Dated 30 January 1994
This document is at http://www.privacy.org.au/Papers/Ltr940130.html
Senator Meg Lees
Parliament House
Dear Senator
I write to express the concern of the Australian Privacy Foundation about the almost complete lack of privacy protection in the legislation and regulations implementing the Government's new childcare scheme.
The key issue is that NCAC is not a government agency, but an association under the Associations Incorporation Act. As a result, it is not subject to the normal protective regime for personal data. For any normal agency, this comprises at least the Crimes Act, the Public Service Act, and most importantly the Privacy Act. It would be of great concern to see the Government sliding any new agency around that protective regime, let alone one which of necessity involves such sensitive personal data.
Each childcare centre is required to gather and maintain substantial amounts of sensitive data about children and their families. The nature of data involved can be inferred from Principles 11, 17, 27 and 43 in the NCAC's Accreditation System Handbook, and Schedule 2 to the Regulations (the Priority of Access Guidelines). In order to assess the initial and ongoing eligibility of childcare agencies for participation in the scheme, NCAC officers will have access to this sensitive data. NCAC also has substantial powers over, and will have access to data about, childcarers and their employees. It is essential that NCAC officers be subject to an appropriate set of responsibilities and sanctions. The only practicable way in which this can be achieved is by making the organisation subject to the Privacy Act and the Privacy Commissioner. A precedent already exists in the rather less sensitive area of consumer credit reporting.
In addition to our primary concern about the lack of any privacy-protective regime in relation to the NCAC, we are unclear as to what provisions and sanctions exist to protect the public from careless or unreasonable practices on the part of childcare centres and their employees. But of course this raises broad and so far unresolved issues concerning the application of privacy protection to the private sector.
Yours sincerely
Roger Clarke
National Capital Convenor, Australian Privacy Foundation - H: (06) 288 6916
For further information, contact:
Dr Roger Clarke, Roger.Clarke@anu.edu.au, (02) 6288 1472 or 6288 6916
Tim Dixon, Director, TimDixon, (02) 9231 4949 or 0411 114411
Go to the APF Home Page.
Created: 20 December 1998
Last Amended: 20 December 1998
APF thanks its site-sponsor: