17.08.2010
58.14 Consumer groups and regulators have identified ongoing problems with the data quality of credit reporting information. Other stakeholders also provided perspectives on the extent and nature of data quality problems in the credit reporting system. This chapter highlights a number of specific issues concerning data quality before discussing means to ensure and improve data quality more generally.
58.15 Where specific concerns about data quality are serious and well-defined, and the solution is reasonably clear, it may be appropriate to deal with them through specific provisions of the new Privacy (Credit Reporting Information) Regulations. In other cases, matters may be dealt with more effectively through detailed data quality requirements in the credit reporting code,[17] subject to the overriding obligation to ensure that personal information is accurate, complete, up-to-date and relevant under the ‘Data Quality’ principle.
Statute-barred debts
58.16 The Credit Reporting Code of Conduct states that a credit provider must not give to a credit reporting agency information about an individual being overdue in making a payment where recovery of the debt by the credit provider is barred by the statute of limitations.[18] Section 18E(1)(ba)(i) of the Privacy Act prevents defaults from being listed against a guarantor’s credit information file where a credit provider is ‘prevented under any law of the Commonwealth, a State or a Territory from bringing proceedings against the individual to recover the amount of the overdue payment’.
58.17 There is, however, no parallel provision applying to the credit information files of other individuals. In DP 72, the ALRC proposed that the new Privacy (Credit Reporting Information) Regulations should prohibit expressly the listing of any overdue payment where the credit provider is prevented under any law of the Commonwealth, a State or a Territory from bringing proceedings against the individual to recover the amount of the overdue payment.[19]
Submissions and consultations
58.18 Stakeholders generally agreed that the new regulations should prohibit expressly the listing of statute-barred debts and ensure that borrowers and guarantors are treated consistently.[20]
58.19 The Australasian Retail Credit Association (ARCA) agreed with such a prohibition, but considered that the relevant provisions should be located in the credit reporting code, rather than in regulations.[21] ARCA and Veda Advantage emphasised that the implementation of the recommendation should not prevent the listing of defaults before bankruptcy.[22] ARCA stated:
In the instance of bankruptcy, pre-existing listings should remain on the record with no requirement to delete all listings predating the bankruptcy. Those listings will remain for the usual retention period and the listing of the bankruptcy will inform the status of those debts.[23]
58.20 The Australian Finance Conference (AFC) noted that the law in relation to the collection of statute-barred debts is extremely complex, particularly because of the lack of uniformity between the legislative requirements in the different states and territories.[24]
ALRC’s view
58.21 The rationales for statutory limitation periods on the enforceability of debts have been described as follows:
First, as time goes by, relevant evidence is likely to be lost. Second, it is oppressive, even ‘cruel’, to a defendant to allow an action to be brought long after the circumstances which gave rise to it have passed. Third, people should be able to arrange their affairs and utilise their resources on the basis that claims can no longer be made against them … The final rationale for limitation periods is that the public interest requires that disputes be settled as quickly as possible.[25]
58.22 While making an adverse credit listing is not the same as taking legal action to recover a debt, both actions may have negative consequences for the individual concerned and, with the passage of time, be more difficult to contest. Allowing the listing of statute-barred debts on credit information files is inconsistent with the public policy behind statutory limitation periods. The new Privacy (Credit Reporting Information) Regulations should prohibit expressly the listing of statute-barred debts.
58.23 At law, proceedings to recover a statute-barred debt can be commenced in all jurisdictions except New South Wales. The legislation in other states provides a complete defence to legal proceedings, but does not extinguish the underlying debt.[26]
58.24 The new Privacy (Credit Reporting Information) Regulations should, therefore, prohibit the listing of any overdue payment where the credit provider is prevented under any law of the Commonwealth, a state or a territory from bringing proceedings against the individual to recover the amount of the overdue payment; or where any relevant statutory limitation period has expired.
Recommendation 58-1 The new Privacy (Credit Reporting Information) Regulations should prohibit expressly the listing of any overdue payment where the credit provider is prevented under any law of the Commonwealth, a state or a territory from bringing proceedings against the individual to recover the amount of the overdue payment; or where any relevant statutory limitation period has expired.
