. The existence of statutory privacy bodies, rather than impeding such trends, sometimes legitimates intrusive information practices.
Despite the existence of privacy legislation, Australia in the early 1990s is shaping up to be one of the world's most advanced surveillance societies. There is an ingrained hostility to privacy within the bureaucracy, suspicion of it from within the ranks of the Australian Labor Party, and an ideological opposition to private sector privacy protection from within the conservative parties. People have come to the belief that opposition to the government's plans would be hostile to its best intentions. "If you have nothing to hide, then you have nothing to fear" is a justification that we might have expected from the government of a totalitarian regime rather than a liberal democracy.
The government has hit upon the perfect solution for justifying the establishment of massive computer surveillance systems. First, establish a watchdog with rotting teeth. Second, proclaim that anyone opposing the reforms is working against the interests of the nation. By limiting the requirements of privacy law and glorifying the goals of fraud recovery, the government has successfully nobbled both the Privacy Commissioner, and the public. Privacy advocates are seen more often than not as extremist trouble-makers, unable to see reality. As each successive privacy invasion is established, the economic justification is harder to challenge.
In his 1991 annual report, the Privacy Commissioner warned
The claims that compete with privacy seem more significant because they are readily quantified, have an apparently undeniable objective and are said to carry no risk for the ordinary citizen ("Only rogues and cheats have anything to fear").
Without considerable positive discrimination, a privacy commissioner can do little. Professor David Flaherty, the world's leading academic authority on privacy, observed "The public is being lulled into a false sense of security about the protection of their privacy by their official protectors, who often lack the will and energy to resist successfully the diverse initiatives of what Jan Freese (one of Europe's first data protection Commissioner's) has aptly termed the "information athletes" in our respective societies."
When the federal government planned to introduce a scheme to link every pharmacist with a central computer in Canberra, the Australian Privacy Foundation was forced to concede that - invasive as the proposal was - it did not breach the Privacy Act. In evidence to the Senate Committee on Legal and Constitutional affairs, the Foundation argued :
We believe that when the Privacy Act was put through in 1988, the view of the public was that it would create a parliamentary oversight so that we never again would have a universal system of the nature of the Australia Card. What we have found is that through function creep these various systems tend to be implemented because they do not breach the Act. 
The Foundation pointed out to the Senate Committee that the public was being lulled into a false sense of security by the Privacy Act. While people expected that the Act would apply the brakes on the development of intrusive surveillance systems, the reality was that the Act condones and even streamlines such actions. The period since the Act was proclaimed has seen an avalanche of privacy invasion in virtually every facet of government activity.
The test of privacy legislation, and privacy watchdogs, is whether they can limit the creation of invasive systems in the first place, rather than raking the embers after they have been established. The parliamentary opposition and the Democrats, acting virtually alone, have partially constrained the tide.
The first Privacy Commissioner commenced his appointment in 1989, and will hold that post until 1994. The Commissioner administers an Act of Parliament that was, and still is, at best, inadequate and, at worst, an instrument to allow any government qualified scope to invade privacy and rights.
The Commissioner is, in effect, an employee of the Attorney General's Department. He is a public servant without true independence.
Many advocates view this lack of independence with concern. In summarising the case for a privacy Commissioner for New South Wales, the NSW Privacy Committee had argued that "unless the Privacy and Data Protection Commissioner is completely independent of government, there is a danger that the Commissioner will, in reality or popular perception, be seen to be an instrument for legitimating any privacy invasive practices and policies of government agencies." 
From the very beginning it was clear that some ministers and government departments were going to make a consistent attempt to use the Act and the Commissioner as a justification for privacy invasion. The history of privacy violations in the past few years has highlighted government activity that could be reasonably described as devious and a touch ruthless. Senator Amanda Vanstone, addressing the Commissioner during a Senate Committee hearing warned ".....there are occasions when we hear members of the Executive basically using your position, if you like, as a soother (for the development of numbering schemes etc) , and saying 'Look, this is all right. The Privacy Commissioner has looked at it and he said it is O.K.' ". 
