16.08.2010
11.26 Personal information about a substantial number of people is available from public sources such as electoral rolls, court records, state registers of births, deaths and marriages, annual reports and newspapers. This information may be of interest to people for a multitude of reasons. For example, it may be of interest to: people engaged in direct marketing or fundraising; employers wishing to investigate potential employees; politicians wishing to know more about their constituents or vice versa; people wishing to use false identities to engage in illegal activities; and law enforcement officers investigating criminal offences.
11.27 In the past, individuals seeking to obtain access to generally available publications usually were required to attend the location where the information was stored, such as a court house, and to expend a considerable amount of time manually searching or copying records.[45] This meant that personal information in generally available publications was afforded a degree of de facto privacy protection. Developments in information and communications technologies, such as the creation of powerful computer databases and the internet, have greatly altered the way in which information is stored, accessed, combined, transferred and searched.[46] In particular, information can now be published in electronic form. While it is arguable that information in the public domain should be available in all formats, it also can be argued that privacy ‘can be violated by altering levels of accessibility, by taking obscure facts and making them widely accessible’.[47]
11.28 The publication of publicly available information in electronic form increases the ability of third parties to combine disparate pieces of personal information about others.[48] Disparate pieces of information about a person may reveal little when viewed separately, but the aggregation of these pieces of information—for example, in the search results provided by an internet search engine in response to a search query about a person’s name—can provide a detailed profile of a person. Internet search engines and social networking sites can be used by third parties to obtain information about individuals for a number of purposes. For example, a recent United Kingdom study noted that one in five employers searched the internet for information about job applicants.[49] In addition, personal information about an individual published on the internet can be used to conduct identity theft.[50] Another issue is that information aggregated from a variety of different publicly available sources may present an inaccurate portrait of an individual if, for example, inaccurate information were collected, or errors occurred, during the aggregation process.
Application of the Privacy Act
11.29 The privacy principles apply when personal information is collected by an agency or organisation for inclusion in a ‘record’ ora ‘generally available publication’.[51] The privacy principles that deal with the handling of personal information subsequent to collection, however, only apply to personal information that is held in a record.[52] A recordis a document, database, or photograph or other pictorial representation of a person.[53] A book, magazine or other publication that is generally available to the public is not a record for the purposes of the Privacy Act.[54]
11.30 The Supreme Court of Victoria has considered the public nature of websites in the context of deciding whether confidential information loses its confidential nature when published online by anonymous bloggers.[55] In the privacy context, the relevant consideration for determining whether a publication is generally available is whether access to that publication can be obtained by the public. Guidance issued by the OPC indicates that websites that are not encrypted or password protected are considered ‘generally available’.[56]
11.31 There are, however, some restrictions on the handling of personal information contained in a generally available publication. An agency or organisation that continues to hold personal information that has been made generally available in a record—for example, a master copy—will need to comply with the requirements in the privacy principles for the protection of personal information that is held in the record.[57] Moreover, an agency or organisation that collects personal information from a generally available publication for inclusion in a record or another generally available publication will need to comply with the requirements in the relevant privacy principles.[58] For example, the ‘Collection’ principle requires an agency or organisation to collect personal information about an individual only from that individual if it is reasonable and practicable to do so. In addition, the ‘Notification’ principle requires an agency or organisation that collects personal information about an individual other than from the individual concerned to take such steps, if any, as are reasonable in the circumstances to notify or ensure that the individual is aware of the requirements of the principle.[59]
11.32 This section provides an overview of two sources of publicly available information—public registers and court records.