Schemes of arrangement
58.25 There is some ambiguity about the application of credit reporting provisions where the individual enters into a new arrangement with the credit provider to repay the debt, such as by entering into a scheme of arrangement.
58.26 Under the Credit Reporting Code of Conduct, a note indicating that a scheme of arrangement has been entered into by the individual and a credit provider only may be listed where an overdue payment or serious credit infringement previously has been listed.[27] OPC guidance states that
A credit provider may only report an arrangement for repayment to a credit reporting agency where the arrangement relates to an overdue payment or serious credit infringement which has been reported by the credit provider to the credit reporting agency. An arrangement for repayment may only be reported to a credit reporting agency where it is a formal written arrangement involving a substantial renegotiation of the terms of the loan. An arrangement would normally involve a significant variation of the individual’s obligations with regard to one or more of the main elements of the contract such as the period of the loan, or the size and frequency of repayments. For [these purposes] an arrangement would not include, for example, a verbal agreement to allow a one-off late payment.[28]
58.27 In its credit reporting advice summaries, the OPC has stated that where a scheme of arrangement is entered into the ‘new situation is not regarded as being information about the same default as the original entry’.[29] If payments become overdue under the new arrangement, therefore, a new default entry may be listed and remain on the individual’s credit information file for a further five-year period.
Discussion Paper proposal
58.28 In DP 72, the ALRC proposed that the new Privacy (Credit Reporting Information) Regulations should provide that, where the individual has entered into a new arrangement with a credit provider to repay an existing debt, such as by entering into a scheme of arrangement with the credit provider, an overdue payment under the new arrangement may be listed and remain part of the individual’s credit reporting information for the full five-year period permissible under the regulations.[30]
Submissions and consultations
58.29 Industry and consumer stakeholders generally supported the ALRC proposal.[31] The OPC submitted that the new regulations also should provide that an overdue payment under the new arrangement only may be listed after the requirements for listing a default have been met.[32] The OPC agreed that the definition of schemes of arrangement should be consistent with the current interpretation in the Credit Reporting Code of Conduct.[33]
58.30 ARCA noted that it has developed standards for reporting schemes of arrangement to credit reporting agencies. The purpose of the standards is to encourage ARCA members to use the reporting of schemes of arrangements ‘more consistently as an indication that the creditor and the defaulter have reached a mutual agreement for the resolution of the outstanding debt’. The ARCA standard departs from existing practices by allowing a scheme of arrangement to be listed without the need for a default listing; and anticipates that the record of a scheme of arrangement will be deleted from credit reporting information after a period shorter than that applicable to default listings.[34]
ALRC’s view
58.31 If an overdue payment under a scheme of arrangement recommences a new five- year listing period, an individual may be subject to adverse credit reporting information resulting from a default first made ten (or more) years ago. On the other hand, if a new listing period is not commenced, an individual’s credit reporting information may not show that the individual is in default under a scheme of arrangement because the time period for the original debt has expired.
58.32 The preferable position is that a new listing period should commence. This is consistent with the OPC’s interpretation of the existing provisions of Part IIIA. Any other position may lead to confusion about what constitutes the ‘same’ debt, including for example, where several debts are consolidated.
58.33 The Privacy (Credit Reporting Information) Regulations should provide that where the individual has entered into a new arrangement with a credit provider to repay an existing debt—such as by entering into a scheme of arrangement with the credit provider—an overdue payment under the new arrangement may be listed and remain part of the individual’s credit reporting information for the full five-year period permissible under the regulations.
58.34 For these purposes, a new credit arrangement should mean a formal written arrangement involving a substantial renegotiation of the terms of the loan. As stated in existing OPC guidance, an arrangement would normally involve a significant variation of the individual’s obligations with regard to one or more of the main elements of the contract such as the period of the loan, or the amount and frequency of repayments.[35]
58.35 A related issue is whether regulation should permit a scheme of arrangement to be listed, without the need for a default to be listed first. It has been suggested that such a listing could be made subject to a shorter retention period than other adverse listings.