Senator Vanstone later added "The reason I am concerned about it is that sometimes people who do not necessarily have a big interest in this area (privacy) - do not know much about it - have your position waved as a magic wand of approval."
In 1990, the Commissioner claimed before a Senate Committee that his functions did not include commenting on the privacy implications of government proposals. His role was slightly widened the following year, but the Commissioner continues to avoid publicly commenting on the privacy implications of government proposals. This is despite the fact that the Act now allows him "to examine (with or without a request from a Minister) a proposed enactment that would require or authorise acts or practices of an agency that might, in the absence of the enactment, be interferences with the privacy of individuals or which may otherwise have any adverse effects on the privacy of individuals and to ensure that any adverse effects of such proposed enactment on the privacy of individuals are minimised".
There now seems to be no conclusion that can be drawn other than that the government is using the existence of the Privacy Commissioner's Office to legitimate privacy invasion. The often heard claim by government ministers than they have "consulted with" the Commissioner are deceptive. The Commissioner usually does not have power to stop the government from carrying out its intentions. On April 1st 1992 and again on April 2nd, for example, Justice Minister Senator Michael Tate answered questions relating to two separate privacy concerns. It is interesting to note the similarity of his responses. In answer to a question about the largely secret establishment of the LEAN system, he said (in part) :
It (LEAN) has been found to be quite consistent with the provisions made by the Senate so far as law enforcement activities are concerned. Indeed the Privacy Commissioner, Mr Kevin O'Connor, who has been mentioned by Senator Calvert, has been very much involved in the development of this proposal. He has been consulted on the development of all of the privacy and security procedures that will be involved in this project.
Ironically, two weeks previously, Privacy International in Washington had passed a resolution of concern over the Australian Government's lack of consultation in the LEAN scheme.
The next day, April 2nd, in answer to a question by Senator John Herron about the development of medical smart cards, Tate replied (in part) :
But, of course, the Government has always in regard to these matters taken advice and put matters before the Privacy Commissioner, Mr Kevin O'Connor, in order to ensure that the sort of privacy safeguards which the Parliament and this Senate regard as so important, are indeed observed.
Similar responses have been given by Senator Tate and other ministers in answer to concerns about extensions to the Tax File Number, reissue of the Medicare Card, and the establishment of the PBS "Blackbox" scheme. Whilst it is true that in each case the government did contact the Commissioner, it was, on one occasion, after the event, and in others it was on the basis of "comment only". The Commissioner has been able to offer his opinion, but was invariably unable to influence the thrust of the proposals.
The Commonwealth Privacy Commissioner has five main functions
A glimpse into the machinations of the Privacy Commissioner's office reveals a complex relationship with the Commonwealth Government. The simple view of the Commissioner might be that he acts in a "bottom line" manner to protect the public from breaches of the Privacy Act. The reality is far more intricate.
The Commissioner has defined his role principally as a regulator, with responsibilities for the establishment of privacy protection mechanisms that are not just effective, but also workable. It seems, however, that everyone has different views on the meaning of the word workable.
In 1991, the Commissioner was requested by Parliament to prepare guidelines for Medicare and the Pharmaceutical Benefits Scheme. His draft guidelines, according to the Office of the General Counsel, were not strict enough. The guidelines did not, in the Counsel's view, match up to the requirements of privacy law.
The Privacy Commissioner's response was to refuse to issue the guidelines. He said he would not be satisfied to release guidelines until parliament had clarified the conflict. The Commissioner's view was that stronger guidelines "would hinder, in significant ways, the operation of the Department of Health, Housing and Community Services, and that would be contrary to the public interest."
Clearly, then, the Commissioner sees himself as performing two parallel functions. One is to issue guidelines that are compatible with the efficient administration of Government Departments. The second is to determine the balance of public interest in an arena much wider than privacy or data protection.
