Evaluative material

40.123 The 2000 House of Representatives Committee inquiry acknowledged that there is a difference between an employee’s health, family and financial information— which should not be provided to anyone else without the consent of the employee—and information concerning disciplinary matters or career progression of the employee.[196] The inquiry went on to recommend a significant narrowing of the scope of the employee records exemption in the Privacy Act to apply only to ‘exempt employee records’, which would consist of records relating to: the engagement, training, disciplining or resignation of the employee; termination of employment; and the employee’s performance or conduct.[197]

40.124 The inquiry recommended that the other matters listed in the proposed definition of ‘employee record’ be subject to the NPPs. It also noted that employee records can contain personal and sensitive information regardless of the size of the employer and therefore was of the view that its recommendations also should apply to small business employers.[198] The inquiry’s recommendations were not intended to override the provisions in the workplace relations legislation.[199] These recommendations were rejected by the Australian Government.[200]

Employment references

40.125 In DP 72, the ALRC acknowledged the concern raised by some stakeholders that the removal of the employee records exemption could affect the ability of prospective employers to engage in full and frank communication with a job applicant’s previous employers.[201] A major concern, in this context, is that employers may not provide references, or accurate and honest references, if employees are able to obtain access to them.

40.126 At common law, an employer (or a former employer) does not have an obligation to provide a reference for an employee.[202] Where the employer or former employer does provide a reference, however, the employer will be subject to the laws of defamation and deceit. The employer also may be under a duty to take reasonable care to ensure that the factual content of the reference is accurate and the opinion expressed is reasonably held.[203] It has been argued that, when faced with potential legal liability, employers may cease to provide references or use a disclaimer. In addition, where an employee is able to gain access to the reference, there could be social pressures that prevent complete honesty from referees.[204]

40.127 In contrast, it may be argued that it is impossible to predict how imposing a duty of care on employers would, in practice, affect the flow of such information. Many employers already take considerable care in preparing references and, therefore, the imposition of a legal obligation on employers to prepare references with care might not deter them from providing a reference. In addition, such a legal obligation might improve the quality of the information. As a result, reducing the quantity of references might not harm the public interest in the provision of full and frank references.[205]

Discussion Paper proposal

40.128 In order to address concerns about the handling of references and similar personal information, in DP 72, the ALRC considered three options for reform.

40.129 One option would be to exclude personal references given by referees from the operation of the Privacy Act. The Canadian Privacy Act 1985 defines ‘personal information’ to exclude ‘the personal opinions or views of the individual … about another individual’.[206] Similarly, in New South Wales, s 4(3)(j) of the Privacy and Personal Information Protection Act 1998 (NSW) provides that the definition of ‘personal information’ excludes ‘information or an opinion about an individual’s suitability for appointment or employment as a public sector official’.

40.130 Another option would be to amend the Privacy Act to allow the recipient of a reference to deny a request for access to a reference that is given to it in confidence. Under s 29 of the Privacy Act 1993 (NZ), an agency may deny a request for access to evaluative material, disclosure of which would breach a promise of confidence to the supplier of the information. ‘Evaluative material’ is defined to mean:

evaluative or opinion material compiled solely—

(a) For the purpose of determining the suitability, eligibility, or qualifications of the individual to whom the material relates—

(i) For employment or for appointment to office; or

(ii) For promotion in employment or office or for continuance in employment or office; or

(iii) For removal from employment or office; or

(iv) For the awarding of contracts, awards, scholarships, honours, or other benefits; or

(b) For the purpose of determining whether any contract, award, scholarship, honour, or benefit should be continued, modified, or cancelled; or

(c) For the purpose of deciding whether to insure any individual or property or to continue or renew the insurance of any individual or property.[207]

40.131 A third option would be to allow a potential employer to deny access to a personal reference given by a referee until after the job applicant has been informed of the result of the recruitment process. In Hong Kong, s 56 of the Personal Data (Privacy) Ordinance provides that, unless the referee consents, a data user does not have to provide a job applicant with access to, or a copy of, a personal reference given by the referee until after the job applicant has been informed in writing that he or she has been accepted or rejected to fill that position or office.[208]

