APF Submission re NSW Privacy Bill 1994

Australian Privacy Foundation

Submission to a Select Committee of the N.S.W. Parliament

Dated 30 June 1994

This document is at http://www.privacy.org.au/Papers/SubmnNSWParlt9406.html


Submission on the N.S.W. Privacy and Data Protection Bill 1994

AUSTRALIA AS A SURVEILLANCE SOCIETY

We would like to present a context for this submission by discussing our general concerns about the overall direction being taken by the Commonwealth, and the general state of surveillance over the population.

There appears to be general agrement that Australia has developed revenue collection and public administration systems that are amongst the most sophisticated in the world. It is no exaggeration, however, to warn that the extent of this development equates to mass surveillance. The information technology matrix being constructed by the Government will, in the view of the Australian Privacy Foundation, soon rival those of the world's most tightly governmed nations. This submission will argue that recent developments are pushing Australia into a level of surveillance known as "Zone 5" - the highest and most restrictive of all levels of surveillance.

These developments, in our opinion, are vastly increasing the power and scope of government. The APF is concerned that individual Australians are more than ever becoming subordinate to the administation and authority of government.

We need to think beyond the traditional arguments used to justify mechanisms for efficiency and fraud control. In other words, it is no longer safe or appropriate to accept on face value the Government's simple intention to catch cheats and criminals. More than sixty years ago, US judge Louis Brandeis warned "Experience teaches us to be most on our guard to protect liberty when the government's purposes are beneficent".[1]

This concern was expressed by another US Supreme Court judge, Anthony Kennedy, in the words "There is a zone of liberty; a zone of protection; a line that's drawn where the individual can tell the Government 'beyond this line you may not go'."

These are the principles that form the basis of the Foundation's concerns. We believe that the balance of public interest can now no longer be determined principally on the basis of efficiency, law enforcement or public revenue. The synergistic effect created by each additional surveillance mechanism must be taken into account. We believe that the government's activities in this area should be viewed in a holistic manner.

We see a parallel between surveillance and the environment. Environmental restrictions to developments (such as wet lands protection in NSW) have been established with the aim of examining the impact of individual projects as a totality. Exemptions from this general state of protection on the basis of economic benefit are difficult to obtain and must be clearly justified. The fact that an individual project may not of itself have a significant impact on the balance of nature is no longer sufficient justification for its approval.

Systems which impact on the relationship between the individual and the state need to be examined in the same light. There may be individual justification for a whole range of privacy invasive uses of technology. On their own they may not appear to significantly impact the balance between the individual and the state. However, their accumulated impact may erode the most fundamental individual rights.

Systems to reduce fraud are most commonly justified on the basis of the public interest. However, the public interest is frequently defined in such a narrow fashion that it more accurately reflects the public sector interest.

There are three criteria for establishing public interest:

  1. The direct benefit the public receives from the project, e.g. increased public revenue, improved services;
  2. The detriment which the project causes, e.g. compliance costs;
  3. The extent to which the project contributes to a much larger picture e.g. the relationship between the individual and the state or the creation of an atmosphere of repression.

To this point, the third element has not at any time been a consideration. As with the environment, it is now essential that the third criterion be an integral part of justifying projects such as the LEAN system.

The Foundation believes that a free society must inherently have a quality of "looseness". The establishment of a web of surveillance initiatives paralyses this essential quality.

We are anxious to make it clear that we do not wish to oppose genuine and beneficial efforts to curb fraud. Every society, no matter how small and how trusting, allows a degree of surveillance. Citizens in every country accept that government has at least some right to exercise control in the interests of law enforcement and security. The question we have to explore is just how far a government should be allowed to travel down this path. There is a point where the rights of an individual citizen are more important than the right of government to exercise power.


THE FIVE ZONES OF SURVEILLANCE

There are a number of ways to illustrate the development of surveillance. Perhaps the clearest model is a simple five zone chart that shows the way surveillance and control has an influence on the life and environment of a community.

As a society becomes larger and more complex, as its links with other nations grow, and as its technological capacity increases, it is normal for it to creep upward on the surveillance scale. Many developed countries have, like Australia, progressed rapidly in recent decades from zone 2 to zone 4 on the scale. Some, including our own, are pushing gradually into the fifth and final level.

Once a community has become anchored to a zone of surveillance, its' institutions use that level as the foundation for their structure and activities. Reversal would be a difficult dislocation.

LEVEL 5 		TOTAL SURVEILLANCE
LEVEL 4		MASS SURVEILLANCE
LEVEL 3		ROUTINE SURVEILLANCE
LEVEL 2		CONDITIONAL SURVEILLANCE
LEVEL 1		RESTRICTED SURVEILLANCE

ZONES OF SURVEILLANCE

Australia has progressed from the upper part of zone 2 in the early 1970s, to the lower part of zone 4 in the 1990s.

RESTRICTED (LEVEL ONE) SURVEILLANCE. This is the least intrusive zone of surveillance. In this rare environment, government is small, free enterprise is respectfull of individual privacy, legislation is directed largely toward the protection of rights, and the principal concerns of the state are law enforcement and national security. Functional seperation is standard practice, and large databases of personal information are rare because they are considered neither desirable nor necessary. The community generally respects rights of individuals, and is close enough to government to exert a positive influence on policy.

CONDITIONAL (LEVEL TWO) SURVEILLANCE In this, the ideal liberal democratic environment, surveillance is generally regarded as an undesirable practice which should be exercised by the state only when adequate debate has occured, and when proper safeguards are in place. The integrity and secrecy of records is maintained within individual departments, and general linkage between agencies is not permitted. The relationship between government agencies and the public is essentially one of trust and good faith, even though agencies are aware that criminality and fraud occur regularly. The role of government agencies is essentially one of serving the public.

ROUTINE (LEVEL THREE) SURVEILLANCE. In this environment, mass surveillance has been established in three principal areas : law enforcement, taxation, and government benefits. (which for convenience we will label the Tripartite). Linkage between these three sectors occurs on a case by case basis when there is suspicion or evidence of wrongdoing, and there is a general understanding within the community that a certain amount of monitoring is a reasonable trade-off for the benefits of living in a mixed economy. Despite general support for some surveillance, there is a healthy awareness of individual and democratic rights. In this environment, relationships within the community still retain a basis of trust. In zone three, government bodies have assumed the role of agents of public interest.

MASS (LEVEL FOUR) SURVEILLANCE. This is a zone of enforced, interactive and punitive surveillance. Numerous systems have been developed for the purpose of monitoring most aspects of people's movement, transactions, interactions and associations. The establishment of these systems has been justified on a case by case basis, and most computer systems are interlinked. Everyone's files are routinely and automatically matched against each other to detect inconsistencies. Because of powerful arguments of revenue, security and law enforcement, the community complies fully (though sometimes reluctantly) with these mechanisms. There is mass obedience with little or no resistance to the initiatives or their demands. Government agencies have the role of controllers and enforcers of public policy.