However, even the Commissioner appears to waver on the extent of his role in deciding public interest. While he appears to be comfortable with deciding the issue in relation to the health sphere, he is less happy to do so in other areas. In evidence to a Senate Committee, the Commissioner defined his role as something of a technocrat, and advised "The statutory charter indicates simply that I implement the relevant privacy standards that have been agreed to by Parliament." In other words, the public interest balance would have to be determined by ministers of the Government.
The evidence given by the Commissioner reveals his complex relationship with the Government. Senators Kemp, Spindler, Vanstone and Giles each asked the Commissioner for advice on the public interest aspects relating to government proposals to extend the tax file number. On each occasion, he replied that his function was not to decide these things. He said "If I am going to retain a relationship of trust with the people with whom I deal.....I do not think I can easily cart around sets of advice and dispense them to people."
The Privacy Commissioner has considerable responsibilities for regulating the activities of Commonwealth Government Departments, but is of far less direct benefit to individuals. In the year to June 1991, the Commissioner's office received 170 complaints from individuals, but could assist, legally, only 66 of these people. These cases were dealt with through conciliation, and during the year 22 complaints were successfully resolved.
The following cases provide some illustration of the role of the Commissioner and the sort of complaints he can handle :
Complaints to the Privacy Commissioner should be addressed to :
The Privacy Commissioner
Human Rights and Equal Opportunity Commission
American Express Building
388 George Street
SYDNEY NSW 2000
The Privacy Commissioner also offers a toll free hotline number for questions or complaints : 008 023 985
The Privacy Committee of NSW is the pre-eminent government privacy body in Australia, and has achieved an international reputation. It has been in the forefront of numerous privacy issues, and can be relied on to provide thorough research and evaluation of privacy and surveillance issues.
The Committee was established in 1975 under the Privacy Committee Act. It was a time when public awareness about these issues was at an all time high, but the issues themselves were relatively small in number.
Technically, at least, the Privacy Committee is an independent statutory body with powers in both the private and government spheres. The reality is that the Committee's scope has been severely limited has been rendered impotent because of a shortage of funds and the implied threat of having resources cut if the boat is rocked too far. The Committee does not have an independent source of funds, and must compete with other sections of the Attorney General's Department for money. As a result, the game must be played to ensure the survival of the Committee.
The Privacy Committee is in a bizarre position. It has powers that come close to those of a Royal Commission, yet it cannot award penalties in relation to any findings. It can make as many recommendations as it wishes to government, but has no powers of enforcement.
In 1991, exasperated by the on-going lack of funding or encouragement from government, the Committee recommended its' own abolition. In its submission to the Independent Commission Against Corruption (ICAC) on the subject of the inquiry relating to illegal sale of personal information, the Committee complained "The committee has been so well controlled by budgetary constraints that the performance of its' statutory functions has been seriously undermined....the Committee must line up and compete with every other branch and body funded by the (Attorney General's) Department for a piece of the financial pie. Unfortunately for the Committee, it always seems to be last in the queue."
The Committee recommended that a Privacy and Data Protection Commissioner be established to look after the privacy interests of people in New South Wales. It was a noble recommendation, as its implementation would probably mean an end to the Privacy Committee.
The Committee has a good success rate in conciliating and investigating complaints relating to privacy violation. Inquiries and complaints should be addressed to :
The Privacy Committee of NSW
189 Kent Street
Sydney NSW 2000
Telephone 02 - 252 3843
The Privacy Committee has an excellent reference library, and members of the public can use this facility by arrangement.
If any one organisation testified to the ambivalence of government to the issue of privacy, then the South Australian Privacy Committee would be the one. The committee has one full time staff member responsible for all research, liaison and administrative duties. The Committee, in addition to its privacy functions, also acts as a quasi freedom of information unit.
Despite these extraordinary funding constraints (which make the NSW Privacy Committee seem wealthy by comparison) the Committee has performed an excellent function, particularly in the areas of liaison and education.
