Criminal liability


46.60 The Commissioner and his or her staff and delegates are subject to criminal liability in some circumstances. It is an offence for the Commissioner or a member of his or her staff (present and past) to disclose, use or make a record of information acquired about a person in the performance of that role, other than to do something permitted or required by the Privacy Act.[76] Such a person is not obliged to divulge or communicate that information except as required or permitted by the Privacy Act.[77] Similar secrecy provisions are found in other federal legislation and state privacy legislation.[78]

ALRC’s view

46.61 In DP 72, the ALRC noted that the OPC supported the retention of the above provisions. The OPC submitted that these were consistent with secrecy and non-disclosure provisions in other Commonwealth legislation.[79] The ALRC has concluded that the current secrecy provisions are appropriate and has not made any recommendations on these matters.[80] The liability of the Commissioner to criminal sanctions for disclosure of certain information is appropriate and the provisions, as noted above, are consistent with other relevant legislation.

[76]Privacy Act 1988 (Cth) s 96(1), (3). The offence is punishable by a penalty of $5,000 or imprisonment for one year, or both. Note that the OPC released its new layered privacy policy (which sets out its personal information-handling practices) in August 2006: Office of the Privacy Commissioner, Privacy Policy (2006).

[77]Privacy Act 1988 (Cth) s 96(2), (4).

[78] See, eg, Ombudsman Act 1976 (Cth) ss 35, 35A; Migration Act 1958 (Cth) s 377; Privacy and Personal Information Protection Act 1998 (NSW) s 67; Information Privacy Act 2000 (Vic) s 67.

[79] Office of the Privacy Commissioner, Submission PR 215, 28 February 2007.

[80] This issue was not raised in submissions other than by the OPC.