58.36 Arguably, such a reform would encourage credit providers to assist individual consumers to manage potential default and avoid the detrimental implications of a default listing. Any such proposal would need to ‘balance the prevention of over-indebtedness with the desirability of preserving consumer options to reduce their financial difficulties by refinancing on more favourable terms’.[36]
58.37 Such a reform would require changes to recommended provisions with respect to the permitted content of credit reporting information;[37] and maximum permissible periods for retention of credit reporting information.[38] The ALRC is not convinced that allowing the reporting of schemes of arrangement without a default report being listed first is desirable—especially in the absence of any significant support from consumer groups for such a reform.
Recommendation 58-2 The new Privacy (Credit Reporting Information) Regulations should provide that where the individual has entered into a new arrangement with a credit provider to repay an existing debt—such as by entering into a scheme of arrangement with the credit provider—an overdue payment under the new arrangement may be listed and remain part of the individual’s credit reporting information for the full five-year period permissible under the regulations.
Reporting overdue payments
58.38 Section 18E(1)(b)(vi) permits the inclusion in credit information files of information that is a record of:
(vi) credit provided by a credit provider to an individual, being credit in respect of which:
(A) the individual is at least 60 days overdue in making a payment, including a payment that is wholly or partly a payment of interest; and
(B) the credit provider has taken steps to recover the whole or any part of the amount of credit (including any amounts of interest) outstanding …
58.39 Stakeholders raised a range of issues concerning the timing, calculation and multiple listing of overdue payments under this provision.
Timing
58.40 There is no maximum period of time before which an overdue payment must be listed[39] and the default reporting practices of credit providers vary considerably.[40] For example, there can be a significant delay (of three years or more in some cases) between a payment falling due and a telecommunications provider reporting the default to a credit reporting agency.[41]
Calculation
58.41 Section 18E(1)(b)(vi) does not deal expressly with reporting the amount of debt, and there is some uncertainty about the amount of debt that should be reported in respect to particular defaults. The position is complicated by the fact that some credit contracts have acceleration clauses. An acceleration clause is a term of a contract providing that on the occurrence or non-occurrence of a particular event (such as an overdue payment), the credit provider becomes entitled to immediate payment of all, or a part of, an amount under the contract that would not otherwise have been immediately payable.[42]
58.42 In the OPC’s view, under s 18E(1)(b)(vi), ‘the aggregate components of the listed amount must all be 60 days overdue’. The OPC suggested, nevertheless, that this provision may ‘need to be re-drafted to make this position clearer’.[43] Some stakeholders considered that the rules should clarify that changes to amounts owing should be made by updating the original default—that is, by altering rather than adding information.[44]
Multiple listing
58.43 Other concerns relate to multiple adverse listings in respect of the same debt. Multiple listing may occur in a range of circumstances, including:
A credit provider lists an overdue payment and then makes further listings to update the amount, or record another overdue payment for the same debt. This can extend the period that an overdue payment listing remains on a credit information file—potentially to the maximum term of the loan plus the five-year period prescribed by s 18F(2)(c).
A credit provider assigns a debt and the assignee automatically lists the overdue payments without checking whether the credit provider has already listed the debt; or because the assignee uses information different from that used by the original credit provider—making it difficult to determine whether the debt is the same debt.
A credit provider lists an overdue payment and later lists a serious credit infringement with respect to the same debt. This can extend the period that an adverse listing remains on a credit information file—potentially to five years plus the seven year period prescribed by s 18F(2)(g).
