‘Australian Privacy Principles’ – Two Steps Backwards
Privacy Laws & Business International Newsletter, Vol. 106, pp. 13-15, July 2010
5 Pages Posted: 19 Mar 2012
Date Written: July 12, 2010
Abstract
Australia currently has IPPs (‘Information Privacy Principles’ - federal public sector) and NPPs (‘National Privacy Principles’ – most parts of the private sector). The Australian Law Reform Commission (ALRC) in its report on privacy (2008) recommended their replacement with eleven ‘Unified Privacy Principles’ (UPPs). In 2010 the Government released ‘exposure draft’ legislation which rebrands them as the ‘Australian Privacy Principles’ (APPs), and expanded them to thirteen.
Have they improved further? A hallmark of these APPs is that, wherever possible, practicable or reasonable, the language has been made less precise and (if authorised by law or reasonably believed) exemptions are expanded, so the principles are harder to pin down and easier to avoid. Many ‘weasel words’ are used which subtly weaken the principles. This article examines each of the thirteen proposed principles and assesses their strengths and (more often) weakness compared with the existing principles and the ALRC report. The most controversial new principle is APP 8, which, at the urgings of the ALRC, abandons what it calls a ‘border protection’ approach in favour of the approach mis-described as ‘accountability’. The APPs are still capable of being improved by some judicious de-weaseling and exemption removal. But for now, Weasels Rule, okay?
Suggested Citation: Suggested Citation