Introduction

1.1 On 30 January 2006, the then Attorney-General, the Hon Philip Ruddock MP, asked the Australian Law Reform Commission (ALRC) to conduct an inquiry into the extent to which the Privacy Act 1988 (Cth) and related laws continue to provide an effective framework for the protection of privacy in Australia.[1] During the course of the Inquiry, the ALRC published two Issues Papers, Review of Privacy (IP 31)[2] and Review of Privacy—Credit Reporting Provisions (IP 32),[3] and a three volume discussion paper, Review of Australian Privacy Law (DP 72). To facilitate community involvement, concise overviews of the Issues Papers[4]and the Discussion Paper[5] were published. An interactive website, ‘Talking Privacy’, was designed specially for children and young people, and was accessible from the ALRC’s homepage.

1.2 The Privacy Act itself is substantially the product of a seven-year research effort by the ALRC, which culminated in 1983 with the three volume report, Privacy (ALRC 22).[6] The Act also gave effect to Australia’s obligations to implement the Organisation for Economic Co-operation and Development Guidelines for the Protection of Privacy and Transborder Flows of Personal Data (OECD Guidelines),[7] and partially implemented into domestic law Australia’s obligations under art 17 of the International Covenant on Civil and Political Rights (ICCPR).[8]

[1] Such a review was recommended in two previous inquiries: Parliament of Australia—Senate Legal and Constitutional References Committee, The Real Big Brother: Inquiry into the Privacy Act 1988 (2005), rec 2; Office of the Privacy Commissioner, Getting in on the Act: The Review of the Private Sector Provisions of the Privacy Act 1988 (2005), rec 1.

[2] Australian Law Reform Commission, Review of Privacy, IP 31 (2006).

[3] Australian Law Reform Commission, Review of Privacy—Credit Reporting Provisions, IP 32 (2006).

[4] Australian Law Reform Commission, Reviewing Australia’s Privacy Laws: Is Privacy Passé?, Overview (2006).

[5]Australian Law Reform Commission, Review of Australian Privacy Law: An Overview of Discussion Paper 72 (2007).

[6] Australian Law Reform Commission, Privacy, ALRC 22 (1983).

[7] Organisation for Economic Co-operation and Development, Guidelines on the Protection of Privacy and Transborder Flows of Personal Data (1980). The OECD Guidelines are discussed below, and in detail in Part D.

[8] M Paterson, Freedom of Information and Privacy in Australia: Government and Information Access in the Modern State (2005), [2.54]. Article 17 of the ICCPR provides: ‘1. No one shall be subjected to arbitrary or unlawful interference with his privacy, family, home or correspondence, nor to unlawful attacks on his honour and reputation. 2. Everyone has the right to the protection of the law against such interference or attacks’: International Covenant on Civil and Political Rights, 16 December 1966, [1980] ATS 23, (entered into force generally on 23 March 1976).