40.132 The ALRC expressed the preliminary view that there was sufficient ground for an exception to the ‘Access and Correction’ principle, provided that a personal reference was given in confidence to a potential employer. The ALRC noted that this was in line with the common law obligation of confidence. At common law, an action for breach of confidence may arise where:

  • the information has the ‘necessary quality of confidence’—that is, it must be non-trivial, and, to some extent, secret or inaccessible;

  • the information was communicated or obtained in such circumstances as to give rise to an obligation of confidence; and

  • there is actual or threatened unauthorised use of the information.[209]

40.133 The ALRC observed that such an exception also would be in line with the existing law that applies to employees of Australian Government agencies. Although employment records of an Australian Government agency employee are covered by the Privacy Act, an employee is not entitled to access personal references about him or her held by an agency if their disclosure would found an action for breach of confidence.[210]

40.134 Accordingly, the ALRC proposed that the Privacy Act should provide for an exception to the proposed ‘Access and Correction’ principle in the model UPPs that would allow an agency or organisation to deny a request for access to ‘evaluative material’ that was given in confidence to an agency or organisation.[211] The proposed exception was based on the approach taken in the New Zealand Privacy Act rather than the other two options considered, because exceptions to the UPPs should be as narrowly drawn as possible. In addition, since the common law obligation of confidence endures for the duration of the confidential relationship, the ALRC did not consider that the exception should apply only until the end of the recruitment process.

40.135 The ALRC also stated that the same exception that would apply to confidential personal references also should apply to evaluative material compiled for the sole purpose of determining the awarding, continuation, modification or cancellation of contracts, awards, scholarships, honours or other benefits. This was because, in determining whether an individual should be awarded a contract, award or other similar benefits, the referee should be able to provide an honest evaluation about the individual’s merits without fear of that evaluation being made available to the individual concerned. The ALRC therefore proposed that, in the context of the proposal, ‘evaluative material’ should be defined to mean evaluative or opinion material compiled solely for the purpose of determining the suitability, eligibility, or qualifications of the individual concerned for employment, appointment or the award of a contract, scholarship, honour, or other benefit.[212]

Submissions and consultations

Confidential employment references

40.136 Some stakeholders expressed support for the ALRC’s proposal.[213] The OVPC stated that the proposal seemed to be ‘fairly carefully worded’, which was important to avoid overly broad interpretations.[214] Privacy NSW expressed ‘cautious support’ for the proposal and also noted that judicial interpretation of the New South Wales provision has caused difficulty for many employees seeking access to employment-related personal information.[215]

40.137 National Legal Aid expressed reservations about the proposal because the common law on liability for negligent references is still undeveloped. It stated that, given this state of development,

There is scope for a more robust debate on whether those who provide references should be able to rely on confidentiality where information is malicious or intended to prevent an employee from obtaining employment elsewhere.[216]

40.138 Some stakeholders objected to the ALRC’s proposed exception to the ‘Access and Correction’ principle concerning confidential evaluative materials.[217] Stakeholders submitted that modern human resources practices could and should accommodate the openness of referee reports.[218] PIAC, for example, stated that there were good reasons why current employees should be able to access evaluative records. Unfair referee reports can be an obstacle to continued employment;[219] and evaluative records can provide evidence of discrimination against employees on the basis of such characteristics as age, race, sex, disability and family responsibilities.[220]

40.139 Several stakeholders noted that the proposed UPPs already contained general exceptions that would address employers’ concerns about the confidentiality of evaluative materials.[221] For example, the OPC submitted that there was no compelling policy reason to create a specific exception under the ‘Access and Correction’ principle because an exception capable of covering breach of confidence—that is, where ‘providing access would be unlawful’—would continue to be incorporated in the principle.[222] The OPC also argued that there was no sound policy reason for treating evaluative material about employees or potential employees differently from other personal information under the Privacy Act and expressed concern about the consequent ‘complexity and unnecessary compliance costs’.[223]