58.44 Stakeholders confirmed a continuing problem with multiple listings.[45] The Telecommunications Industry Ombudsman noted, for example, that it is not uncommon for consumers to have multiple contacts with a telecommunications service provider in order to make repayment arrangements. This can sometimes lead to multiple default listings, extending the period of adverse listing for the same debt.[46]
58.45 The credit reporting provisions do not clearly prohibit multiple listing. The OPC takes the view—based on the interaction between ss 18E and 18F—that multiple listings for the same default are not permitted by Part IIIA.[47]
Linking files
58.46 A related issue concerns the linking of credit information files. Credit reporting information may be inaccurate because the individual has been identified incorrectly and credit reporting agencies may seek to avoid incorrect identification by linking files. For example, Veda Advantage stated that, where an individual ‘uses two or more sets of identity details to obtain credit, we will hold a file for each identity and link them via a cross reference segment’.[48]
58.47 In practical terms, the linking of files means that when an affected individual makes a credit application and the credit provider makes an inquiry, all the linked files can be accessed.[49] It has been suggested that there should be provisions to regulate the linking of credit information files. The OPC has expressed concern that individuals may not be notified when their credit information file has been linked, and are unlikely to become aware of the linkage unless they are refused credit.[50]
Discussion Paper proposal
58.48 In DP 72, the ALRC expressed the view that detailed data quality requirements should generally be dealt with in the credit reporting code. For example, the means to ensure consistency in the timing and calculation of reporting overdue payments and to avoid multiple listings were considered to be matters that should be pursued through a credit reporting code, rather than in regulations.[51]
58.49 The ALRC proposed that the credit reporting code should promote data quality by mandating procedures to ensure consistency and accuracy in the reporting of overdue payments and other personal information by credit providers. These procedures should deal with matters including:
the timeliness of the reporting of personal information, such as overdue payments;
the calculation of overdue payments for credit reporting purposes;
obligations to prevent the multiple listing of the same debt;
the updating of personal information reported, including where schemes of arrangement have been entered into; and
the linking of credit reporting information where it is unclear whether the information relates to more than one individual with similar identifying details or to one individual who has used different identifying details.[52]
Submissions and consultations
58.50 There is consensus between industry and consumer groups about the importance of ensuring quality of credit reporting information. As stated by Abacus–Australian Mutuals, ensuring data quality is ‘one of the biggest challenges for all users—consumers and business alike—of the credit reporting systems’.[53] The Consumer Credit Legal Centre (NSW) (CCLC) noted:
Inaccuracies disadvantage consumers because they create the potential to be unfairly denied credit and pursued for debts that do not belong to them. It also disadvantages credit providers because they are less able to rely on credit report information as an accurate gauge of a person’s creditworthiness and leads to inefficiencies in the credit system.[54]
58.51 There is less agreement about the extent of existing data quality problems, or what should be done to remedy them. Submissions from consumers and industry highlighted a range of problems with the accuracy, timeliness and completeness of credit reporting information. On the other hand, some degree of data inaccuracy may be expected in a high-volume and complex information-processing environment such as credit reporting. Veda Advantage submitted:
Despite the anecdotal evidence to the contrary, independent research demonstrates that the data quality is very high given the highly transactional nature of the data base with over 80,000 real time transactions a day.[55]
Role of the credit reporting code
58.52 There was broad agreement that the credit reporting code should deal with operational data quality issues.[56] Some stakeholders submitted, however, that a number of the data quality issues listed in the ALRC’s proposal should be covered by the new regulations.[57]
58.53 The Cyberspace Law and Policy Centre, for example, stated that it supported ‘an industry code to deal with residual data quality issues’ but, as discussed below, the timeliness of overdue payment listing and multiple listing should be dealt with in the regulations.
We disagree with the ALRC that most data quality requirements can be left to an industry code … Experience to date shows that there are a range of known data quality problems in credit reporting which the existing regulatory framework has been unable to resolve. While there has been significant progress on some of these issues through voluntary industry–consumer consultations, we submit that more of the known issues need to be addressed in the Regulations.[58]
58.54 Similarly, the OPC agreed that ‘detailed operational’ matters should be dealt with in the proposed credit reporting code, but considered that a range of matters relating to data quality should be prescribed in the new regulations.[59]
58.55 Galexia criticised the proposed allocation of data quality obligations between the legislation and the credit reporting code.
The ALRC appears to be suggesting an unusual regulatory arrangement—where the issue is simple and the solution is clear the requirements can be set out in the Regulations, but where the issue is complex and the solution is unclear it should be dealt with by a potential industry Code.[60]
58.56 Galexia stated that the better approach would be for ‘core data accuracy’ requirements to be located in the new regulations, with supplementary industry rules about data consistency addressed in the code.[61]
Reporting overdue payments
58.57 Stakeholders emphasised the need for more consistency in relation to the reporting of overdue payments.[62] Some disagreed, however, that these data quality requirements should be dealt with in the credit reporting code rather than in regulations.