TOTAL (LEVEL FIVE) SURVEILLANCE. This is the rarely attained state of total surveillance. Not only are all movements and activities monitored or controlled by authorities, but there is total and willing obedience from the population. The crucial element in zone five surveillance is that there is an Orwellian willingness amongst people to support government control. Members of the public will voluntarily aid surveillance by surrendering their own liberty or privacy, or forcing the surrender of their neighbour's information or liberty. In the total surveillance society there is liberty of movement, freedom of association, but no right to keep anything secret. The role of government and the right of individuals becomes one and the same. Public, government and individual rights become indistinguishable.

Until the middle of the 1970s, Australia had generally exercised a limited or conditional form of surveillance (zone 2). Although law enforcement agencies have enjoyed relatively widespread powers, Australia's federal structure has until recently prevented a comprehensive linkage of agencies.

Social welfare departments have until recent years exercised restraint in monitoring clients. The Tax office, while it had considerable powers, tended to perform its function in an insular manner. The Office regarded its rights and responsibilities with some pride and care. The banking and finance system was not effectively linked to the Commonwealth Government until very recently, and the establishment of mass matching of files in different agencies has been established in only very recent years.

From the first years of the Fraser Liberal Government in the mid to late seventies, Australia moved out of the twilight of zone two and into the third zone. The trpipartite progressively gained more power and influence. Law enforcement agencies edged closer together, the Tax Office gained considerable power, and Social Security established rigourous monitoring procedures of clients. Throughout the late 1970s and 1980s, these agencies (including the Health Insurance Commission, Department of Social Security, Australian Taxation Office, Federal and State Police Agencies and a small number of emerging bodies such as the Cash Transactions Reporting Agency) developed stronger powers and closer links, pushing Australia further into Zone 3.

From the middle of the 1980s, Australia commenced a steep increase in the use of mass surveillance technology. Computer matching programmes linked the databases of major Commonwealth government agencies, and then in turn linked these agencies with banking and insurance companies, employers, investment bodies, superannuation funds and educational institutions. Links were also made to the electoral rolls, state registrar general's departments, corrective services departments, the Child Support Agency, land titles records, local government, Comcare, Telecom, Australia Post, the Australian Customs Service and the Department of Industrial Relations. The establishment of a multi purpose Tax File Number system created an administrative basis for some of this linkage.

While this activity was proceeding, numerous other invasions of rights and privacy were occuring. The Tax File. Number was dramatically extended in scope. The finance industry succeeded in establishing the world's first truly national electronic money (EFTPOS) system. The Credit Reference Association of Asustralia tried to establish a "positive reporting" system that would have created a comprehensive profile on all Australians. Bank employees were forced by law to report to the government all suspicions related to movements of cash. The Commonwealth Government almost succeeded in establishing a massive network of pharmacy computers. State Governments created large integrated intelligence and general record systems. Sophisticated vehicle tracking systems, workplace monitoring programmes and telecommunications surveillance systems were developed and implemented.

These developments, all of which have occured within the last seven years, have pushed Australia well into the fourth zone of surveillance.

The APF is disturbed that Australians appear to accept the government's plans with hardly a second thought. An environment of unquestioning obedience appears to beforming, paving the way for the establishment of a total surveillance society.

A very small number of countries have entered the fifth, or total, zone of surveillance. Singapore is the most prominent example. Not only has the government developed a ubiquitous high technology monitoring system, but compliance within the community is virtually absolute. There exists a mass consciousness in support of such a system.

Australia is approaching the fifth zone. At this level, people will no longer question the right of government to establish surveillance and monitoring systems. They will have become a natural part of the social environment. People voicing their concern about these initiatives will be suspected of working against the public interest. Giving information anonymously to agencies regarding the activities of other people will become natural for Australians.

It is for these reasons that we urge the Parliament to request the Privacy Commissioner to establish a public Inquiry into the generalissue of privacy and surveillance in Australia. It is only with the backdrop of such an initiative that Australians can clearly judge the importance of these issues.


THE THREE ZONES OF TECHNOLOGY

The establishment of a surveillance society is not dependent on technology, but the recent history of Australia and other western nations shows that technology has a crucial role to play. China and many eastern European countries developed many of the characteristics of a Zone 5 surveillance society without sophisticated technology. Those governments relied instead on massive numbers of bureaucrats, informers and spies to enforce state requirements. Despite a chaotic intelligence system riddled with errors, these countries lived for years in an environment of suspicion, fear and control. Technology allows the same extensive information flows without the expense or political intrusion.

One of the most important lessons for western countries is that our transition from zone 4 to zone 5 will happen because of the attitude of citizens, not the enforcement of government systems. Of course, any free society will revolt against the unpopular imposition of surveillance and control measures, unless the people are lulled into submission. Technology is only partly to blame. It is the means by which government will establish effective and powerful control mechanisms. The motivation to use these systems to their fullest extent will depend on the will and awareness of the electorate.

Technology and technological practices can be divided into three categories :

GREEN TECHNOLOGY which includes all developments that help to protect rights and freedoms, strengthen democratic institutions, protect privacy, enhance the integrity and strength of relationships within the community, and improve the autonomy of the individual. Examples of such technology are smart cards which have been specifically designed to replace the need for cash (and therefore the need for intrusive electronic money monitoring); encryption techniques which strengthen the privacy and security of our communications, and new forms of medical technology that reduce dependence on medical institutions.

AMBER TECHNOLOGY. This form of technology can be generally beneficial to the community but is vulnerable to abuse or misuse. Amber technology is often established by the tripartite agencies to improve revenue systems, monitor welfare payments, or assist law enforcement. Examples include the Tax File Number, data matching (automatic mass matching of databanks), credit reporting systems, and the intelligent telephone network, which might force subscribers to divulge large quantities of personal information down the line. The dangers of amber technology are most evident when the systems are expanded or linked.with each other.

RED TECHNOLOGY is technology which poses considerable dangers to the community. Red technology reduces individual autonomy and rights, binds people to rigourous government requirements, increases the power of institutions, replaces trust with suspicion, reverses the onus of proof (assumes that everyone is guilty until proven innocent) and creates an atmosphere of repression and control in the community. Examples of red technology include satellite linked law enforcement tracking systems, multi-purpose general identification cards and genetic databases.

Many of the Amber systems constructed in recent years by our governments and private organisations have progressed to the Red zone. At this point, the community should demand that exhaustive justification be made, and rigourous safeguards be put in place. This has rarely been done, and the Red zone is becoming more populated with dangerous and unregulated surveillance and control systems.


DATA MATCHING

Data matching (also known as parallel matching, bulk matching or computer matching) is the process of automatically comparing records of a person from two or more sources.

At first glimpse, the idea of automatically matching one set of computer records with another seems to be fairly innocuous. The process appears to be in the public interest. The reality is far more complex.

Data matching, in the view of the APF, is the technological equivalent of a general warrant on the entire population. It is no different to the notion of police being empowered to enter your home in your absence, search through your papers, and take what copies they wish.

Such a comparison might at first sound extreme, but it is an accurate parallel, and will become more obvious in future years as a greater amount of information about us is stored on computer. In 1986, the United States Office of Technology Assessment concluded "Computer matches are inherently mass or class investigations".

Despite the possibility of computer matching yielding revenue for the government, there are several fundamental problems with the process.