40.140 Other stakeholders noted that the proposed ‘Access and Correction’ principle provides for an exception where ‘providing access would reveal the intentions of the organisation in relation to negotiations with the individual in such a way as to prejudice those negotiations’. They submitted that this exception should be sufficient to address any concerns employers might have about having to grant employees access to evaluative material.[224]

40.141 Some employers and employer groups objected to the ALRC’s proposal for other reasons.[225] Suncorp-Metway Ltd maintained that the removal of the employee records exemption could prevent or discourage referees from giving a full and frank reference. It submitted this issue was of particular concern to the financial services industry because of its need to employ people of good character to handle financial and other personal information appropriately.[226]

40.142 The ACCI and the Retail Motor Industry suggested that the proposed exception concerning evaluative material could give rise to uncertainty.[227] In particular, the ACCI noted differing judicial views on breach of confidence and submitted that the right to deny access to evaluative material should not be based on the potential for such an action.[228]

40.143 Some stakeholders submitted that the scope of the proposed exception concerning evaluative materials was too limited.[229] GE Money Australia stated that the extent to which the exchange of evaluative material between employers would be permissible under the UPPs was unclear.[230] Another stakeholder submitted that the ALRC’s proposal would result in job applicants seeking to exercise their right of access to evaluative materials with the supplier of those materials rather than the potential employer. It also submitted that there should be

guidance to clarify when it would not be reasonable and practicable to collect information from the individual concerned, particularly where the information is required to validate or falsify information provided by a candidate in connection with an application to work, or to fill in gaps in a candidate’s work history.[231]

Confidential complaints and investigation of misconduct

40.144 Some stakeholders expressed specific concern about the application of the Privacy Act to confidential complaints about an employee.[232] It was argued that, where the confidential complaint was made by one employee against another, requiring an employer to grant access to information about a complaint could compromise workplace relations,[233] and dissuade employees from raising concerns with their supervisors about other employees in appropriate circumstances.[234]

40.145 National Australia Bank stated that granting employees access to personal information contained in a confidential complaint made by their colleagues would be contrary to the duty of confidentiality owed by employers to their employees. It submitted that employees could be deterred from complaining, or would pursue complaints through external avenues, which would not be conducive to a positive workplace environment.[235]

40.146 The National Catholic Education Commission and Independent Schools Council of Australia raised similar concerns in the context of confidential complaints about employees received from parents, students and staff. The Council noted that complaints about an employee were sometimes not disclosed to the employee so as not to harm the relationship between the employee and the complainant parent or the pupil. At other times, information would be passed on in a de-identified form. The Council suggested that there should be an additional exception to the ‘Access and Correction’ principle that allows an agency or organisation to deny access to confidential material compiled solely for the purposes of

evaluating complaints or concerns about an employee where it is reasonably considered that giving access to the material may result in material of a similar nature not being provided in the future or unreasonably affect ongoing relationships.[236]

40.147 Several stakeholders submitted that the removal of the employee records exemption would have an adverse effect on the investigation of suspected employee misconduct, such as misappropriation, fraud, sabotage, bullying and harassment.[237] Telstra, for example, submitted that employees should not be granted access to statements, reports and evidence relating to the investigation of misconduct because this would prejudice the investigation, or would discourage victims, witnesses and whistleblowers from coming forward.[238] Telstra stated that evidence gathered against the employee during the investigation only should be available if proceedings were subsequently taken against the employee.[239]

Other evaluative materials

40.148 Some stakeholders suggested that, if the employee records exemption were to be reformed, provision should be made to exclude certain records from the requirements of the UPPs. These records included those concerning: the engagement, training, disciplining, resignation or termination of an employee; and the performance or conduct of the employee.[240]