58.58 The OPC stated that credit reporting requires a certain level of prescription, including in relation to data quality obligations. The OPC submitted that matters relating to data quality that should be prescribed in the new regulations include:
a maximum period of time by which listing of an overdue payment must occur;
a general principle for the calculation of overdue payments, based on the existing requirement in s 18E(1)(b)(vi);
a prohibition on multiple listings in relation to the same overdue payment, but allowing credit providers to update listings; and
a general requirement for credit providers and credit reporting agencies to take reasonable steps to prevent inaccuracies arising from the linking of credit files.[63]
58.59 Other stakeholders suggested that regulations should provide for a maximum period of time—such as 12 months[64]—before which an overdue payment must be listed.[65] Legal Aid Queensland stated:
This would prevent credit providers listing many years after the default, prevent listing after the limitation period has expired and prevent arguments by the credit provider that the consumer has revived the debt and they are therefore entitled to list.[66]
58.60 The Cyberspace Law and Policy Centre also submitted that the new regulations should provide that overdue payments must be listed within 12 months; and should allow the updating of an existing listing to avoid multiple listing of the same default.[67] The Financial Counsellors Association of Queensland submitted that the regulations should require credit providers to provide updating information to a credit reporting agency within 30 days; and credit reporting agencies to process the update within 14 days of receipt.[68]
Systemic data quality issues
58.61 Several stakeholders submitted that the new regulations or the credit reporting code should also place obligations on credit providers and credit reporting agencies to deal with systemic data quality issues.[69]
58.62 The Consumer Action Law Centre submitted that the code should be expanded to impose an obligation on credit providers and credit reporting agencies to report systemic errors to the OPC.
Reporting could include information about the credit provider’s (or CRA’s) response to the errors, and subsequent reporting of the action taken. Failure to report systemic issues should lead to significant penalties, as we suspect that otherwise there would be little incentive to make such reports. Similar obligations to report significant breaches of regulatory obligations to the regulator in the financial services sector has contributed to many systemic issues being identified and addressed by industry in a timely manner.[70]
58.63 The Cyberspace Law and Policy Centre supported this suggestion and submitted that the new regulations (rather than the code) should ‘require credit providers and credit reporting agencies to report systemic data quality problems, and the remedial action taken, to the Privacy Commissioner’.[71] The Centre submitted that the regulations should contain obligations similar to those in the existing Credit Reporting Code of Conduct, which provide that a credit reporting agency, when it becomes aware that information supplied by a credit provider may be inaccurate, should request the credit provider to investigate the accuracy of other files that may be similarly affected.[72]
ALRC’s view
Prescribing data quality standards
58.64 Determining whether particular credit reporting information is ‘accurate, up-to-date’ and ‘complete’ in terms of the ‘Data Quality’ principle—and ‘not misleading’ in terms of the access and correction provision of the new regulations[73]—will not always be a simple matter. For example, where a debt is disputed, the ‘accuracy’ of the information may be dependent on a determination of the legal rights of the parties. Information may be ‘accurate’ in terms of reflecting, for example, the amount owed by an individual at the time a credit report is issued, but not comply with data quality standards because the individual is not 60 days overdue, as required by the legislation.[74]
58.65 The concept of completeness is also problematic, for example, in relation to the timing of default reporting. There is a tension, in this context, between the use of credit reporting in credit risk assessment and debt management (and debt collection). At the risk assessment ‘front-end’, the concern of credit providers is that the credit report provides up-to-date and complete information relevant to the credit worthiness of the individual to whom it relates. Once an individual has gone into arrears, however, a credit provider’s decision on whether to list the default may be subject to other considerations—including how best to encourage repayment or to manage over commitment (for example, through a scheme of arrangement).
58.66 Privacy principles should ensure that credit reporting agencies and credit providers are obliged to take reasonable steps to ensure the data quality of credit reporting information. The complexity of data quality issues in credit reporting means that more prescriptive regulation is generally undesirable. Prescriptive requirements may unnecessarily increase the cost of compliance with the Privacy Act and transaction costs in the finance industry generally, without any significant benefit in terms of data quality.