The Committee is able to investigate and conciliate complaints from members of the public, and correspondence should be addressed to :
Privacy Committee of South Australia
13th Floor, SGIC Building
Adelaide SA 5000
During 1990, leading privacy and human rights advocates from forty countries joined forces to form the World Privacy Protection Network (Privacy International). Until then, privacy protection at an international level had not existed, and previous attempts to form a world organisation had failed.
The organisation, a non-profit and non-partisan advocacy group, is now the peak world body in surveillance and privacy protection, and has already campaigned successfully on privacy issues in many countries.
Since its' inception, Privacy International has organised campaigns in Northern Ireland, Canada, the United States, New Zealand, Thailand, The Philippines and Hungary on issues as diverse as ID cards, police activities and population numbering systems.
The aims of Privacy International include : monitoring the nature, effectiveness and extent of measures to protect privacy and personal data, assessing the impact of new technologies on the privacy and freedom of the individual; monitoring and reporting on surveillance activities of security forces and intelligence agencies; monitoring the use by of universal identification systems and mass matching of computer files; assessing the nature, extent and implications of flows of information between countries, and seeking ways through which information technology can be used in the protection of privacy
From 1992, Privacy International will also publish an international annual report containing description of privacy violations throughout the world.
The organisation was formally established in March 1992 at its inaugural meeting in Washington DC. Planning and policy development is now in the hands of a working group of 140 experts in 34 countries.
Privacy International's secretariat is located in Washington. Its address is :
666 Pennsylvania Avenue SE, Suite 303
Washington DC 20003 USA
We are mindful that when the United States Internal Revenue Service (IRS) adopted a policy many years ago of offering small cash rewards to people who gave information about tax dodgers. The proposal ignited furious debate about the possible effect of this policy on American society. Civil libertarians felt that the cash reward offer would set citizen against citizen and effectively create a vast army of paid agents of the government.
The IRS policy pales by comparison with what the Finance Department of the Australian Government is working on. The Department is planning to cut a deal with informers, and pay anything up to a fifty fifty split of recovered money. The new policy is likely to apply to virtually all departments including Tax, Social Security, Veteran's Affairs, Primary Industries, Customs, Education, Defence and Administrative Services. Indeed one of the scheme's architects says "it's not our intention to rule out anything. The legislation will be as all-embracing as possible".
The proposed legislation, which is expected to come into effect on July 1, 1993, will "encourage" relatives, friends and workmates to provide information on a confidential basis to the fraud sections of the relevant departments. A special fund will then pay a reward proportionate to the amount of money recovered. The Department of Finance admits that "disgruntled" spouses or colleagues are likely to take advantage of the offer.
It does not require a suspicious mind to conclude that this informant scheme, offering reward and encouragement to anyone with a prejudice or an unsupported suspicion, is open to rampant abuse. There is, however, an even greater threat in the government's proposal. The scheme is designed to create a fundamental shift in relationships throughout the community. People will be encouraged to adopt an active policing role on behalf of the government. Instead of devoting energy to criticising and helping to shape public policy, people would be induced to enforce the status quo for financial gain.
A community which accepts such a plan without exhaustive debate has become dangerously apathetic. A nation which meekly accepts the government's view of what is good for it will witness the rapid corrosion of its rights and freedoms.
Those few Australians who know about the reward scheme appear to have accepted the government's intentions without a murmur of dissent - in just the same way as they have placidly accepted the government's many other surveillance schemes of the past five years.
We should all be gravely concerned about this trend. A great many of the rights and freedoms of Australians are now in peril. In recent years, authorities in this country have established a nation-wide surveillance and control system which many overseas governments envy. The computer databases of dozens of government agencies and commercial institutions are being linked. Restrictive laws are being passed on almost a daily basis. Government is intruding into areas of private life once considered off-limits.
Go to the APF Home Page.
Send an email to APF
Created: 7 February 2003
Last Amended: 7 February 2003
APF thanks its site-sponsor: