Australian Privacy Foundation
Submissions to the Office of the Victorian Privacy Commissioner (OVPC)

Dated March 2002

This document is at http://www.privacy.org.au/Papers/SubmnOVPC0203.html


Submission re Public Registers and Privacy: Building Permit Data

General comments

The introductory material could be clearer. There is some unresolved confusion about the processes involved in planning application as opposed to applications for building permits - are there separate registers? And why restrict the consultation to the latter type of permit - the issues are surely the same, and most individuals would not distinguish the two types of application or the potential abuses of the data?

Also, the private surveyors are apparently able to issue building permits (p.4) and yet all the subsequent discussion is about application to local councils - is there a separate route for collection of details by private surveyors which somehow find their way onto a council run register?

The starting point should be a complete review of the rationale for the public register(s) in light of the Information Privacy Principles. The Building and Planning Acts and Regulations, and instruments such as the application proforma, were all drafted before privacy became an issue, and none of the provisions or information requirements should be taken as a `given'.

In general, it would be preferable to get away from the idea that information has to be either on a register (and freely available without use limitations and access restrictions) or `private'. Modern technology should allow a much more sophisticated approach that considers the need for, and appropriate controls over, each item of information.

In looking at the implications of the use of building (and planning) permit information by the private sector, it is important to understand the way in which the federal Privacy Act 1988 will apply. We are unclear as to how the federal Privacy Commissioner will interpret the Act in relation to information obtained from public registers. Will the `primary purpose' be the original purpose for which the public authority collected the information, even when it is obtained by a third party business, or does that business start again with a `new' purpose of collection (eg direct marketing)? The answer to this question is of fundamental importance in terms of what individuals have to be told and what choices they might be given. We strongly recommend that the Victorian Commissioner obtains clarification from his federal counterpart in the course of this review.


Specific Questions for consideration (from Issue Paper)

Q1 How much information must councils put on the public register to satisfy the Building Act? Does that represent a proper balance between disclosure and privacy?

A. This is too simplistic a question - there may be different levels of justification for different items of information, and corresponding differences in the desirable access/use limitation for each item. We do not accept that justification for inclusion in a publicly accessible register necessarily means that the information is `fair game' for any use.


Q2 Is it necessary for councils to place on the public register the name and address of the owner of the property for which a building permit is sought?

A. Depends if there is justification for any class of legitimate user to be able to contact the owner. Even if there is, inclusion on a register may not be appropriate - could instead provide for indirect contact (via council); for limited access to addresses by certain classes of user; and/or for access by a second stage process.


Q3 Is the use of names and addresses obtained from the building permit register for direct marketing purposes consistent or inconsistent with the requirements of the Information Privacy Principles, in particular IPP 2?

A. Inconsistent for direct marketing to be allowed without express consent - it is clearly not one of the public interests which justify public access. Councils could ask applicants if they agree to this use as an `opt-in' as a way of raising some revenue.


Q4 Do councils have any responsibility to protect personal information that passes from the building register to a private business from misuse by that business?

A. Yes - we need to get away from the idea that once information is in the public domain we must abandon any attempt to limit its use. The agency responsible for a public register must be held accountable for reasonable steps to control its ultimate uses.


Q5 What can councils do to make sure that personal information that appears on the building register is accurate and up to date?

A. Councils can influence quality by setting criteria for collection, clarity of forms and explanation of reasons for collection. Should not be responsible for verifying information supplied by applicants unless it does so for other reasons. Information supplied is a snapshot and will become out of date - this should influence policy on retention, and users should be warned.


Q6 Should the building register grow with each new application, or should the period a proposal stays on the register be limited? If the latter, for how long should an application stay on the register?

A. Depends on legitimate primary uses - if it can be justified, no reason why it should not grow, but need not be all or nothing - perhaps details of application can stay without personal particulars. Ten year retention under Public Records Act is a separate issue - this can be in archives, although a policy will be needed on access to the archived applications.


Q7 Should councils de-identify personal information on the building register once its purpose has been fulfilled? Is this consistent with councils' requirements under the Public Records Act?

See answer to Q.6


Q8 For how long should councils retain other data collected for the building permit process but not entered on the register?

Again, up to Councils to justify - should be kept `accessible' no longer than necessary - perhaps then archived (but 10 year disposal schedule should also be reviewed - Public Records objectives now need to be balanced against privacy principles).


Q9 Do councils that pass on personal information advise the individuals who complete building permit applications that their personal data may be passed on to third parties?

If not, should now do so.


Q10 Do councils allow access upon request by individuals who have provided personal information for the building permit process? If so, do councils require a formal FoI request or provide access informally?

If not, should now do so - preferably by a less bureaucratic process than FOI, although access to non-public information will require some evidence of identity.


Q11 Is the building permit number potentially a unique identifier of an individual, or does it simply identify the property? Would omitting the owner's name and home address from the register prevent the permit number from having the potential to be used as a unique identifier for an individual?

Difficult to envisage anyone trying to use these numbers as a unique identifier, given that there is more than one individual in many properties; that some individuals have more than one property; and that only a minority of property owners apply for permits. Not a significant risk or issue.


Q12 Do councils transfer outside Victoria personal information in building permit data and if so, to whom?

Doubtful if much inter-state disclosure except perhaps in border towns - where this occurs, Councils should satisfy themselves that information will have equivalent protection (by law in NSW?)


Q13 Even if councils do not themselves do so, is personal information transferred outside Victoria when it is passed on to third parties who prepare reports of building information?

If so, Councils need to write a condition in to the primary access/disclosure conditions concerning continued privacy protection


Q14 Would it be practical for Victorian councils, in administering the register, to ensure that subsequent users of the register data become subject to binding scheme or contract that effectively upholds the standards in the IPPs?

Practical to impose conditions - could be difficult to guarantee compliance but with appropriate monitoring and action against breaches, could be largely effective.


Additional Point

We also submit that there will be need, as with all public registers, to cater for `at risk' individuals who could be harmed by information about their whereabouts becoming known. Some other registers already include provisions for a discretion to suppress names and/or contact details on application, and these should be reviewed to devise a suitable mechanism.


Navigation

Go to the APF Home Page.

Send an email to APF

Created: 7 February 2003

Last Amended: 7 February 2003


Sponsorship

APF thanks its site-sponsor: