|
|
Privacy Oversight Agencies |
| POLICY | Media | Resources | Campaigns | | | About Us | What Can I Do? | Big Brother | Contact Us |
This document contains information about the various agencies throughout Australia that have some form of regulatory responsibility in relation to privacy:
You may find others in the membership list of the Asia Pacific Privacy Authorities (APPA) and the WorldLII index of Privacy Protection Agencies worldwide.
If you're aware of a relevant agency that isn't listed here, or of a material error in the content, please tell us!
Currently, Office of the Australian Privacy Commissioner; but moving to Office of the Australian Information Commissioner (OAIC).
Here are relevant laws.
Some aspects of privacy may also come within the ambit of the Australian Human Rights Commission (HRC) – with which the Privacy Commissioner had varying relationships 1989-2010, but a less close relationship following the absorption into OAIC in November 2010.
The appointment of Privacy Commissioner was established in 1989. The first Commissioner was a Sydney resident, and the office has always been located there. From 1989 until 2010, the office was referred to variously as the Office of the Privacy Commissioner (OPC – which risked confusion with the other Offices with similar names in other jurisdictions), the Office of the Federal Privacy Commissioner (OFPC), or – particularly after the Howard Government changed the style of federal government agencies in about 2000 – the Office of the Australian Privacy Commissioner (OAPC).
In November 2010, the Office was disestablished, and absorbed into the new Office of the Australian Information Commissioner (OAIC). This encompasses information policy generally, including new FOI supervisory functions and the existing privacy functions. The Privacy Commissioner retains some of their powers, with others being ceded to the more senior Information Commissioner. The first Information Commissioner is the immediate past Ombudsman 2003-10, John McMillan. The first FOI Commissioner is James Popple.
On at least some occasions the position of Privacy Commissioner has been advertised. However, a small selection committee of senior public servants recommends the successful applicant to the relevant Minister, who accepts it. There has never been any form of public involvement or consultation. The Privacy Commissioners have been Kevin O'Connor (1989-97), Moira Scollay (1997-99), Malcolm Crompton (1999-2004), Karen Curtis (2004-10) and Timothy Pilgrim (the immediate past Deputy for an extended period, 2010-). It appears that the Privacy Commissioner now operates as a first-level reporting executive to the Information Commissioner, with the privacy role subjugated to information policy more generally.
From the time that the Office established a web-site in the mid-1990s, it used the domain http://www.privacy.gov.au. By early 2011, the content of the web-site was to be shifted to a sub-site within OAIC. Assurance was provided by OAIC on 15 November 2010 that "current deep links to the www.privacy.gov.au site will be maintained through a redirect function to the relevant documents after it's migrated to the new site".
Currently, Privacy NSW (aka New South Wales Privacy Commission), but with effect from 1 Jan 2011, the Commission has been disestablished and the functions and the associated few staff-members are to be absorbed within the Information and Privacy Commission (NSW IPC). Details are provided at the end of this section.
The Privacy Commission's scope extends to the health care sector, although a separate Health Care Complaints Commission also exists.
Here are relevant laws.
An oversight agency has been in operation since 1975 as a Committee, and since 1999 as a Commission. The Commissioner has only ever been part-time, and for long periods there has be an Acting Commissioner, including from 2003-07 and from late 2009 until at least the end of 2010.
The history of the Office is as big a mess as most other things in the NSW public sector. The Committee's powers were limited to research and complaint-investigation and conciliation, although some Executive Members, particularly the first, made effective use of the media, including 'naming and shaming' privacy-invaders. The Committee had been intended as a short-term agency, to lay foundations and gather experience; but it remained in its original form for 24 years. The first Executive Member of the Committee was Bill Orme (1975-82), followed by Jim Nolan (1982-87?), ..., Maureen Tangney (1990?-93?), ..., and Catherine Riordan (1996?-1998).
In 1998, a (very weak) data protection law was passed, which among other things disestablished the Privacy Committee. The part-time Chair at the time became the part-time Privacy Commissioner, and the full-time Executive Member became the full-time Deputy Privacy Commissioner. The Commission has limited powers, and has been very poorly resourced throughout its life, but particularly since 2004.
The first Commissioner was Chris Puplick (1999-mid 2003, but very part-time, in parallel with his primary role as Anti-Discrimination Commissioner). Puplick resigned from the job in May 2003 following an allegation of misconduct. The full-time Deputy Privacy Commissioner post was held by Catherine O'Riordan (1999-2001) and Anna Johnston (2001-04). Since then it has been vacant, and either abolished or unfunded.
During 2003-04, the then Carr Labor Government went on a vendetta to dis-establish the Privacy Commission and have its work swallowed up by the Ombudsman's office. The APF actively opposed the idea, and the Upper House rejected the Government's attempt.
John Dickie was nominally Privacy Commissioner 2003-07, but Acting and on successive contracts that were not only part-time but short-term as well. He was almost invisible. Ken Taylor served 2008-09. He was also largely invisible on privacy matters, and was then appointed to oversee the Government's changes to the FOI arrangements. Taylor took sick leave from November 2009, resulting in Maureen Tangney acting from then until 30 June 2010, and then John McAteer (the Principal Privacy Officer) being given successive, short-term acting appointments from 1 July 2010.
During 2010, the Office of the Information Commissioner was established, with oversight responsibilities in relation to FOI and open government. The first Commissioner is Deirdre O'Donnell.
With effect from 1 Jan 2011, Information and Privacy Commission (NSW IPC) has been formed, with Privacy NSW disestablished and its functions absorbed within NSW IPC. The OIC component comprises a full-time Commissioner and 20 staff, whereas Privacy NSW has a part-time Commissioner (vacant), still no full-time Deputy Commissioner, and a Principal Privacy Officer currently exercising the Commissioner's powers and with only 4 other staff-members. It therefore seems reasonable to infer that the NSW IPC's privacy role will be swamped by its FOI functions.
The Privacy Commissioner's post was advertised in October 2010, albeit still on a part-time basis, but with an upbeat and positive statement describing the role, including the stated expectation that the appointee would "operate as an independent advocate/champion in relation to privacy issues". A former senior executive in the Permier's Department, Elizabeth Coombs, was appointed as Privacy Commissioner for 5 years with effect from November 2011. It remains unclear how small her fractional appointment is, and whether she will perceive her role as being protective of privacy or of the public service from which she comes and to which she consults.
Office of the Victorian Privacy Commissioner (OVPC, or Privacy Victoria), Melbourne.
Privacy in the health care sector is partly within the jurisdiction of the Office of the Health Services Commissioner.
Some aspects of privacy in the law enforcement arena are within the jurisdiction of the Commissioner for Law Enforcement Data Security. (This was created because of the continual leaks of sensitive personal that occur).
Some aspects of privacy may also come within the ambit of the Victorian Equal Opportunity and Human Rights Commission.
Here are relevant laws.
The first Privacy Commissioner July 1999 to July 2006 was Paul Chadwick. After a regrettable delay until March 2007, the previous Deputy and Acting Commissioner, Helen Versey, was formally appointed. Her term expires in early 2012, and she has indicated that she will not be seeking an extension.
In contrast to NSW, Privacy Victoria is taken seriously, the resources provided – although small in comparison with European norms – are significantly greater than those in NSW, and the effectiveness of the Office has been proportionately much higher throughout its life.
Privacy Commissioner, within the OQIC
Here are relevant laws.
Until mid-2010, there was no oversight agency in Queensland. The Office of the Queensland Information Commissioner (OQIC) was nominally created in 2005, but no appointment was made. In 2009, legislation was passed creating the junior posts of Privacy Commissioner and Right to Information Commissioner. Julie Kinross was appointed as Information Commissioner with effect from 30 July 2009. (The Right to Information Commissioner post remained vacant until 4 October 2010, when Clare Smith and Jenny Mead were jointly appointed, in a job-sharing arrangement).
The post of Privacy Commissioner remained vacant from 1 July 2009 until 15 June 2010, when Linda Matthews was appointed. She administers the Information Privacy Act 2009. However, she left, apparently abruptly, in October 2011, and Lemm Ex has been Acting Privacy Commissioner since then.
Privacy in the health care sector is partly within the jurisdiction of the Health Quality and Complaints Commission.
There is no privacy oversight agency.
After years of promises, an Information Privacy Bill was finally introduced into the Parliament in March 2007. It did not progress. It would have created a (very) part-time Privacy and Information Commissioner, but the function was to be very limited, and instead of being assigned to the Information Commissioner, it was to be assigned to the the Ombudsman (aka the Parliamentary Commissioner for Administrative Investigations), where it would have paled into insignificance.
Privacy in the health care sector is partly within the jurisdiction of the Office of Health Review.
Here are relevant laws.
There is no privacy oversight agency.
There is a Privacy Committee of South Australia, run out of the State Records Office, but it is unclear whether it has ever actually done anything that could be reasonably regarded as being privacy-protective. An unenforceable set of Principles exists, but the primary function of the Committee is to exempt agencies from complying with it.
Privacy in the health care sector is partly within the jurisdiction of the Health and Community Services Complaints Commissioner.
Here are relevant laws
There is no privacy oversight agency.
The Tasmanian Ombudsman is empowered to receive and investigate complaints, but the scope of the powers is extremely limited, and it is unclear whether the incumbent, Simon Allston, has done anything in relation to privacy since his office had the responsibility imposed on it in September 2005. Privacy barely warrants a mention on the web-site or in his Annual Reports.
Privacy in the health care sector is partly within the jurisdiction of the Health Complaints Commissioner.
Here are relevant laws.
The A.C.T. adopted the Privacy Act (Cth) many years ago, and the A.C.T. government has an MOU with the Office of the Australian Privacy Commissioner (OAPC).
However, virtually nothing of relevance can be found on the web-sites of either OAPC or the A.C.T. government, and it appears that very little happens. Personal Information Digests are nominally published by the ACT Dept of Justice, but when checked in August 2010, the site failed to provide access to them.
Privacy in the health care sector is partly within the jurisdiction of the Community & Health Services Complaints Commissioner.
Some aspects of privacy may also come within the ambit of the A.C.T. Human Rights Commission (HRC).
Some aspects of privacy may also come within the ambit of the A.C.T. Public Advocate.
Here are relevant laws.
Office of the Northern Territory Information Commissioner
The first Information Commissioner (IC) was Peter Shoyer (2003-07). The position was then degraded to an Acting role, held by Zoe Marcham (2007-09) and Robert Bradshaw (2009-10).
In late 2008, a multi-way role was created, such that the IC now encompasses FOI, Privacy and Public Interest Disclosures, i.e. Corruption and Whisteblowing. In February 2010, 15 months after the position was created, Brenda Monaghan was the first appointee.
Privacy in the health care sector is partly within the jurisdiction of the Health and Community Services Complaints Commission.
Here are relevant laws.
| APF thanks its site-sponsor: |
|
This web-site is periodically mirrored by the Australian National Library's Pandora Archive |
|
Created: 17 December 1998 - Last Amended: 10 January 2012 by Roger Clarke - Site Last Verified: 11 January 2009
© Australian Privacy Foundation Inc., 1998-2011 - Mail to Webmaster
Site Map - This document is at http://www.privacy.org.au/Resources/Contacts.html - Privacy Policy