40.149 Another stakeholder noted that third parties—such as referees, managers, clients, complainants and work colleagues—often disclose personal information about an employee for these purposes. It was argued that, if the employee records exemption were removed, third parties and employers who disclose or grant access to personal information about an employee should be protected from legal action, such as defamation and workers compensation claims—especially in circumstances where they were required by the Privacy Act to grant access.[241]

40.150 Other stakeholders suggested that the proposed exception concerning evaluative materials should be extended to apply to:

  • personal information relating to the ongoing evaluation and assessment of employees by employers;[242]

  • evaluative materials concerning job applicants,[243] including information required for pre-employment screening;[244]

  • the handling of health information about a job applicant without the applicant’s consent for the purposes of assessing his or her suitability to perform particular types of work;[245] and

  • all personal information included within the definition of ‘employee record’ in the Privacy Act.[246]

ALRC’s view

40.151 As a general proposition, individuals should have a right to access all personal information about them, including evaluative materials in the employment context. The open and fair handling of employees’ personal information, in accordance with the UPPs, should be required in all circumstances—including in potentially contentious situations such as evaluation of performance, disciplinary action, resignation and termination of contract.

40.152 One concern raised by stakeholders is that the Privacy Act may require an employer to provide an employee with access to possibly unfavourable evaluative materials or opinions about the employee. In the ALRC’s view, granting employees access to their personal information, including unfavourable evaluations, is part of the open and fair handling of that information.

40.153 There are a number of competing considerations, however, that may justify the denial of such access. These considerations include the interest in: maintaining confidentiality; protecting the privacy of third parties; ensuring organisations comply with other legal obligations that may require them to deny access; ensuring that access would not prejudice the investigation of possible unlawful activity; and allowing organisations to deny access to information connected with commercially sensitive decision-making.

40.154 The ‘Access and Correction’ principle in the model UPPs strikes an appropriate balance between providing employees with access and allowing employers to deny access in appropriate circumstances. There is no compelling reason to create additional exceptions or exemptions in the Privacy Act that apply specifically to evaluative materials.

40.155 The UPPs contain general exceptions that address employers’ concern about the confidentiality of evaluative materials, such as employment references. In particular, the ‘Access and Correction’ principle in the model UPPs contains specific exceptions that would allow an organisation to deny access to a request for personal information in certain circumstances, including where: providing access would be unlawful; or denying access is required or authorised by law. Both of these exceptions would permit the employer to deny access if providing access would be a breach of confidence.[247] In addition, individuals generally would not be able to access confidential evaluative materials with the supplier of those materials, who would be exempt from the operation of the Act, if acting in his or her personal or non-business capacity.[248]

40.156 There also are concerns about the handling of personal information in the context of confidential complaints about employees. Again, in appropriate circumstances, qualifications and exceptions to the model UPPs lift the obligations to notify individuals about the collection of personal information and to provide access to it.

40.157 Under the ‘Notification’ principle, an organisation only is required to ‘take such steps, if any, as are reasonable in the circumstances’ to ensure that an individual is aware of the matters listed in the principle, such as the fact and circumstances of collection. An employer would not be required to notify an employee that it has received a complaint if it would not be reasonable to do so in the circumstances. Where the complaint is made in confidence to the employer, it would not be reasonable to require an employer to notify the employee who is the subject of the complaint if, for example, the complaint is not substantive enough to warrant investigation. Similarly, it would not be reasonable to require an employer to notify the employee of an investigation into suspected misconduct by the employee, if to do so would prejudice the investigation of the matter.

40.158 The ‘Access and Correction’ principle also contains specific exceptions that would allow an organisation to deny access to a request for personal information in certain circumstances, including where an employer is under an obligation of confidence to a complainant not to disclose the complaint about an employee to the employee. The employer also may deny a request for access by the employee to the confidential complaint on the basis that: providing access would be unlawful; denying access is required or authorised by law; or providing access would have an unreasonable impact on the privacy of the complainant.