Public registers
11.33 In the late 19th century, governments began systematically to compile and retain records of their citizens. Today, records are kept ‘for almost every occasion an individual comes into contact with the state bureaucracy’.[60] Legislation may require these records to be used to create public registers. For example, the Commonwealth Electoral Act 1918 (Cth)requires the Australian Electoral Commission to construct and maintain a roll of people eligible to vote at federal, and, by agreement, most state and local government elections. Electoral rolls are available for public inspection without fee at offices of the Australian Electoral Commission.[61]
11.34 Public registers often promote important public interests. For example, a publicly available electoral roll facilitates the conduct of free and fair elections by ‘enabling participants to verify the openness and accountability of the electoral process and object to the enrolment of any elector’.[62] There is, however, a tension between the public interests served by a public register of information and the privacy of individuals included on the register. This is exacerbated when it is compulsory to provide the information that is included in the register.[63]
11.35 It has been argued that failure to adequately protect the privacy of personal information contained in public registers can have serious consequences. For example, individuals may choose to withdraw from public life in order to protect their privacy.[64] Concern has been expressed that the widespread dissemination of electors’ personal information ‘has the potential to discourage some electors from enrolling and exercising their democratic rights and duties’.[65] Research conducted for the OPC indicated that only 19% of survey participants believed that businesses should be allowed to use the electoral roll for marketing purposes.[66]
11.36 Legislation establishing a public register also can limit the use and disclosure of information acquired from the register. For example, s 177 of the Corporations Act 2001 (Cth) prohibits any person from using information collected from a shareholder register to contact a shareholder.[67] Legislation can limit the use and disclosure of information acquired from a register that is published in electronic form. For example, the Commonwealth Electoral Act 1918 (Cth) prohibits a person from using electoral roll information provided by the AEC in tape or disk format, unless the disclosure is in connection with an election or referendum, or monitoring the accuracy of information contained in a roll or other prescribed purpose.[68]
11.37 In February 2008, the New Zealand Law Commission (NZLC) released a report on the law relating to public registers.[69] This report considered whether the law relating to public registers required systematic alteration as a result of privacy considerations and emerging technology. The NZLC expressed the view that any regulatory model for public registers should:
be compatible with the principles of openness and transparency;
ensure that agencies administering public registers are accountable for the fair handling of personal information;
allow an appropriate decision maker, usually Parliament, to balance various public interests when determining whether personal information should be accessible on a public register;
be flexible enough to address the diversity of public registers and be able to accommodate changes in policy and technology; and
be administratively simple, efficient and cost-effective, and capable of operating effectively in the online environment.[70]
11.38 The NZLC discussed four possible regulatory models: (1) maintaining the current system of regulation of some registers by the Privacy Act 1993 (NZ), making amendments where appropriate; (2) creating a rebuttable system of general access to public registers; (3) creating a public register statute that sets out principles and provisions applicable to all public registers; and (4) regulating public registers through their individual establishing statutes. The NZLC concluded that the fourth option was preferable. It recommended a review of all public registers according to a template of considerations, with any changes to be introduced in an omnibus Bill.[71] This mechanism would have the advantage of legislative clarity and certainty. Further, it would require Parliament to balance relevant public and private interests at the stage of setting up or amending each register.
Court records
11.39 The principle of open justice is an essential feature of the common law judicial tradition. It requires the administration of justice to be conducted in open court. The principle of open justice ‘is an important safeguard against judicial bias, unfairness and incompetence, ensuring that judges are accountable in the performance of their duties’.[72] In 2006, the NZLC noted that the principle of open justice generally requires open access to court records.[73]
11.40 Court records often contain vast amounts of personal information about a number of people, including the parties, family members of the parties and witnesses. For example, records of bankruptcy cases may include details of the financial circumstances of bankrupts; records of cases in which damages are claimed may include detailed information regarding the health of the plaintiff; records of family court proceedings may contain detailed information about family relationships; and records of criminal cases may include information about an offender’s previous criminal history, social security status or mental health.
