Gaming Strategy
Featured Stories
Legal News Financial News Casino Opening and Remodeling News Gaming Industry Executives Search News Subscribe
Newsletter Signup
Stay informed with the
NEW Casino City Times newsletter!
Search Our Archive of Gaming Articles 

Australian Government Introduces Privacy Legislation

13 April 2000

The Australian Federal Government has introduced privacy legislation into Parliament which, for the first time, covers the use of personal information in the private sector and by Web site operators.

The Privacy Amendment (Private Sector) Bill 2000 will put in place a framework for the fair handling of personal information by commercial organizations operating in Australia. It will come into force on July 1, 2001 or 12 months after the Bill has been passed.

While the Bill has been welcomed by most consumer and Internet organizations as a step in the right direction, some are concerned that an abundance of exemptions to the rules makes the legislation too leaky to be watertight and effective.

Among the requirements of the legislation:

- commercial databases storing personal information will have to be secure, open to scrutiny and up-to-date with correct information. They will also need to give people access to records held about themselves and a way for them to correct any mistakes in the records.

- companies will not be able to sell lists of their customers or subscribers on to other commercial organizations without their permission. Direct marketing lists will be required to have an opt out method whereby consumers can elect to receive no further correspondence.

- sensitive information, such as health information, will be given greater protections.

Web site operators will have additional requirements, including:

- that all Web sites must publish a privacy policy or statement

- Internet users must be told who is collecting their information and how it is used, stored and disclosed. As in the overall legislation, people must have the ability to correct records.

- online companies must take steps to protect the information they hold from unauthorized access, including securing data using means such as encryption.

- direct marketing by electronic mail must always contain a legitimate opt-out method.

This last approach to unwanted commercial e-mail (or spam) has been one of the contentious issues among the local Internet community. The argument is that rules for opt-out spam are meaningless as the damage (and cost to the receiver and the Internet generally) has already been done when the recipient gets the unwanted message.

While opt-out spam will be permitted under the legislation, the Internet Industry Association's code of practice on privacy and a code of practice for Internet retailers both promote an opt-in approach. It is hoped that the support for opt-in from these directions will at least send a message that spamming is not good corporate behavior on the Internet.

Across the economy, industry sectors will develop their own codes of practice with regard to information-handling. These codes must meet a certain level of protection defined by the government. A complaints procedure has also been set up.

Exemptions to the legislation include: use of information by a media organization in the course of journalism, and all small businesses will be exempt from the legislation unless the trade in personal information or are in the health sector.

The last of these exemptions is one of the holes that has caused Internet and consumer groups concern. The Australian Consumers' Association (ACA), the nation's foremost consumer watchdog, has said that the Bill will not deliver adequate privacy protection.

Charles Britton, senior policy officer for IT and communications at the ACA, said "the proposed self regulation of privacy is too 'light touch'. Business that does the wrong thing will be hit with a feather."

He remains concerned that Australia's Privacy Commissioner will have little or no power to control industry that does the wrong thing. The deferring of legislation to industry codes of practice also causes problems, he says: "Consumers will have a variable experience of privacy protection depending on the industry sector they deal with."

He continued, "We are also concerned about the exchange of information between related organizations." While companies will be allowed to share personal information with related companies, Britton argues that "a test of the consumer's expectation would be more appropriate to determine how far information should travel."

For direct mail and direct e-mail marketing, the ACA is also angry over the opt-out regime: "The Bill has direct mail exceptions that OK an 'opt-out' regime, in which the business bugs you and you have to tell them to stop. Industry best practice is an opt-in approach," Britton said. "Unless the business knows you are happy to be contacted, they should back off."

Meanwhile Internet watchdog Electronic Frontiers Australia said that the exemptions, particularly with regard to small business, political parties during election periods, and the media, will undermine any protection the Bill offers.

EFA Executive Director Peter Upton also agreed with the ACA on the ability for companies to pass on information to "related organizations."

"EFA believes that the Bill's general prohibitions against the secondary use of information - which was originally provided for a primary unrelated purpose - are seriously compromised by the exemption of 'related corporations'," Upton said. "This creates an unfortunate loophole, capable of leading to unforeseen uses of and access to private information, given in trust, by such bodies."

Reported By,

< Gaming News