40.159 Where an employer is conducting an investigation into suspected misconduct by an employee, the ‘Use and Disclosure’ principle in the model UPPs permits the use or disclosure of personal information by the employer about an employee if: it has reason to suspect that the employee is or may be engaged in unlawful activity (such as fraud or harassment); and the use or disclosure is a necessary part of its investigation or reporting its concerns to relevant persons or authorities. In addition, the employer may refuse to provide the employee with access to materials collected during the investigation if providing access would be likely to prejudice an investigation of possible unlawful activity. If legal proceedings against the employee are anticipated, the employer also may deny access on the basis that the information relates to anticipated legal proceedings between the organisation and the employee, and the information would not be accessible by the process of discovery in those proceedings.

40.160 While the UPPs are flexible enough to accommodate the handling of complaints about, and investigations into suspected misconduct by, employees, submissions by some stakeholders indicated that there might be some misconceptions as to how the UPPs would apply in these circumstances. Guidance issued by the OPC should address how the UPPs would apply to the handling of complaints about employees and the investigation of suspected employee misconduct.

40.161 Finally, the ALRC does not consider that there should be specific exceptions that permit an employer or a recruitment company to collect, use or disclose personal health information about a job applicant without the applicant’s consent for the purposes of assessing his or her suitability to perform particular types of work.

40.162 Sensitive information, such as health information, should be collected with the consent of the individual—unless the collection is required or authorised by or under law, or falls within any other exceptions under the ‘Collection’ principle. Where health information is necessary for the assessment of the suitability of a job applicant to perform particular types of work and the applicant does not consent to the collection of that information, an employer then may be justified in not hiring the applicant on the basis that it does not have sufficient information to judge the applicant’s suitability[249]—provided that it does not breach any applicable laws, such as anti-discrimination and equal employment opportunity laws.[250]

[196] Parliament of Australia—House of Representatives Standing Committee on Legal and Constitutional Affairs, Advisory Report on the Privacy Amendment (Private Sector) Bill 2000 (2000), [3.36].

[197] Ibid, recs 5–7.

[198] Ibid, [3.40].

[199] Ibid, [3.39].

[200] Australian Government Attorney-General’s Department, Government Response to House of Representatives Standing Committee on Legal and Constitutional Affairs, Advisory Report on the Privacy Amendment (Private Sector) Bill 2000 (2000) <www.ag.gov.au> at 1 August 2007.

[201] Australian Chamber of Commerce and Industry, Submission PR 219, 7 March 2007; Office of the Health Services Commissioner (Victoria), Submission PR 153, 30 January 2007; UNITED Medical Protection, Submission PR 118, 15 January 2007; M Hunter, Submission PR 16, 1 June 2006.

[202]Carrol v Bird (1800) 170 ER 588.

[203]Spring v Guardian Assurance Plc [1995] 2 AC 296; applied in Wade v Victoria [1999] 1 VR 121.

[204] J Catanzariti, ‘Are the Days of the Employee Reference Numbered?’ (1996) 34(8) Law Society Journal 31, 31.

[205]T Allen, ‘Liability for References: The House of Lords and Spring v Guardian Assurance’ (1995) 58 Modern Law Review 553, 556–557.

[206] Privacy Act RS 1985, c P-21 (Canada) s 3.

[207] Privacy Act 1993 (NZ) s 29(3).

[208]Personal Data (Privacy) Ordinance (Hong Kong) s 56.

[209] Moorgate Tobacco Co Ltd v Philip Morris Ltd (No 2) (1984) 56 ALR 193, 208.

[210] Under IPP 6, a public sector agency may refuse a request by an individual for access to personal information that the agency holds to the extent that the agency is required or authorised to refuse access under an applicable Commonwealth law that provides for access by persons to documents: Privacy Act 1988 (Cth) s 14 IPP 6. Under the Freedom of Information Act 1982 (Cth), an agency may refuse to grant access to the documents if their disclosure under the Act would found an action by a person for breach of confidence: Freedom of Information Act 1982 (Cth) ss 11, 45.

[211]Australian Law Reform Commission, Review of Australian Privacy Law, DP 72 (2007), Proposal 36–2.

[212]Ibid, Proposal 36–2.

[213] Suncorp-Metway Ltd, Submission PR 525, 21 December 2007; Centre for Law and Genetics, Submission PR 497, 20 December 2007; Office of the Victorian Privacy Commissioner, Submission PR 493, 19 December 2007; Insurance Council of Australia, Submission PR 485, 18 December 2007; Privacy NSW, Submission PR 468, 14 December 2007; ANZ, Submission PR 467, 13 December 2007; National Catholic Education Commission and Independent Schools Council of Australia, Submission PR 462, 12 December 2007; Australia Post, Submission PR 445, 10 December 2007; Avant Mutual Group Ltd, Submission PR 421, 7 December 2007; Australasian Compliance Institute, Submission PR 419, 7 December 2007; National Health and Medical Research Council, Submission PR 397, 7 December 2007. Some stakeholders indicated that their support for the removal of the employee records exemption was contingent upon the implementation of the proposal that there be an exception relating to confidential evaluative material: Insurance Council of Australia, Submission PR 485, 18 December 2007; National Catholic Education Commission and Independent Schools Council of Australia, Submission PR 462, 12 December 2007.

[214] The OVPC stated that the New South Wales provision has been interpreted so broadly that it effectively amounted to an employee records exemption: Office of the Victorian Privacy Commissioner, Submission PR 493, 19 December 2007, referring to Privacy and Personal Information Protection Act 1998 (NSW) s 4(3)(j); Y v Director General, Department of Education & Training [2001] NSWADT 149, [33], [36].

[215] Privacy NSW, Submission PR 468, 14 December 2007, referring to PN v Department of Education & Training [2006] NSWADT 122 (upheld in Department of Education & Training v PN (GD) [2006] NSWADTAP 66).

[216] National Legal Aid, Submission PR 521, 21 December 2007.

[217]Australian Privacy Foundation, Submission PR 553, 2 January 2008; Public Interest Advocacy Centre, Submission PR 548, 26 December 2007; Office of the Privacy Commissioner, Submission PR 499, 20 December 2007; Australian Industry Group and Australian Electrical and Electronic Manufacturers’ Association, Submission PR 494, 19 December 2007; Cyberspace Law and Policy Centre UNSW, Submission PR 487, 19 December 2007; P Youngman, Submission PR 394, 7 December 2007.

[218] Australian Privacy Foundation, Submission PR 553, 2 January 2008; Cyberspace Law and Policy Centre UNSW, Submission PR 487, 19 December 2007.

[219] See also Legal Aid Commission of New South Wales, Submission PR 107, 15 January 2007.

[220] Public Interest Advocacy Centre, Submission PR 548, 26 December 2007.

[221] Australian Privacy Foundation, Submission PR 553, 2 January 2008; Public Interest Advocacy Centre, Submission PR 548, 26 December 2007; Office of the Privacy Commissioner, Submission PR 499, 20 December 2007.

[222] NPP 6.1(g). The OPC has issued guidelines stating that this exception would cover circumstances where providing access would be a breach of confidence: Office of the Federal Privacy Commissioner, Unlawful Activity and Law Enforcement, Information Sheet 7 (2001), 4.

[223] Office of the Privacy Commissioner, Submission PR 499, 20 December 2007.

[224] Australian Privacy Foundation, Submission PR 553, 2 January 2008; Public Interest Advocacy Centre, Submission PR 548, 26 December 2007; Cyberspace Law and Policy Centre UNSW, Submission PR 487, 19 December 2007.

[225] Suncorp-Metway Ltd, Submission PR 525, 21 December 2007; Australian Industry Group and Australian Electrical and Electronic Manufacturers’ Association, Submission PR 494, 19 December 2007.