11.41 Access to court records is regulated by legislation and rules of court.[74] In the Federal Court of Australia, a person is entitled to search and inspect certain documents, such as pleadings, judgments or orders, unless the court or a judicial officer has ordered that they are confidential.[75] A person who is not a party to the proceeding may only inspect certain documents, such as interrogatories or answers to interrogatories, with the leave of the court.[76] Leave usually will be granted, however, where a document has been admitted into evidence or read out in open court.[77]
11.42 Section 121 of the Family Law Act 1975 restricts the publication of court proceedings that would identify a party, witness or person related to proceedings. The restriction does not apply to the publication of accounts of proceedings that have been approved by the court, but the ALRC has been advised that the Family Court of Australia has adopted a policy and practice for the making of personal information contained in court judgments made available for publication anonymous or pseudonymous. In addition, the Supreme Court of New South Wales recently has introduced an identity theft prevention and anonymisation policyfor transcripts and judgments. The policy requires judges to consider whether it would be appropriate to restrict the publication of details such as the dates of birth and residential addresses of victims, witnesses and accused.[78]
Options for reform
11.43 There are various approaches to regulate online access to personal information contained in generally available publications. Overseas jurisdictions differ in the way in which they approach the issue. For example, some Scandinavian countries allow a substantial amount of personal information to be included in government records published on public websites.[79] At the other end of the spectrum, a Bill currently under consideration in New Zealand is intended to prevent access to births, deaths and marriages publications that were produced less than 100 years ago.[80]
11.44 In DP 72, the ALRC noted that there were several ways to restrict inappropriate internet publication of personal information, including to:
prohibit the collection of personal information contained in generally available publications;
restrict the use and disclosure of publicly available information in electronic form to that which is consistent with the public interest served by publishing the information;
limit the type of information that is made available electronically to that which is necessary to promote the purpose of the public record; and
remove unnecessary personal information from documents before they are published electronically.[81]
11.45 In DP 72, the ALRC noted that in the online environment it could be difficult to enforce the first two options for reform. The ALRC suggested that a better approach would be for the OPC to provide education and guidance to agencies and organisations directed towards restricting the type and extent of personal information that is made available online.[82] The ALRC noted that the Office of the Victorian Privacy Commissioner (OVPC) has issued guidelines to Victorian state agencies that collect personal information for inclusion on public registers. These guidelines outline circumstances where it is appropriate for an agency to give notice about online dissemination of personal information and where the online dissemination of information should be suppressed.[83]
11.46 The ALRC proposed that OPC guidance should: apply whether or not the agency or organisation is required by law to make the personal information publicly available; set out certain factors that agencies and organisations should consider before publishing personal information in an electronic form; and set out the requirements in the model Unified Privacy Principles (UPPs) with which agencies and organisations need to comply when collecting personal information from generally available publications.[84]
Submissions and consultations
11.47 A number of stakeholders supported this proposal.[85] The OVPC suggested that, to ensure efficiency and consistency, the proposed guidance should be produced jointly by privacy commissioners in all Australian jurisdictions and should apply to agencies, organisations and state and territory agencies.[86]
11.48 The Cyberspace Law and Policy Centre submitted that the OPC guidance should encourage a presumption that personal information should not be posted online ‘unless all alternatives have been explored and rejected as not feasible, or the competing social interests clearly justify such a level of Internet publication’. Further, agencies or organisations should be encouraged to notify individuals before online publication of their personal information, and provide a way for individuals to challenge the decision to publish the information online.[87]
Public registers
11.49 In PIAC’s view, guidance would not restrict the electronic publication of personal information contained on public registers. PIAC suggested that stronger regulation was required to prevent the profiling of an individual from information collected from generally available publications.[88]
11.50 PIAC submitted that legislation establishing public registers should be reviewed to ensure that there are appropriate restrictions on the type and extent of personal information published on the internet, and that any restrictions on the use and disclosure of personal information contained on the register are clearly set out. PIAC submitted that these legislative instruments should limit publicly available information that is published in an electronic form to that which is necessary to promote the purpose of the public record, or provide for the removal of unnecessary personal information from documents before they are published electronically.[89]
Court records
11.51 A number of courts and tribunals have advised the ALRC that they have developed internal policies and guidelines that relate to the online publication of judgments. This guidance is developed by each court and tribunal and is directed towards the particular issues that arise from the online publication of judgments in each jurisdiction. For example, a court that deals mainly with family law matters may require different procedures about the redaction of personal information in judgments published online than a court that deals mainly with commercial matters.
11.52 The OPC noted that the publication of court records could interfere with spent convictions laws, facilitate identity theft and lead to intimidation of those involved in court processes. The OPC was of the view, however, that ‘changes to court record publication are best dealt with through procedural directives or guidelines rather than through legislative intervention’.[90] The OPC submitted that a coordinated approach between state, territory and federal courts ‘would provide a more consistent framework for the electronic publication of court records’. The OPC suggested that it would be appropriate for the Standing Committee of Attorneys-General (SCAG) to consider this issue.[91] The Cyberspace Law and Policy Centre supported a separate inquiry into the publication of electronic court records.[92]
ALRC’s view
11.53 The internet has changed the nature of the ‘public domain’. It is not appropriate to deal with the issues presented by the electronic publication of publicly available information by increasing the regulation of personal information held in a ‘generally available publication’. There is a public interest in making certain types of information publicly available. In some circumstances, this public interest remains relevant for generally available publications published in an electronic form. In addition, it is difficult to enforce the collection, use and disclosure of personal information in such publications. Electronic publication of generally available publications has increased, rather than decreased, the difficulties of enforcement.