The first and perhaps most important is whether a government has a right to place a population under this form of surveillance (known as "dataveillance"). The mere fact that savings are possible should not sway us from an understanding that no government has a absolute right to do as it pleases with our personal details. Data matching is directly equivalent to arbitrary investigation without cause of suspicion. This question has not been satisfactorally addresed, and has not been debated in the Parliamentary or public arena.

Within this broad concern, there are three distinct human rights and privacy dilemmas. First, data matching is based on an assumption of guilt. Each member of the population, according to the rationale of the data matching programmes, is a suspect and therefore a potential criminal.

The presumption of innocence no longer exists. A computer matching programme therefore reverses the entire basis of the judicial system.

Another fundamental point relates to the Privacy Principles held in law throughout the world. One of the most important of these principles demands that information supplied for one purpose should not be used for another purpose unless the individual concerned has given consent.

Perhaps the most dangerous long term outcome of a mass data matching programme is that it tends to encourage governments to create a universal population numbering system. Since the greatest practical problem for computer matching is the way people identify themselves, such a numbering scheme would be most attractive.

The Universal Numbering System potential is itself a difficult matter to debate. Data matching can contain processes to merge various numbering schemes, aplying criterea for determining whether a number from one sector adequately matches a number from another. There is, in effect, a "working number" or "working identity" applied or created by the data matching system.

The second key area of concern relates to the accuracy of the information being matched. The key assumption underlying any data matching programme is that information from each of the sources is parallel and compatible. Such is rarely the case. Even apparently identical items of information or categories often have different meanings in different systems. Such terms as defacto, marriage, child, dependent, spouse, income, living costs, permanent or temporary can be used in different ways by different departments, and people often quite legitimately use them differently according to a changed circumstance. A person's information may also quite legitimately vary between departments because of the date the information was originally provided. Data matching may not take these discrepancies into account when determining if a person's file is a "hit". The decisions are made on a clinical basis, with the computer matching staff being unaware of the broader context of each case.

Once a person has been flagged (marked for scrutiny) by the system, it would invariably be the case that the onus of proof of innocence is on the person rather than the government. Once an investigation proceeds, information that may be wrong or out of date is then liable to be communicated with third parties, resulting in possible harm or embarrassment to the file subject.

The New South Wales Council of Civil Liberties gave evidence to a Senate Committee[2] that false accusation was occuring because of computer matching. One man received a letter from the Australian Tax Office advising that his entire refund had been withheld by the department because of outstanding child support liabilities. The crime had been detected by the computer matching process. The only problem was that this victim had never had any children.

The man was not alone. In 1990, 18,000 people received similar advice. Although less than a hundred formally appealed against the decision of the Tax Office, it is noteworthy that they were not advised that they had a right of appeal.[3]

The Child Support schene matching process is a small-time operation compared to the major matching programmes operated by DSS and the Tax Office. In one programme alone, where nine million DSS records were computer matched against one million DEET records, 65,000 individuals were identified for further investigation.[4]

One of the most alarming aspects of widespread data matching is that it gives the technical ability to develop a comprehensive profile on each member of the population. Government promises that this will never happen should be treated with the appropriate level of scepticism. The mere fact that at the push of a button such a detailed profile is possible should set alarm bells ringing in the ears of a population tuned to the dangers of an ID card.

A United Nations study entitled "Human Rights and Scientific and Technological Development" warns :

....the increased expansion of computerisation of personal data may result in a "dossier society" which would have "dehumanising" effects on the individual. The relative inflexibility of computer based record keeping resulting from the computers having been designed to use certain preconceived categories, coupled with the constraints that some computerised systems put on the freedom of persons concerned to provide explanatory details in responding to questions, have been considered as contributing to the dehumanising effect of computerisation.

The Australian Government has placed a great deal of emphasis on the absence of a central database in the computer matching programme. In response to this claim, the Australian National University's Roger Clarke studied the draft specifications in the Federal Government programmes tender documents, and concluded :

Any claims that the scheme involves no central register are dispelled by the Draft Specification's references to data maintenance and updating of the matched record in "the large file," (6.3.4.1), the loading of changed records (7.9.1), large volume historical data (8.2), future requirements for transaction processing (8.3), and "the National Database" (8.5). It is intended that data be not merely received and matched, and then discarded; the data is also to be stored and updated. There will therefore be an ongoing 'master-file', maintained by a single agency in one location, which is what is meant by the term 'central register'.[5]

Roger Clarke went on to assess the likely magnitude of the computer matching proposals :

A total of 10 million separate individuals would appear to be the subject of records held by the system (6.3.4.1), although the same paragraph mentions another master-file of 7 million records. Further confusion arises from the statements that the largest table contains 20 million records totalling 2.7 gigabytes, or 135 bytes per record (7.7.3, 7.11.1); about "the full environment of 30 million records" (13.4); and that the planned data holdings are 70-100 million records (7.7.4). It would appear that DSS intends retaining all data in "long term storage". Current holdings of historical data are stated to be over 60 gigabytes (8.2) - which would be 300 million records if they averaged 200 bytes; and this is presumably before large-scale accumulation of data from multiple sources is commenced. No growth rate in file volumes is provided, but tenderers are required to describe how they would "accommodate an environment of double, then treble the initial size over one to two years" (7.12.2).

Sydney Law Academic Graham Greenleaf, in a later analysis, confirmed these findings :

There is little doubt that the RFT describes a central register which is part of the matching system and is maintained by DSS, but its exact nature and purpose is unclear.

The Government's assurances on this matter appear to be absolutely deceptive. Not only does it appear from the tender documents and from expert analysis that the government has misled the people, but the government's assurances deliberately miss the point. The essential issue is that data matching creates the effect of a single computer even if no single master computer exists.

To understand this fundamental point, you only have to think of a computer as a mass of separate parts, each of which can communicate in a set way with the other parts. A large computer, in fact, is usually many smaller computers all communicating in harmony. Data matching is an extension of this process. The matching process allows one computer to talk easily with others, thus creating one giant computer. This is the one major error of so many of the old science fiction horror stories. The future "Big Brother" was not to be a single, all seeing, all knowing machine; it was to be countless thousands of machines, all linked; all communicating.

This, perhaps more than any single point, is the one that should be foremost in the minds of our more aware and sensitive politicians. Data Matching is not just a more efficient way for computers to speak; it is the systematic development of a vast, multi-faceted data base that reaches into every aspect of our lives. It is not good enough for a government to artfully engineer semantics and to use blackmail to achieve compliance. A government should think beyond the gains of the moment to consider what sort of society it is helping to create. Privacy advocates have always been deeply concerned that the linkage of computers will create a set of community and political norms which are inimical to a free society.

This dataveillance is likely to produce a "chilling effect" on the population. This chill comes about when people feel they are under constant surveillance. It is, in many ways, similar to the "environment of deterrence" philosophy favoured by many police forces. Once this emotion has set in, it is likely that it could never be reversed. This same impact was predicted for the Australia Card. Data Matching will produce a similar effect, but its effect will take some years to manifest.


THE TAX FILE NUMBER

Following the defeat of the Australia Card in 1987, the Government decided to pursue the alternative option of an Enhanced Tax File Number (TFN), which would improve the existing Tax File Number system which had been in use by the Tax Office since the 1930s.

The enhanced TFN was a scheme recommended by a 1986 Australia Card parliamentary inquiry, and was to be an administrative base for the Tax Office to help streamline the administration of revenue raising. The Parliamentary Opposition and privacy advocates were keenly aware of the importance of strictly limiting the number. Indeed a Senate report had warned that the scheme, if enacted, "be strictly limited in its terms....as to prevent a progressive extension of the ambit of the Bill".[6] The popular view at the time was that, if unchecked, the TFN could become a defacto ID card.

Time after time the government promised, both inside and outside parliament, that the TFN would be used exclusively by the Tax Office for the sole purpose of improving revenue collection. It was not to become a national identification number, nor was it to be a link between departments.

In a press release issued on 25 May 1988, Paul Keating said `The Tax Office will be the only Government agency which uses the tax file number for the purpose of identifying and registering its client base....The tax file numbering system will be administered exclusively by the Tax Office for tax purposes.'

In his second reading speech for the Taxation Laws Amendment (Tax File Numbers) Bill 1988, 1 September 1988, Paul Keating pledged "No other government or non-government agency will have access to the Tax Office file number registration system, nor will it be able to use an individual's TFN for any registration system of its own."

The Opposition and the Democrats accepted these assurances, and allowed the passage of the Tax File Number.

Three years later, the government has ripped up all its promises, and extended the Tax File Number to the point now where it is effectively a national identification number.

The broken promises go even further. The Government's promise that [The Tax File Number] will not establish a citizen identification system.' was broken when 1990 budget provisions demanded use of the tax file number by non tax payers. Such a scheme can be nothing other than a citizens identification system.

In a 1988 speech in Parliament, [7] the treasurer also pledged "The amendments the Government has agreed to accept are designed to guarantee that the tax file numbering scheme is completely voluntary.' Then, in December 1989 amendments to Social Security Act,[8] made a mockery of that pledge by making the quotation of a TFN a pre-requisite for unemployment and sickness benefits.

Paul Keating went on to promise `Exchanges of information between the Tax Office and other agencies will continue to be limited to those authorised under the very strict secrecy provisions of the tax law.'

Within a year, the provisions of the 1990 Budget: meant that any `strictness' in the secrecy provisions of the tax law were now abandoned. The Tax Office files will be cross-matched against those of all other government agencies granting benefits, and furthermore they will throw open the ATO's TFN files to facilitate the process.

Over the next two years, the government continued to break its promises about the Tax File Number. As Roger Clarke later observed "The Parliamentary Opposition, the Privacy Commissioner, and privacy and civil liberties groups were all caught napping"[9]


THE LEAN SCHEME

The complex nature of Australia's political and administrative system has created problems over many years for fraud investigation. Commonwealth agencies have routinely consulted state records - most of which contain publicly available information such as land titles - but the work has been cumbersome and expensive. In an effort to streamline the process of investigation, the Attorney General's Department has developed a scheme that will establish a computer link for publicly available data between many state and federal agencies.

In mid 1991, the Government envisioned the immediate connection of 500 terminals to the system, with a total projected figure of 3,000 terminals. By the time the tender documents were released in late 1991, this figure had risen sharply to an initial connection of 6,484 terminals, rising to 10,254 terminals.

Despite the commitment made by the government to confidentiality and data security, there are numerous grave privacy and individual rights concerns that arise from the development of the LEAN scheme.

First, there is little justification for associating law-abiding members of the community with a criminal investigation system, nor is there adequate justification for prior suspicion of guilt.

Second, in the view of Privacy advocates, there is a very clear breach of the spirit of the Privacy Act. Information given for one purpose (for example, for land records) is being used for another entirely different purpose.

Third, it appears the LEAN system will not be governed by an Act of parliament, and thus there be only very limited legal authority or parliamentary scrutiny of the scheme.

Fourth, the information will be available to a large number of public service staff with limited investigative training.

Fifth, there is a very grave risk that the scheme will suffer "function creep" by being merged with information sources that are not publicly available, and by developing a wider range of purposes for state and commonwealth departments.

Finally, no consultation has been undertaken with public interest or advocacy groups.

In March 1992, at its meeting in Washington DC, the worldwide watchdog group "Privacy International" passed a resolution condemning the scheme. The meeting, involving many of the world's leading privacy experts, agreed that the government's handling of the LEAN proposal was inappropriate, and that the scheme's dangers far outweighed its benefits.


COMPUTER MATCHING PROGRAMMES IN AUSTRALIA

By October 1990, there were 31 active and proposed major data matching programmes involving Commonwealth Government Departments These are, in summary :	
NAME OF PROGRAMME AGENCIES INVOLVED
_______________________________________________________________ Incoeme Matching System ATO, employers & investment bodies
Pensions/income match ATO, DVA, DSS
Prescribed payments/unemployment DSS, ATO
Pensioner match DSS, DVA
Veteran's Pension/superannuation DVA and superannuation funds
AUSTUDY, DSS pension & benefits DEET and DSS
Student assistance/pension DEET and DSS
DEET/employment income match DEET & DEET subsidised employers
AUSTUDY and enrolment DEET and educational institutions
Student Assistance/income match ATO and DEET
Social service benefits/departures DSS and DILGEA
Overseas student/student assistanc DEET and DILGEA
Social security and payroll DSS and Department of Finance
Benefits identification DSS and State registrar general offices
Benefits identification DSS and Australian Electoral Office
Benefits entitlement DSS and HIC
Benefits checks DSS and insurance company payments
Benefits checks DSS employment declarations and ATO
Child support checks DSS and Child Support Agency
Benefits entitlement DSS & state Corrective Services Deps.
Criminal investigation DSS, AEO, State Reg Generals and HIC
Apprenticeship allowance checks DEET and DIR
Sales Tax Returns ATO and Customs
DSS Accelerated Claims DSS intra-agency
Benefits identification DSS and overseas welfare authorities
benefit entitlement DSS, land titles office and local government
overseas student matches DEET and DILGEA
insurance claim checks DSS, Telecom
" DSS, Australia Post
" DSS, Comcare
" DSS, Insurance company records.

Source : Privacy Commissioner's Draft Data Matching Guidelines, 1990.


Resolution 1.2
CONCERNING THE ESTABLISHMENT BY THE AUSTRALIAN GOVERNMENT OF A MAJOR INVESTIGATIVE DATABASE

RECOGNIZING THAT THE AUSTRALIAN GOVERNMENT is now considering the development of a comprehensive database containing personal information;

FURTHER recognizing that the Government of Australia is a signatory to the OECD convention on data protection, and has established a commitment to protecting the right to privacy :

THE PARTICIPANTS OF THIS MEETING OF PRIVACY INTERNATIONAL express concern about the Australia government's proposed Law Enforcement Access Network, especially with regard to:

  1. The lack of any prior consultative process
  2. The breadth of usage intended
  3. The contention that no privacy issues are involved in respect to publicly available information, and
  4. The exclusion of database containing personal information from perview of the privacy commissioner

PRIVACY INTERNATIONAL respectfully calls on the Australian government:

  1. To withdraw the proposal
  2. To Instruct the agency involved to prepare and publish a privacy impact statement, and
  3. To instigate public hearings

Resolution passed in Washington DC, March 1992, at the first General Meeting of Privacy International, representing privacy and civil rights advocates from fifty countries. The resolution condemns the LEAN system.


CHAPTER FOUR - WHAT PROTECTION DO WE HAVE ?

The harsh reality is that data protectors run the risk of being only a tiny force of irregulars equipped with pitchforks and hoes waging battle against large technocratic and bureaucratic forces equipped with lasers and nuclear weapons. Professor David Flaherty in "protecting Privacy in Surveillance Societies[10]"

For the past three years, the Australian Government has been planning the construction of one of the largest and most invasive surveillance systems ever proposed for Australia. Known as the LEAN system (Law Enforcement Access Network) this massive network will link state and federal departments including the Australian Bureau of Criminal Intelligence, the Australian Customs Service, the Commonwealth Attorney General's Department, the Australian Federal Police, state public information registers, the Australian Tax Office, the Department of Employment, Education and Training, the Department of Defence and the National Crime Authority.

More than 10,000 computer terminals will be linked to the LEAN system, and it is expected that the system will grow rapidly over the next decade. [11]

This is the sort of scheme that Privacy advocates fear most of all. It links most, if not all, major databases. It paves the way for the introduction of national standards, including numbering systems, and it has the potential to become a tool of unparalleled surveillance of the entire population. Yet, despite the fact that Australia has a Privacy Act and a Privacy Commissioner, it seems there is little protection against the development of such systems.

Members of the Australian Privacy Foundation wrote in mid 1991 to the Commonwealth Privacy Commissioner, complaining that the proposal was illegal under the Privacy Act. He wrote back saying that there were real questions as to whether he had any power to take any action. Twelve months later, at the time of preparation of this book, action had still not been taken on the Privacy Foundation's complaint.

The Commissioner has said little about this proposal, and far from distancing himself from the scheme, is actually represented as an observer on the steering committee of the project.

The Privacy Foundation has received dozens of written requests for it to represent the concerns of people in New South Wales, but the Foundation can do nothing. Advice from the Privacy Commissioner's Office is that complaints cannot be dealt with until the system has commenced.

This absurd situation highlights a deception practiced on the Australian public. For all their posturing about privacy, Australian governments have done next to nothing to protect us from the very worst privacy violations. Commonwealth Privacy law does relatively little to stop the most dangerous government surveillance schemes. The New South Wales Government has intentionally starved its Privacy Committee of funds, and South Australia has a privacy committee with virtually no resources and therefore almost no influence on state government privacy violations. The other states have no laws, no watch dogs, and appear to have very little interest in privacy protection.

The New South Wales Privacy Committee has an excellent research and educational function, but is largely ignored by the state government. While the Attorney General's Department - the Committee's boss - spends three million dollars annually on its own information technology division, it allocates only a sixth of that amount for privacy protection for the entire state of New South Wales.[12] Requests by the Privacy Committee for a reasonable increase in staff and resources have been routinely denied for years by the department. [13]

The scenario, however, grows more depressing. Queensland had a Privacy Act, but allowed this to expire in August 1990 because of a sunset clause (an automatic expiry provision). To date no replacement law has been passed by the Queensland Parliament.

The Western Australian Government proposed Privacy Legislation in 1991, but no funds were allocated for development and drafting of the legislation. As a result, government officers responsible for drafting the bill were forced to secure expert legal advice with little more than the offer of free coffee and biscuits.

Beyond those non existent or relatively powerless government instruments, Australia has a number of non-government organisations that contribute to the protection of privacy. The key organisation has been the Australian Privacy Foundation, formed in 1987 to fight the Australia Card plan.

On a broader level, each state has a Civil Liberties Council. Most of these organisations are impoverished, but have traditionally been in the forefront of surveillance issues. The Victorian Council for Civil Liberties, under the presidency of Ron Castan QC, gave great prominence to privacy issues. Consumer groups such as the Australian Consumers' Association have yet to develop comprehensive privacy policies. Other watchdog groups (the Welfare rights centre, Council on Social Service and so on) deal with issues of privacy and surveillance on an occasional basis, but have no special interest in the field.


THE COMMONWEALTH PRIVACY ACT

In theory, at least, the safety valve against the creation of a national surveillance system rests with the Privacy Act. This piece of legislation, proclaimed in 1988, was intended to cover Federal Government agencies and departments, including Telecom (which has since then dropped out of the Act because of corporatisation).

Although the Privacy Act does not generally provide protection within the private sector (banks, commercial organisations etc) the law was extended in the wake of controversy over plans by the finance industry to increase the surveillance capability of credit reporting agencies. The Privacy Act now gives protection in that area.

The Privacy Act has a long and tortuous history. Its genesis can be traced to 1976, when the Government of Malcolm Fraser gave the Australian Law Reform Commission a reference to look into privacy invasions at the Commonwealth level. The important three volume report was not completed until 1983, and was presented to a new Government in December of that year.

The Report included a draft Privacy Bill based loosely on a set of internationally accepted privacy principles to which Australia was a signatory. The Organisation for Economic Cooperation and Development (OECD) had developed a set of privacy guidelines which were to find their way into the laws of many countries. Justice Michael Kirby, then chairman of the Australian Law Reform Commission, chaired the internationalgroup which originally produced these guidelines.

The passage of the proposed bill, however, was not to be an easy one. First, the introduction of the Bill was delayed, partly due to the planning of the Australia Card. By the time the Privacy Bill came up before Parliament, the Government had instituted a clever legislative device to confuse the potential opposition to the Australia Card. First, the operation of the Privacy Bill would be contingent on the establishment of a Data Protection Agency (not the originally proposed Privacy Agency).

The catch was that the provisions creating the Data Protection Agency were in the Australia Card Bill (part VII) instead of the Privacy Bill. So, if the Australia Card bill was opposed, the Privacy Bill could not commence.

Despite this tactic, the Australia Card Bill was rejected in the Senate, and the rest is burned well and truly into history.

The Privacy Bill that finally emerged after the defeat of the Australia Card was a much stronger and more internationally acceptable compromise. A number of strong amendments proposed by the Opposition were accepted, and the stage was set for reasonably effective privacy protection. A privacy commissioner with a respectable range of powers and a surprisingly healthy budget (now approaching two and a half million dollars a year) was appointed in 1989, and a set of principles were put in place to govern personal information in the Commonwealth domain. [14]

The principles governing the Act are set out in full at the end of this chapter but the following plain English version should serve as a more readable guide. In this analysis, when I use the term "Department" I mean any government, person or agency, as well as the Credit Reporting Industry.