[226] Suncorp-Metway Ltd, Submission PR 525, 21 December 2007.

[227] Australian Chamber of Commerce and Industry, Submission PR 452, 7 December 2007; Retail Motor Industry, Submission PR 407, 7 December 2007.

[228] Australian Chamber of Commerce and Industry, Submission PR 452, 7 December 2007.

[229] GE Money Australia, Submission PR 537, 21 December 2007; Law Council of Australia, Submission PR 527, 21 December 2007; Telstra Corporation Limited, Submission PR 459, 11 December 2007; Australian Chamber of Commerce and Industry, Submission PR 452, 7 December 2007.

[230] GE Money Australia, Submission PR 537, 21 December 2007.

[231] Recruitment and Consulting Services Association Australia & New Zealand, Submission PR 353, 30 November 2007.

[232] Confidential, Submission PR 536, 21 December 2007; Avant Mutual Group Ltd, Submission PR 421, 7 December 2007; National Australia Bank, Submission PR 408, 7 December 2007.

[233] Confidential, Submission PR 536, 21 December 2007; Avant Mutual Group Ltd, Submission PR 421, 7 December 2007.

[234] Confidential, Submission PR 536, 21 December 2007; National Australia Bank, Submission PR 408, 7 December 2007.

[235] National Australia Bank, Submission PR 408, 7 December 2007.

[236] National Catholic Education Commission and Independent Schools Council of Australia, Submission PR 462, 12 December 2007.

[237] Australian Bankers’ Association Inc, Submission PR 567, 11 February 2008; Confidential, Submission PR 536, 21 December 2007; Optus, Submission PR 532, 21 December 2007; Australian Chamber of Commerce and Industry, Submission PR 452, 7 December 2007; National Australia Bank, Submission PR 408, 7 December 2007.

[238] Telstra also argued that the removal of the employee records exemption could hinder the effectiveness of fitness for duty assessments and investigation of out-of-hours conduct for return-to-work programs under a workers compensation scheme: Telstra Corporation Limited, Submission PR 459, 11 December 2007.

[239] Ibid.

[240] Law Council of Australia, Submission PR 527, 21 December 2007; Office of the Health Services Commissioner (Victoria), Submission PR 153, 30 January 2007. The Law Council of Australia suggested that, alternatively, this class of records should be regulated by the UPPs generally, but should not be subject to the ‘Access and Correction’ principle: Law Council of Australia, Submission PR 527, 21 December 2007.

[241] Confidential, Submission PR 529, 21 December 2007.

[242]Law Council of Australia, Submission PR 527, 21 December 2007; National Catholic Education Commission and Independent Schools Council of Australia, Submission PR 462, 12 December 2007; Telstra Corporation Limited, Submission PR 459, 11 December 2007.

[243] National Health and Medical Research Council, Submission PR 397, 7 December 2007.

[244] Australian Chamber of Commerce and Industry, Submission PR 452, 7 December 2007.

[245] Recruitment and Consulting Services Association Australia & New Zealand, Submission PR 353, 30 November 2007.

[246] Australian Chamber of Commerce and Industry, Submission PR 452, 7 December 2007. See also Australian Bankers’ Association Inc, Submission PR 567, 11 February 2008.

[247] The references still would be accessible by the process of discovery in legal proceedings. In the case of employers that are agencies, such materials would be subject to the provisions of the Freedom of Information Act 1982 (Cth).

[248]Privacy Act 1988 (Cth) ss 7B(1), 16E. The ALRC has expressed the view that the Privacy Act should retain an exemption for personal and non-business use of personal information: see Ch 43.

[249] See New Zealand Privacy Commissioner, ‘It isn’t Hard to be Fair …’ (2005) 55 Private Word 4.

[250] See, eg, Disability Discrimination Act 1992 (Cth) s 15; Anti-Discrimination Act 1977 (NSW) s 49D; Anti-Discrimination Act 1991 (Qld) s 14.