11.54 The ALRC observes that stakeholders’ concerns about generally available publications are focused on circumstances when these publications are widely disseminated—in particular, when they are posted on the internet. As discussed above, there are inherent difficulties in regulating the collection, use and disclosure of personal information published on the internet. Agencies and organisations should, therefore, be encouraged to put restrictions on the type and extent of personal information that is published on the internet.
11.55 In the case of public registers, the electronic publication of the register may be regulated by the legislative instrument that establishes the register—in the way that, for example, the Commonwealth Electoral Act regulates certain uses and disclosures of information collected from electronic versions of the electoral roll. In the ALRC’s view, individual legislative instruments that establish public registers should be reviewed to ensure each instrument sets out clearly any restrictions on the electronic publication of personal information contained on a register. Such a review could be based on the template discussed by the NZLC in its report on regulatory models for public registers. This approach will ensure that an appropriate balancing between the public interests of openness and transparency and the privacy interests of individuals is undertaken for each register.
11.56 The ALRC notes that courts and tribunals that publish judgments and decisions in the online environment have developed internal policies and guidelines that deal with particular issues that arise in the relevant jurisdiction. In the ALRC’s view, the content of court and tribunal records should remain within the purview of the court or tribunal in question. The ALRC also notes that SCAG is considering the issue of online publication of criminal records in relation to spent convictions.[93]
11.57 In addition, the OPC should provide education and further guidance to agencies and organisations addressing the restrictions that should be placed on the type and extent of personal information published online. The ALRC notes that the OPC has issued an Information Sheet (Information Sheet 17) that focuses on the collection by organisations of personal information contained in generally available publications.[94] Information Sheet 17 also lists some tips for good privacy practice that apply to agencies and organisations required by law to make personal information publicly available. In addition, the OPC recently conducted an own motion investigation into the publication of insolvency information on the website of a trustee firm. In its decision, the OPC recommended that the firm take steps to prevent general internet users from browsing the bankruptcy files. The OPC suggested that one way to ensure that creditors could obtain access to the information would be to secure it using password protection.[95]
11.58 Information Sheet 17 could be used as the basis for providing more detailed guidance to agencies and organisations that make personal information about individuals available in electronic form. The guidance should apply whether or not the agency or organisation is required by law to make the personal information publicly available. The guidance could provide detailed advice on issues outlined in Information Sheet 17—for example, factors that agencies and organisations should consider before publishing personal information in an electronic form, such as whether it is in the public interest to publish on a publicly accessible website personal information about an identified or reasonably identifiable individual. The guidance could also provide examples of when it might be appropriate to restrict access to information by way of password protection, and what type of information should be suppressed in a generally available publication that is published online.
11.59 The recommended guidance should also set out clearly the requirements with which both agencies and organisations must comply when collecting information from generally available publications for inclusion in a record (or another generally available publication). The ALRC notes that the definition of a ‘record’ includes a ‘database’.[96] It is highly unlikely that personal information collected from generally available publications—for example, by an organisation for the purposes of direct marketing or data-matching—will notbe included in some form of record (or another generally available publication).[97] The recommended guidance should set out the steps that should be taken by an agency or organisation that collects personal information from generally available publications to meet the obligations in the ‘Collection’, ‘Notification’, ‘Data Quality’ and ‘Direct Marketing’ principles.[98]
11.60 Finally, the ALRC notes that both the Information Privacy Principles (IPPs) and National Privacy Principles (NPPs) regulate personal information that is collected for inclusion in a record or generally available publication, but the principles only apply to personal information that is held in a record. The way that this is achieved in the legislation, however, differs. IPPs 1–3 refer to both a ‘record’ and a ‘generally available publication’, whereas IPPs 4–11 refer only to a ‘record’. In relation to the NPPs, the application of the relevant principles to records and generally available publications is set out in s 16B. In the ALRC’s view, the latter approach is preferable and notes that it will be necessary to make a consequential amendment to s 16B of the Privacy Act when the model UPPs are implemented.[99]
Recommendation 11-1 The Office of the Privacy Commissioner should develop and publish guidance that relates to generally available publications in an electronic format. This guidance should:
(a) apply whether or not the agency or organisation is required by law to make the personal information publicly available;
(b) set out the factors that agencies and organisations should consider before publishing personal information in an electronic format (for example, whether it is in the public interest to publish on a publicly accessible website personal information about an identified or reasonably identifiable individual); and
(c) clarify the application of the model Unified Privacy Principles to the collection of personal information from generally available publications for inclusion in a record or another generally available publication.