  1. A department or agency can only obtain information from you if the intended purpose for the information is lawful. (principle 1 of the Privacy Act)
  2. A department can only collect personal information that is of direct relevance to that department's function. For example, the Health Insurance Commission is not allowed to collect details that are used to determine your pension entitlement. (principle 1)
  3. The information that a department collects has to be necessary. It is, for example, not permitted to ask you for personal details just in case the department might need them for some future purpose. (principle 1)
  4. A Department can't use unlawful or unfair means to collect information. Collecting your details through entrapment, using threats or inducement, or asking someone else for your details is prohibited. (principle 1)
  5. When a department asks for your personal details (or as soon as possible afterward) it must ensure that you are aware why the information is being collected and for what purpose it will be used. The department must also tell you whether the law authorises (or demands) the collection of this information. (principle 2)
  6. A department is required to disclose to you precisely to whom (if anyone) your information will be given. If the department is aware of other people or bodies that are likely to subsequently receive your details, this information must also be given. If, for example, you provide information to the Department of Social Security, and this information is likely to end up in the hands of the Tax Office, you must be informed of this chain reaction. (principle 2)
  7. When a department collects personal details, it has the responsibility to ensure that the information is relevant to the department's purpose, as well as being accurate and up to date. (principle 3)
  8. During the collection process, a department is required to avoid intruding to an unreasonable extent on your personal affairs. Just what this means in practice is unclear. The Department of Social Security, for instance, requires information of sole parents that could only be described as offensive. The extent of intrusion by the Tax Office is legendary. (principle 3)
  9. Once information is in the hands of a department, it must be kept secure against theft, unauthorised modification or access, or disclosure to people who have no right to see the information. (principle 4)
  10. If a department finds it necessary to give your information to someone else, it must make strenuous efforts to avoid access by unauthorised people. (principle 4)
  11. Any department that keeps records of our personal information must make that fact generally known. The department is required to publicly disclose not just that it keeps personal records, but also the nature and main purpose of the information, and the steps that people should take to obtain access to the records. Some agencies, however, are excluded under other laws from giving people access to their information. (principle 5)
  12. Every department holding personal information is required to disclose the nature and purposes of the information, the classes of people on whom information is kept, the period over which the information is kept, the people who have access to the information (and under what conditions they can have access) and the steps that have to be taken by individuals to gain access to their files. This information (none of which relates to individuals) is available for public inspection, but is also given each year to the Privacy Commissioner who publishes these details in the Personal Information Digest, which contains details of the sort of records held in nearly two hundred Commonwealth agencies and departments. (principle 5)
  13. Unless it is prohibited by law to do so, any department holding information about you must give you access to your file. (principle 6)
  14. A department must take steps to amend a record to ensure that it is accurate, relevant, complete and not misleading. This means that if after seeing your file, you notice information that is inaccurate or misleading, the department is obliged in most circumstances to change it.. (principle 7)
  15. If a department is not prepared, or is unable to modify your file, you have the right to request that a statement from you be included in the file. This statement would specify the information that should have been altered, and the fact that you sought to have the file modified. Unfortunately, the Act does not require a department to advise people that they have this right. (principle 7)
  16. Before a department uses your information, it is required to make sure that it is accurate, up to date and complete. Like many other requirements of the Privacy Act, this stipulation uses the qualification "as are, in the circumstances, reasonable". This means a department would not check the accuracy of information before every use, but more likely on a regular basis. (principle 8)
  17. A department is not permitted to use information for purposes that are not relevant to it. If, for example, the department held information about your family status, it could not use that information when dealing with your children or parents. (principle 9)
  18. If a department has possession of information collected for one purpose, it is not allowed to use the data for any other purpose unless you have given consent for that other use or unless the department genuinely believes the information is necessary to lessen or prevent a threat to someone's life or health. The department can also use the information for another purpose if it is required or authorised to do so under law. (principle 10)
  19. A department is permitted to use information for other purposes if those uses are found "reasonably necessary" for law enforcement or public revenue (tax). This provision allows the mass matching of information between departments. (principle 10)
  20. A department holding information about you is not allowed to disclose that information to anyone unless either you have given consent, or you are "reasonably likely" to have known that the this disclosure was likely to occur. As is often the case, this prohibition does not apply in matters where someone's health or life is at stake, where the disclosure is authorised or required under law, or where tax or law enforcement require the information. (principle 11)
  21. If your information is passed on to other agencies for law enforcement or taxation purposes, the department must make a note of that disclosure and place it in your file. (principle 11)

DEFICIENCIES OF THE PRIVACY ACT

The Commonwealth Privacy Act is an extremely limited law. It covers only Commonwealth Government Agencies and the credit reporting industry. It does not give protection against privacy invasion by state governments, the private sector, banking, telecommunications or the insurance industry. Nor does it cover privacy issues relating to any of the professions.

Even within its narrow scope, the Privacy Act has serious limitations. One of the most serious deficiencies relates to controls over the use of publicly available information (that is, information and records such as land titles and electoral rolls that are available for general public inspection) It is this sort of information that forms the basis for the LEAN system. The dilemma shows once again that law on its own is an inadequate mechanism to deal with modern surveillance techniques.

Another serious limitation of the Privacy Act is that it allows a great many privacy violations to occur in the name of law enforcement or taxation. The most well known of these violations relates to the recent extensions of the Tax File Number. Despite a government promise that the Tax File Number would remain the exclusive domain of the Tax Office, the system has been extended progressively to include such facets as Unemployment benefits, pensioner benefits, and the higher education Contribution Scheme. The Privacy Act or the Privacy Commissioner can do nothing to prevent such extensions. If a scheme has been established to assist law enforcement or to pursue public revenue collection, the Act has only a limited application.

The Privacy Act stipulates in Principles 10 and 11 that information collected for one purpose should not be used or disclosed for any other purpose. Then the Act goes on to say that purposes related to law enforcement or revenue collection may ignore those principles. Since just about every government scheme is aimed at strengthening law enforcement or revenue, it makes something of a mockery of legislative privacy protection.

Perhaps the gravest limitation of the Privacy Act is that it does next to nothing to prevent or limit the collection of information. The Act merely stipulates that information has to be collected by lawful means and for a purpose "directly related to a function or activity of the collector". Thus, a virtually unlimited number of information systems can be established without any breach of the Privacy Act.

It would be a mistake to assume that law is going to solve all our privacy problems. The Dutch privacy expert Dr Jan Holvast recently explained that Privacy Legislation "corrects the mistakes and misuses but it does not attack the way in which technology is used. On the contrary, experiences with data protection law in several countries show that these laws are legalizing existing practices instead of protecting privacy."[15]

A year later, the world-wide watchdog group Privacy International warned in its 1991 report :

Protection's in law, where they exist, are sometimes ineffective and even counter-productive. Extensive information holdings by government are invariably allowed under exemptions and protection's in law. The existence of statutory privacy bodies, rather than impeding such trends, sometimes legitimates intrusive information practices.

THE PRIVACY ACT IS A PAPER TIGER

Despite the existence of privacy legislation, Australia in the early 1990s is shaping up to be one of the world's most advanced surveillance societies. There is an ingrained hostility to privacy within the bureaucracy, suspicion of it from within the ranks of the Australian Labor Party, and an ideological opposition to private sector privacy protection from within the conservative parties.[16] People have come to the belief that opposition to the government's plans would be hostile to its best intentions. "If you have nothing to hide, then you have nothing to fear" is a justification that we might have expected from the government of a totalitarian regime rather than a liberal democracy.

The government has hit upon the perfect solution for justifying the establishment of massive computer surveillance systems. First, establish a watchdog with rotting teeth. Second, proclaim that anyone opposing the reforms is working against the interests of the nation. By limiting the requirements of privacy law and glorifying the goals of fraud recovery, the government has successfully nobbled both the Privacy Commissioner, and the public. Privacy advocates are seen more often than not as extremist trouble-makers, unable to see reality. As each successive privacy invasion is established, the economic justification is harder to challenge.

In his 1991 annual report, the Privacy Commissioner warned

The claims that compete with privacy seem more significant because they are readily quantified, have an apparently undeniable objective and are said to carry no risk for the ordinary citizen ("Only rogues and cheats have anything to fear").

Without considerable positive discrimination, a privacy commissioner can do little. Professor David Flaherty, the world's leading academic authority on privacy, observed "The public is being lulled into a false sense of security about the protection of their privacy by their official protectors, who often lack the will and energy to resist successfully the diverse initiatives of what Jan Freese (one of Europe's first data protection Commissioner's) has aptly termed the "information athletes" in our respective societies."[17]

When the federal government planned to introduce a scheme to link every pharmacist with a central computer in Canberra, the Australian Privacy Foundation was forced to concede that - invasive as the proposal was - it did not breach the Privacy Act. In evidence to the Senate Committee on Legal and Constitutional affairs, the Foundation argued :

We believe that when the Privacy Act was put through in 1988, the view of the public was that it would create a parliamentary oversight so that we never again would have a universal system of the nature of the Australia Card. What we have found is that through function creep these various systems tend to be implemented because they do not breach the Act. [18]

The Foundation pointed out to the Senate Committee that the public was being lulled into a false sense of security by the Privacy Act. While people expected that the Act would apply the brakes on the development of intrusive surveillance systems, the reality was that the Act condones and even streamlines such actions.[19] The period since the Act was proclaimed has seen an avalanche of privacy invasion in virtually every facet of government activity.

The test of privacy legislation, and privacy watchdogs, is whether they can limit the creation of invasive systems in the first place, rather than raking the embers after they have been established.[20] The parliamentary opposition and the Democrats, acting virtually alone, have partially constrained the tide.


THE PRIVACY COMMISSIONER

The first Privacy Commissioner commenced his appointment in 1989, and will hold that post until 1994. The Commissioner administers an Act of Parliament that was, and still is, at best, inadequate and, at worst, an instrument to allow any government qualified scope to invade privacy and rights.

The Commissioner is, in effect, an employee of the Attorney General's Department. He is a public servant without true independence.

Many advocates view this lack of independence with concern. In summarising the case for a privacy Commissioner for New South Wales, the NSW Privacy Committee had argued that "unless the Privacy and Data Protection Commissioner is completely independent of government, there is a danger that the Commissioner will, in reality or popular perception, be seen to be an instrument for legitimating any privacy invasive practices and policies of government agencies." [21]

From the very beginning it was clear that some ministers and government departments were going to make a consistent attempt to use the Act and the Commissioner as a justification for privacy invasion. The history of privacy violations in the past few years has highlighted government activity that could be reasonably described as devious and a touch ruthless. Senator Amanda Vanstone, addressing the Commissioner during a Senate Committee hearing warned ".....there are occasions when we hear members of the Executive basically using your position, if you like, as a soother (for the development of numbering schemes etc) , and saying 'Look, this is all right. The Privacy Commissioner has looked at it and he said it is O.K.' ". [22]

Senator Vanstone later added "The reason I am concerned about it is that sometimes people who do not necessarily have a big interest in this area (privacy) - do not know much about it - have your position waved as a magic wand of approval."[23]

In 1990, the Commissioner claimed before a Senate Committee that his functions did not include commenting on the privacy implications of government proposals. His role was slightly widened the following year, but the Commissioner continues to avoid publicly commenting on the privacy implications of government proposals.[24] This is despite the fact that the Act now allows him "to examine (with or without a request from a Minister) a proposed enactment that would require or authorise acts or practices of an agency that might, in the absence of the enactment, be interferences with the privacy of individuals or which may otherwise have any adverse effects on the privacy of individuals and to ensure that any adverse effects of such proposed enactment on the privacy of individuals are minimised".

There now seems to be no conclusion that can be drawn other than that the government is using the existence of the Privacy Commissioner's Office to legitimate privacy invasion. The often heard claim by government ministers than they have "consulted with" the Commissioner are deceptive. The Commissioner usually does not have power to stop the government from carrying out its intentions.[25] On April 1st 1992 and again on April 2nd, for example, Justice Minister Senator Michael Tate answered questions relating to two separate privacy concerns. It is interesting to note the similarity of his responses. In answer to a question about the largely secret establishment of the LEAN system, he said (in part) :

It (LEAN) has been found to be quite consistent with the provisions made by the Senate so far as law enforcement activities are concerned. Indeed the Privacy Commissioner, Mr Kevin O'Connor, who has been mentioned by Senator Calvert, has been very much involved in the development of this proposal. He has been consulted on the development of all of the privacy and security procedures that will be involved in this project.

Ironically, two weeks previously, Privacy International in Washington had passed a resolution of concern over the Australian Government's lack of consultation in the LEAN scheme.

The next day, April 2nd, in answer to a question by Senator John Herron about the development of medical smart cards, Tate replied (in part) :

But, of course, the Government has always in regard to these matters taken advice and put matters before the Privacy Commissioner, Mr Kevin O'Connor, in order to ensure that the sort of privacy safeguards which the Parliament and this Senate regard as so important, are indeed observed.

Similar responses have been given by Senator Tate and other ministers in answer to concerns about extensions to the Tax File Number, reissue of the Medicare Card, and the establishment of the PBS "Blackbox" scheme. Whilst it is true that in each case the government did contact the Commissioner, it was, on one occasion, after the event, and in others it was on the basis of "comment only". The Commissioner has been able to offer his opinion, but was invariably unable to influence the thrust of the proposals.


POWERS OF THE PRIVACY COMMISSIONER

The Commonwealth Privacy Commissioner has five main functions

  1. to investigate any act or practice that may breach privacy law and, where the Commissioner considers it appropriate to do so, to endeavour, by conciliation, to reach a settlement;
  2. to promote an understanding and acceptance of the Information Privacy Principles of the Privacy Act and of the objects of those Principles;
  3. to prepare, and to publish guidelines for the avoidance of acts or practices of an agency that may or might be interferences with the privacy of individuals or which may otherwise have any adverse effects on the privacy of individuals;
  4. to undertake educational programs and to publish an annual report;
  5. to issue guidelines and codes of practice relating to such programmes as Data Matching within Commonwealth Government departments.

THE COMMISSIONER'S RELATIONSHIP WITH THE GOVERNMENT

A glimpse into the machinations of the Privacy Commissioner's office reveals a complex relationship with the Commonwealth Government. The simple view of the Commissioner might be that he acts in a "bottom line" manner to protect the public from breaches of the Privacy Act. The reality is far more intricate.

The Commissioner has defined his role principally as a regulator, with responsibilities for the establishment of privacy protection mechanisms that are not just effective, but also workable. It seems, however, that everyone has different views on the meaning of the word workable.

