17.08.2010
73.156 Many small businesses that use spam or engage in telemarketing are exempt from compliance with the Privacy Act.[187] Further, the definition of ‘personal information’ in the Privacy Act may not cover information that enables individuals to be contacted, such as email addresses that do not contain a person’s name.[188]
73.157 In addition, NPP 2 does not apply to, or restrict, the use of personal information for the primary purpose for which it was collected, which could be to engage in telemarketing. NPP 2.1 also expressly authorises organisations to use personal information for the secondary purpose of direct marketing (which includes telemarketing) in certain circumstances—although an organisation that uses information in this way must offer the individual an option to refuse any further direct marketing communications.
73.158 For these reasons, the Privacy Act has left unregulated some practices in the telecommunications context that interfere with privacy. Accordingly, two pieces of federal legislation were introduced to regulate specific activities that impact on privacy in the telecommunications context—the Spam Act 2003 (Cth) and the Do Not Call Register Act 2006 (Cth).
73.159 The ALRC considers that the Spam Act and the Do Not Call Register Act should continue to regulate spam and telemarketing. There is a strong view in the community that some forms of direct marketing are more intrusive than others and should be subject to stronger regulation than applies to less intrusive forms of direct marketing.
73.160 In light of the recent review of the Spam Act by the then Department of Communications, Information Technology and the Arts (DCITA),[189] the introduction of the Do Not Call Register Act and the Senate Environment, Communications, Information Technology and the Arts Committee inquiry into that Act,[190] the ALRC does not propose to conduct another detailed study of the Spam Act and the Do Not Call Register Act. The following section does consider, however, how they interact with the Privacy Act.
[187]Privacy Act 1988 (Cth) ss 6C, 6D. The small business exemption is discussed in Ch 39.
[188] The definition of ‘personal information’ is discussed in Ch 6.
[189]Australian Government Department of Communications‚ Information Technology and the Arts, Report on the Spam Act 2003 Review (2006). Now the Australian Government Department of Broadband, Communications and the Digital Economy.
[190] Australian Parliament—Senate Environment, Communications, Information Technology and the Arts Committee, Inquiry into the provisions of the Do Not Call Register Bill 2006 and the Do Not Call Register (Consequential Amendments) Bill 2006 (2006).