Recommendation 11-2 The Australian Government should ensure that federal legislative instruments establishing public registers containing personal information set out clearly any restrictions on the electronic publication of that information.
[45] D Solove, ‘Access and Aggregation: Privacy, Public Records and the Constitution’ (2002) 86 Minnesota Law Review 1137, 1152.
[46] Ibid, 1152–1153.
[47] Ibid, 1178.
[48] M Neave, ‘International Regulation of the Publication of Publicly Accessible Personal Information’ (2003) 10 Privacy Law & Policy Reporter 120, 122.
[49] YouGov, What Does Your NetRep Say About You? [Research Commissioned by Viadeo] (2007).
[50] Identity theft is discussed in Ch 12.
[51]Privacy Act 1988 (Cth) s 14, IPPs 1–3 and s 16B(1).
[52] Ibid s 14, IPPs 4–11 and s 16B(2).
[53] Ibid s 6(1). In Ch 6, the ALRC recommends that the definition of ‘record’ should be amended to make it clear that a record includes a document as defined in the Acts Interpretation Act 1901 (Cth), and information stored in electronic or other format: Rec 6–6.
[54] Ibid s 6(1). In Ch 6, the ALRC recommends that the definition of a generally available publication should be amended to clarify that a publication is generally available whether or not a fee is charged for access to the publication: Rec 6–7.
[55] In deciding that confidential information does not lose its confidential nature by such publication, Kellam J stated that an unknown number of internet users had viewed the website in question. Further, the public does not have the ‘expectation of authenticity, veracity or otherwise of the information posted on such websites’: Australian Football League v The Age Company Ltd [2006] 15 VR 419, 431.
[56] Office of the Federal Privacy Commissioner, Privacy and Personal Information That is Publicly Available, Information Sheet 17 (2003); Office of the Federal Privacy Commissioner, Guidelines for Federal and ACT Government Websites (2003) <www.privacy.gov.au/internet/web/> at 1 May 2008.
[57] Office of the Federal Privacy Commissioner, Privacy and Personal Information That is Publicly Available, Information Sheet 17 (2003), 3.
[58] See the ‘Collection’, ‘Notification’ and ‘Data Quality’ principles, which are set out at the beginning of this Report.
[59] The ‘Notification’ principle applies in circumstances where a reasonable person would expect to be notified.
[60] D Solove, ‘Access and Aggregation: Privacy, Public Records and the Constitution’ (2002) 86 Minnesota Law Review 1137, 1143.
[61]Commonwealth Electoral Act 1918 (Cth) s 90A.
[62] Australian Electoral Commission, How to View the Commonwealth Electoral Roll <www.aec.
gov.au/Enrolling_to_vote/About_Electoral_Roll/How_to_view_electoral_roll.htm> at 1 May 2008.
[63] For example, it is compulsory for individuals who are entitled to have their names included on an electoral roll to enrol within 21 days of becoming so entitled: Commonwealth Electoral Act 1918 (Cth) s 101.
[64] See B Givens, Public Records on the Internet: The Privacy Dilemma (2002) Privacy Rights Clearinghouse <www.privacyrights.org/ar/onlinepubrecs.htm> at 1 May 2008.
[65] Australian Electoral Commission, Submission to the Joint Standing Committee on Electoral Matters Inquiry into the 2001 Federal Election, 1 July 2002, App D, 8.
[66] Roy Morgan Research, Community Attitudes Towards Privacy 2004 [prepared for Office of the Privacy Commissioner] (2004), [6.4].
[67] Ch 16 discusses collection of personal information that is required or authorised by law.
[68]Commonwealth Electoral Act 1918 (Cth) s 91A(2A). This provision does not apply to a Senator, member of the House of Representatives, or political party.
[69] New Zealand Law Commission, Public Registers—Review of the Law of Privacy, Stage 2, Report 101 (2008).