Overdue payment reporting
58.67 In particular, consistency in the timing and calculation of default reporting is a matter that should be pursued through the credit reporting code. In this context, credit providers, through ARCA, have been working towards the development and implementation of industry reporting standards dealing with the reporting of overdue payments; and schemes of arrangement.[75]
58.68 When developing the default reporting standard, ARCA examined ways to reconcile differences between credit providers’ internal accounting and reporting procedures and the reporting of overdue payments allowed by the credit reporting provisions of the Privacy Act. ARCA’s aim is to encourage credit providers to move to a consistent default reporting standard, based on reporting the full amount outstanding at the time of listing.[76]
58.69 Instead of improving data quality, attempts to prescribe approaches to these matters by regulation would create new difficulties and ambiguities. It also could constrain the ability of industry to respond flexibly to data quality and consistency problems. In particular, a separate legislative prohibition on multiple listing is unnecessary, given that multiple listing of the same debt probably would constitute a breach of the requirements in the UPPs that credit reporting information be ‘accurate’ and ‘not misleading’.
Conclusion
58.70 With some exceptions (as in the case of the listing of statute-barred debts), it is more appropriate to leave detailed data quality requirements to be dealt with in the recommended credit reporting code. This code should be developed with input from consumer groups and regulators.
58.71 If industry self-regulation is not successful in addressing the existing problems, including through a credit reporting code, further regulation should be considered—at least with respect to some basic elements of default reporting, such as time limits and requirements to report the full amount outstanding at the time of listing.
58.72 In Chapter 54, the ALRC recommends that the Australian Government, five years from the commencement of the new Privacy (Credit Reporting Information) Regulations should initiate a review of the regulations.[77] One matter this review should consider is whether further regulation is required to ensure the data quality of credit reporting information. If the review indicates that industry self-regulation is not successful in addressing data quality problems such as those discussed in this chapter, further regulation should be considered.
Recommendation 58-3 The credit reporting code should promote data quality by setting out procedures to ensure consistency and accuracy of credit reporting information. These procedures should deal with matters including:
(a) the timeliness of the reporting of credit reporting information;
(b) the calculation of overdue payments for credit reporting purposes;
(c) obligations to prevent the multiple listing of the same debt;
(d) the updating of credit reporting information; and
(e) the linking of credit reporting information relating to individuals who may or may not be the same individual.
[17] See Rec 54–9.
[18] Office of the Federal Privacy Commissioner, Credit Reporting Code of Conduct (1991), [2.8]. See also B v Credit Provider [2004] PrivCmrA 2; Q v Credit Provider 2 [2004] PrivCrimA 16.
[19]Australian Law Reform Commission, Review of Australian Privacy Law, DP 72 (2007), Proposal 54–1.
[20] Australian Privacy Foundation, Submission PR 553, 2 January 2008; Consumer Action Law Centre, Submission PR 510, 21 December 2007; Office of the Privacy Commissioner, Submission PR 499, 20 December 2007; Veda Advantage, Submission PR 498, 20 December 2007; Cyberspace Law and Policy Centre UNSW, Submission PR 487, 19 December 2007; Law Society of New South Wales, Submission PR 443, 10 December 2007; Dun & Bradstreet (Australia) Pty Ltd, Submission PR 401, 7 December 2007; Australian Finance Conference, Submission PR 398, 7 December 2007. The Mortgage and Finance Association of Australia opposed the proposal: Mortgage and Finance Association of Australia, Submission PR 344, 19 November 2007.
[21]Australasian Retail Credit Association, Submission PR 352, 29 November 2007. Also: GE Money Australia, Submission PR 537, 21 December 2007; National Australia Bank, Submission PR 408, 7 December 2007.
[22] Veda Advantage, Submission PR 498, 20 December 2007; Australasian Retail Credit Association, Submission PR 352, 29 November 2007. On a bankruptcy, the bankrupt is discharged from all provable debts and creditors are prevented by law from taking action to recover those debts—although they may then lodge claims in bankruptcy with the trustee in bankruptcy: See Bankruptcy Act 1966 (Cth).
[23]Australasian Retail Credit Association, Submission PR 352, 29 November 2007. See Bankruptcy Act 1966 (Cth).
