20.1 This chapter concerns the principle of anonymity and pseudonymity. Currently, the Privacy Act 1988 (Cth) provides a limited right for an individual to transact anonymously with organisations through National Privacy Principle (NPP) 8.[1] This right is designed to give individuals, where appropriate, greater control over how much personal information they wish to reveal to organisations with which they are dealing. Where applicable, it also allows an individual to reveal often intimate, personal information while minimising the risk that this information will be traced back to the individual concerned.

20.2 The anonymity principle complements NPP 1, which prohibits an organisation from collecting information that is not necessary for its functions or activities. In particular, NPP 8 is intended to affect the design of new technologies that collect more information than is necessary when an organisation transacts with individuals.[2]

20.3 The Revised Explanatory Memorandum to the Privacy Amendment (Private Sector) Bill 2000 states:

Anonymity is an important dimension of privacy. In some circumstances, it will not be practicable to do business anonymously. In others, there will be legal obligations that require identification of the individual. Unless there is a good practical or legal reason to require identification, organisations should give people the option to operate anonymously. This principle is not intended to facilitate illegal activity.[3]

20.4 Some examples of where an individual may wish to transact anonymously with an agency or organisation include:

  • making a telephone inquiry about a product or service; and

  • using counselling services, especially where information is revealed about a third party.[4]

20.5 This chapter focuses on two main issues. The first is potential expansion of the anonymity principle under the model Unified Privacy Principles (UPPs), including: whether it should cover agencies in addition to organisations; and whether the principle should be expanded to cover pseudonymity. Secondly, the chapter considers what should be the content of this principle.

[1]Privacy Act 1988 (Cth) sch 3, NPP 8.

[2] See J Douglas-Stewart, Annotated National Privacy Principles (2005), [2–5510].

[3] Revised Explanatory Memorandum, Privacy Amendment (Private Sector) Bill 2000 (Cth), [384].

[4] J Douglas-Stewart, Annotated National Privacy Principles (2005), [2–5520].