[70] Ibid, 71.
[71] Ibid, 71–75.
[72] New Zealand Law Commission, Access to Court Records, Report 93 (2006), [2.2].
[73] Ibid, [2.4].
[74] See, eg, High Court Rules 2004 (Cth) r 4.07.4; Federal Court Rules 1979 (Cth) o 46 r 6; Federal Magistrates Court Rules 2001 (Cth) r 2.08. In Ch 35, the ALRC discusses the partial exemption of federal courts from the operation of the Privacy Act 1988 (Cth). The ALRC also recommends that the Privacy Act should be amended to provide that federal tribunals, boards and commissions whose primary functions involve dispute resolution, administrative review or disciplinary proceedings are exempt from the operation of the Act except in relation to an act done, or a practice engaged in, in respect of a matter of an administrative nature: Rec 35–1.
[75] Federal Court Rules 1979 (Cth) o 46 r 6(1), (2).
[76] Ibid o 46 r 6(3), (5).
[77] Federal Court of Australia, Public Access to Court Documents <www.fedcourt.gov.au/courtdocuments
/publicdocuments.html> at 1 May 2008.
[78] Supreme Court of New South Wales, Identity Theft Prevention and Anonymisation Policy (2007).
[79] For a discussion of the significant number of Swedish government records that are published online, see E Addley, ‘Sweden Tries to Lose Reputation as Snoopers’ Paradise’, Guardian Unlimited Technology (online), 19 June 2007, <technology.guardian.co.uk>.
[80] See, eg, Births, Deaths, Marriages, and Relationships Registration Amendment Bill 2007 (NZ).
[81] Australian Law Reform Commission, Review of Australian Privacy Law, DP 72 (2007), [8.53]–[8.55].
[82] Ibid, Proposal 8–1.
[83] Office of the Victorian Privacy Commissioner, Public Registers and Privacy—Guidance for the Victorian Public Sector (2004).
[84] Australian Law Reform Commission, Review of Australian Privacy Law, DP 72 (2007), Proposal 8–1.
[85] See, eg, Australian Government Department of Agriculture‚ Fisheries and Forestry, Submission PR 556, 7 January 2008; Australian Privacy Foundation, Submission PR 553, 2 January 2008; Australian Direct Marketing Association, Submission PR 543, 21 December 2007; Office of the Privacy Commissioner, Submission PR 499, 20 December 2007; Office of the Victorian Privacy Commissioner, Submission PR 493, 19 December 2007; Privacy NSW, Submission PR 468, 14 December 2007.
[86] Office of the Victorian Privacy Commissioner, Submission PR 493, 19 December 2007. In Ch 17, the ALRC recommends that, when an Australian Government agency is participating in an intergovernmental body or other arrangement involving state and territory agencies that handle personal information, the Australian Government agency should ensure that a memorandum of understanding or other arrangement is in place to ensure appropriate handling of personal information: Rec 17–1.
[87] Cyberspace Law and Policy Centre UNSW, Submission PR 487, 19 December 2007.
[88] Public Interest Advocacy Centre, Submission PR 548, 26 December 2007.
[89] Ibid.
[90] Office of the Privacy Commissioner, Submission PR 215, 28 February 2007.
[91] Office of the Privacy Commissioner, Submission PR 499, 20 December 2007.
[92] Cyberspace Law and Policy Centre UNSW, Submission PR 487, 19 December 2007.
[93] Standing Committee of Attorneys-General, ‘Communiqué’ (Press Release, 28 March 2008).
[94] Office of the Federal Privacy Commissioner, Privacy and Personal Information That is Publicly Available, Information Sheet 17 (2003).
[95]Own Motion Investigation v Bankruptcy Trustee Firm [2007] PrivCmrA 5. An exemption from the Privacy Act for insolvency practitioners is considered, but not recommended, in Ch 44.
[96]Privacy Act 1988 (Cth) s 6(1). The definition of a ‘record’ is discussed further in Ch 6.
[97] In Ch 10, the ALRC proposes that the OPC develop and publish guidance on data-matching to organisations: Rec 10–4.
[98] The ‘Collection’, ‘Notification’ and ‘Data Quality’ principles apply to both agencies and organisations. The ‘Direct Marketing’ principle only applies to organisations.
[99] The model Unified Privacy Principles are discussed in Part D.