[24]Australian Finance Conference, Submission PR 398, 7 December 2007.
[25]Brisbane South Regional Health Authority v Taylor (1996) 186 CLR 541, 552–553.
[26]Legal Aid Queensland, Submission PR 489, 19 December 2007.
[27] Office of the Federal Privacy Commissioner, Credit Reporting Code of Conduct (1991), [2.10].
[28] Ibid, [55E].
[29] Office of the Privacy Commissioner, Credit Reporting Advice Summaries (2001), [9.3].
[30]Australian Law Reform Commission, Review of Australian Privacy Law, DP 72 (2007), Proposal 54–2.
[31] Australian Privacy Foundation, Submission PR 553, 2 January 2008; Veda Advantage, Submission PR 498, 20 December 2007; Law Society of New South Wales, Submission PR 443, 10 December 2007; National Australia Bank, Submission PR 408, 7 December 2007; Dun & Bradstreet (Australia) Pty Ltd, Submission PR 401, 7 December 2007; Financial Counsellors Association of Queensland, Submission PR 371, 30 November 2007. The Australian Finance Conference stated that this matter should be dealt with in ‘protocols’ rather than by regulation: Australian Finance Conference, Submission PR 398, 7 December 2007.
[32]Office of the Privacy Commissioner, Submission PR 499, 20 December 2007
[33] Office of the Federal Privacy Commissioner, Credit Reporting Code of Conduct (1991), [55E].
[34]Australasian Retail Credit Association, Submission PR 352, 29 November 2007.
[35] See Office of the Federal Privacy Commissioner, Credit Reporting Code of Conduct (1991), [55E]. This would include changes to a debtor’s obligations under the Consumer Credit Code ss 66–67.
[36] Consumer Credit Legal Centre (NSW) Inc, Submission PR 255, 16 March 2007; Consumer Credit Legal Centre (NSW) Inc, Credit Reporting Research Report (2007), 110, rec 26.
[37] See Ch 56.
[38] See Rec 58–5.
[39] Subject to Privacy Act 1988 (Cth) s 18E(1)(ba) (dealing with statute-barred debts and guarantors); s 18F (deletion of information from credit information files).
[40] See also the discussion of reciprocity and compulsory reporting in Ch 55.
[41] Telecommunications Industry Ombudsman, Submission PR 221, 8 March 2007.
[42]Consumer Credit Code s 84.
[43] Office of the Privacy Commissioner, Submission PR 281, 13 April 2007.
[44] N Waters—Cyberspace Law and Policy Centre UNSW, Submission PR 277, 3 April 2007; Australian Privacy Foundation, Submission PR 275, 2 April 2007; Consumer Credit Legal Centre (NSW) Inc, Submission PR 255, 16 March 2007; Consumer Credit Legal Centre (NSW) Inc, Credit Reporting Research Report (2007), rec 28.
[45] Legal Aid Queensland, Submission PR 292, 11 May 2007; N Waters—Cyberspace Law and Policy Centre UNSW, Submission PR 277, 3 April 2007; Consumer Action Law Centre, Submission PR 274, 2 April 2007; Min-it Software, Submission PR 236, 13 March 2007; Telecommunications Industry Ombudsman, Submission PR 221, 8 March 2007.
[46] Telecommunications Industry Ombudsman, Submission PR 221, 8 March 2007.
[47] Office of the Privacy Commissioner, Submission PR 281, 13 April 2007.
[48]Veda Advantage, Submission PR 272, 29 March 2007.
[49] Office of the Privacy Commissioner, Submission PR 281, 13 April 2007.
[50] Ibid.
[51]Australian Law Reform Commission, Review of Australian Privacy Law, DP 72 (2007), [54.17], [54.26].
[52]Ibid, Proposal 54–5.
[53] Abacus–Australian Mutuals, Submission PR 278, 10 April 2007.
[54] Consumer Credit Legal Centre (NSW) Inc, Credit Reporting Research Report (2007), 123.
[55] Veda stated that a 2006 pilot study of 400 consumers who had recently obtained a copy of their credit information file showed: 95% of the credit file segments were entirely accurate; 4% contained a minor error, such as incorrect spelling of personal details; and 1% reported a major error with their file, such as an incorrect credit inquiry or default report listing: Veda Advantage, Submission PR 272, 29 March 2007.
[56]GE Money Australia, Submission PR 537, 21 December 2007; Consumer Action Law Centre, Submission PR 510, 21 December 2007; Office of the Privacy Commissioner, Submission PR 499, 20 December 2007; Legal Aid Queensland, Submission PR 489, 19 December 2007; HBOS Australia, Submission PR 475, 14 December 2007; ANZ, Submission PR 467, 13 December 2007; Law Society of New South Wales, Submission PR 443, 10 December 2007; National Australia Bank, Submission PR 408, 7 December 2007; Dun & Bradstreet (Australia) Pty Ltd, Submission PR 401, 7 December 2007; Australian Finance Conference, Submission PR 398, 7 December 2007; Australasian Retail Credit Association, Submission PR 352, 29 November 2007. Telstra objected to locating data quality provisions in the proposed code, on the basis that it would lead to ‘inflexibility and inappropriate results’: Telstra Corporation Limited, Submission PR 459, 11 December 2007.
[57]Australian Privacy Foundation, Submission PR 553, 2 January 2008; Office of the Privacy Commissioner, Submission PR 499, 20 December 2007; Cyberspace Law and Policy Centre UNSW, Submission PR 487, 19 December 2007.
[58]Cyberspace Law and Policy Centre UNSW, Submission PR 487, 19 December 2007. Also Australian Privacy Foundation, Submission PR 553, 2 January 2008.
[59]Office of the Privacy Commissioner, Submission PR 499, 20 December 2007.
[60] Galexia Pty Ltd, Submission PR 465, 13 December 2007.
[61] Ibid.
[62] For example, Office of the Privacy Commissioner, Submission PR 499, 20 December 2007; Legal Aid Queensland, Submission PR 489, 19 December 2007; Cyberspace Law and Policy Centre UNSW, Submission PR 487, 19 December 2007; Australasian Retail Credit Association, Submission PR 352, 29 November 2007.
[63]Office of the Privacy Commissioner, Submission PR 499, 20 December 2007.
[64] Legal Aid Queensland, Submission PR 489, 19 December 2007; Cyberspace Law and Policy Centre UNSW, Submission PR 487, 19 December 2007; Consumer Action Law Centre, Submission PR 274, 2 April 2007; Consumer Credit Legal Centre (NSW) Inc, Submission PR 255, 16 March 2007; Consumer Credit Legal Centre (NSW) Inc, Credit Reporting Research Report (2007), rec 12.
[65] Legal Aid Queensland, Submission PR 489, 19 December 2007; Office of the Privacy Commissioner, Submission PR 281, 13 April 2007; Consumer Credit Legal Centre (NSW) Inc, Submission PR 255, 16 March 2007; Consumer Credit Legal Centre (NSW) Inc, Credit Reporting Research Report (2007), rec 12; Telecommunications Industry Ombudsman, Submission PR 221, 8 March 2007.
[66]Legal Aid Queensland, Submission PR 489, 19 December 2007.
[67]Cyberspace Law and Policy Centre UNSW, Submission PR 487, 19 December 2007.
[68]Financial Counsellors Association of Queensland, Submission PR 371, 30 November 2007.
[69] Australian Privacy Foundation, Submission PR 553, 2 January 2008; Consumer Action Law Centre, Submission PR 510, 21 December 2007; Cyberspace Law and Policy Centre UNSW, Submission PR 487, 19 December 2007.
[70]Consumer Action Law Centre, Submission PR 510, 21 December 2007.
[71]Cyberspace Law and Policy Centre UNSW, Submission PR 487, 19 December 2007.
[72] Office of the Federal Privacy Commissioner, Credit Reporting Code of Conduct (1991), [1.4].
[73] See Ch 59.
[74]Privacy Act 1988 (Cth) s 18(1)(vi)(A).
[75] Australasian Retail Credit Association, Submission PR 352, 29 November 2007, App 6 ‘ARCA standard on default reporting as agreed with BFSO October 2006; App 7 ‘ARCA standard on recording schemes of arrangement’.
[76] Ibid.
[77]Rec 54–8.