In 1991, the Commissioner was requested by Parliament to prepare guidelines for Medicare and the Pharmaceutical Benefits Scheme. His draft guidelines, according to the Office of the General Counsel, were not strict enough.[26] The guidelines did not, in the Counsel's view, match up to the requirements of privacy law.

The Privacy Commissioner's response was to refuse to issue the guidelines. He said he would not be satisfied to release guidelines until parliament had clarified the conflict. The Commissioner's view was that stronger guidelines "would hinder, in significant ways, the operation of the Department of Health, Housing and Community Services, and that would be contrary to the public interest."[27]

Clearly, then, the Commissioner sees himself as performing two parallel functions. One is to issue guidelines that are compatible with the efficient administration of Government Departments. The second is to determine the balance of public interest in an arena much wider than privacy or data protection.

However, even the Commissioner appears to waver on the extent of his role in deciding public interest. While he appears to be comfortable with deciding the issue in relation to the health sphere, he is less happy to do so in other areas. In evidence to a Senate Committee,[28] the Commissioner defined his role as something of a technocrat, and advised "The statutory charter indicates simply that I implement the relevant privacy standards that have been agreed to by Parliament." In other words, the public interest balance would have to be determined by ministers of the Government.

The evidence given by the Commissioner reveals his complex relationship with the Government. Senators Kemp, Spindler, Vanstone and Giles each asked the Commissioner for advice on the public interest aspects relating to government proposals to extend the tax file number. On each occasion, he replied that his function was not to decide these things. He said "If I am going to retain a relationship of trust with the people with whom I deal.....I do not think I can easily cart around sets of advice and dispense them to people."[29]


THE COMMISSIONER AND THE PUBLIC

The Privacy Commissioner has considerable responsibilities for regulating the activities of Commonwealth Government Departments, but is of far less direct benefit to individuals. In the year to June 1991, the Commissioner's office received 170 complaints from individuals, but could assist, legally, only 66 of these people. These cases were dealt with through conciliation, and during the year 22 complaints were successfully resolved.

The following cases provide some illustration of the role of the Commissioner and the sort of complaints he can handle :

Complaints to the Privacy Commissioner should be addressed to :

The Privacy Commissioner

Human Rights and Equal Opportunity Commission

Level 24

American Express Building

388 George Street

SYDNEY NSW 2000

The Privacy Commissioner also offers a toll free hotline number for questions or complaints : 008 023 985


THE PRIVACY COMMITTEE OF NEW SOUTH WALES

The Privacy Committee of NSW is the pre-eminent government privacy body in Australia, and has achieved an international reputation. It has been in the forefront of numerous privacy issues, and can be relied on to provide thorough research and evaluation of privacy and surveillance issues.

The Committee was established in 1975 under the Privacy Committee Act. It was a time when public awareness about these issues was at an all time high, but the issues themselves were relatively small in number.

Technically, at least, the Privacy Committee is an independent statutory body with powers in both the private and government spheres. The reality is that the Committee's scope has been severely limited has been rendered impotent because of a shortage of funds and the implied threat of having resources cut if the boat is rocked too far. The Committee does not have an independent source of funds, and must compete with other sections of the Attorney General's Department for money. As a result, the game must be played to ensure the survival of the Committee.

The Privacy Committee is in a bizarre position. It has powers that come close to those of a Royal Commission, yet it cannot award penalties in relation to any findings. It can make as many recommendations as it wishes to government, but has no powers of enforcement.

In 1991, exasperated by the on-going lack of funding or encouragement from government, the Committee recommended its' own abolition. In its submission to the Independent Commission Against Corruption (ICAC) on the subject of the inquiry relating to illegal sale of personal information, the Committee complained "The committee has been so well controlled by budgetary constraints that the performance of its' statutory functions has been seriously undermined....the Committee must line up and compete with every other branch and body funded by the (Attorney General's) Department for a piece of the financial pie. Unfortunately for the Committee, it always seems to be last in the queue."

The Committee recommended that a Privacy and Data Protection Commissioner be established to look after the privacy interests of people in New South Wales. It was a noble recommendation, as its implementation would probably mean an end to the Privacy Committee.

The Committee has a good success rate in conciliating and investigating complaints relating to privacy violation. Inquiries and complaints should be addressed to :

The Privacy Committee of NSW

ADC House

Level 12

189 Kent Street

Sydney NSW 2000

Telephone 02 - 252 3843

The Privacy Committee has an excellent reference library, and members of the public can use this facility by arrangement.


THE PRIVACY COMMITTEE OF SOUTH AUSTRALIA

If any one organisation testified to the ambivalence of government to the issue of privacy, then the South Australian Privacy Committee would be the one. The committee has one full time staff member responsible for all research, liaison and administrative duties. The Committee, in addition to its privacy functions, also acts as a quasi freedom of information unit.

Despite these extraordinary funding constraints (which make the NSW Privacy Committee seem wealthy by comparison) the Committee has performed an excellent function, particularly in the areas of liaison and education.

The Committee is able to investigate and conciliate complaints from members of the public, and correspondence should be addressed to :

Privacy Committee of South Australia

13th Floor, SGIC Building

Victoria Square

Adelaide SA 5000


PRIVACY INTERNATIONAL

During 1990, leading privacy and human rights advocates from forty countries joined forces to form the World Privacy Protection Network (Privacy International). Until then, privacy protection at an international level had not existed, and previous attempts to form a world organisation had failed.

The organisation, a non-profit and non-partisan advocacy group, is now the peak world body in surveillance and privacy protection, and has already campaigned successfully on privacy issues in many countries.

Since its' inception, Privacy International has organised campaigns in Northern Ireland, Canada, the United States, New Zealand, Thailand, The Philippines and Hungary on issues as diverse as ID cards, police activities and population numbering systems.

The aims of Privacy International include : monitoring the nature, effectiveness and extent of measures to protect privacy and personal data, assessing the impact of new technologies on the privacy and freedom of the individual; monitoring and reporting on surveillance activities of security forces and intelligence agencies; monitoring the use by of universal identification systems and mass matching of computer files; assessing the nature, extent and implications of flows of information between countries, and seeking ways through which information technology can be used in the protection of privacy

From 1992, Privacy International will also publish an international annual report containing description of privacy violations throughout the world.

The organisation was formally established in March 1992 at its inaugural meeting in Washington DC. Planning and policy development is now in the hands of a working group of 140 experts in 34 countries.

Privacy International's secretariat is located in Washington. Its address is :

Privacy International

CPSR

666 Pennsylvania Avenue SE, Suite 303

Washington DC 20003 USA


Conclusions

We should all be gravely concerned about this trend. A great many of the rights and freedoms of Australians are now in peril. In recent years, authorities in this country have established a nation-wide surveillance and control system which many overseas governments envy. The computer databases of dozens of government agencies and commercial institutions are being linked. Restrictive laws are being passed on almost a daily basis. Government is intruding into areas of private life once considered off-limits.


Navigation

Go to the APF Home Page.

Send an email to APF

Created: 7 February 2003

Last Amended: 7 February 2003


Sponsorship

APF thanks its site-sponsor: