27.03.2014
1.18 This Inquiry builds on four other recent inquiries into privacy law or related issues conducted in Australia, three of which recommended the enactment of a statutory cause of action.[4]
1.19 The ALRC’s report, For Your Information: Privacy Law and Practice (ALRC Report 108, 2008) focused on data protection: information collection, access and use. The ALRC recommended that Commonwealth legislation should provide for a statutory cause of action for serious invasion of privacy.[5]
1.20 In 2009, the New South Wales Law Reform Commission (NSWLRC) recommended that a general cause of action for invasion of privacy was required to provide a ‘basis for the ongoing development of the law of privacy in a climate of dynamic societal and technological change’.[6]
1.21 In 2010, the Victorian Law Reform Commission (VLRC) issued the report, Surveillance in Public Places, which followed a decade-long inquiry into workplace privacy and privacy in public places.[7]
1.22 In September 2011, the Department of the Prime Minister and Cabinet (DPM&C) released an Issues Paper on a statutory cause of action for invasion of privacy,[8] prompted by a number of ‘high profile privacy breaches’ in Australia and overseas.[9]
1.23 In addition to a continuing debate in Australia on the desirability of a statutory cause of action, there have been important developments in privacy protection in other countries. Privacy torts have been well-established in the United States for many decades, although the protection they provide is limited by the constitutional protection of free speech in the First Amendment of the US Constitution. Some states, such as California, have also introduced a statutory tort of invasion of privacy.[10]
1.24 The United Kingdom has developed extensive legal protection of privacy by extending the equitable action for breach of confidence, under the influence of the Human Rights Act 1998 (UK).[11] This Act requires the courts to give effect to the protection of rights and freedoms set out in arts 8 and 10 of the European Covenant on Human Rights.
1.25 The Canadian provinces of British Columbia,[12] Manitoba,[13] Newfoundland and Labrador,[14] Quebec[15] and Saskatchewan[16] have enacted statutory torts for invasion of privacy, and the Ontario Court of Appeal has also recognised common law protection.[17] New Zealand courts have recently recognised common law torts of misuse of private information[18] and of intrusion.[19]
1.26 The state of development of a country’s common law protection of privacy has a significant impact on the question of whether there is a need to legislate for a cause of action. Committees in both the United Kingdom and New Zealand have recommended against the introduction of a statutory cause of action, in view of the common law developments in those two countries.[20]
1.27 In contrast, a common law tort for invasion of privacy has not yet developed in Australia, despite the High Court leaving open the possibility of such a development, in Australian Broadcasting Corporation v Lenah Game Meats Pty Ltd.[21] While a tort of invasion of privacy has been recognised by two lower court decisions,[22] no appellate court has confirmed the existence of this tort. The general consensus is that the likely direction of the future development of the common law is uncertain.[23]
-
[4]
Privacy was also the subject of earlier reports by the ALRC. In 1979, the ALRC recommended that a person be allowed to sue for damages or an injunction if ‘sensitive private facts’ were published in circumstances that were likely to cause distress, annoyance or embarrassment to a person in the position of the relevant individual: ALRC, Unfair Publication: Defamation and Privacy, Report No 11 (1979). In 1983, the ALRC released a report concentrating on information privacy, and the need to implement the Organisation for Economic Co-Operation and Development, Guidelines Governing the Protection of Privacy and Transborder Flows of Personal Data, 1983: ALRC, Privacy, Report No 22 (1983). This resulted in the enactment of the Privacy Act 1988 (Cth).
-
[5]
ALRC, For Your Information: Australian Privacy Law and Practice, Report No 108 (2008) Rec 74–1.
-
[6]
NSW Law Reform Commission, Invasion of Privacy, Report No 120 (2009) [4.14].
-
[7]
Victorian Law Reform Commission, Surveillance in Public Places, Report No 18 (2010).
-
[8]
‘A Commonwealth Statutory Cause of Action for Serious Invasion of Privacy’ (Issues Paper, Department of the Prime Minister and Cabinet, 2011).
-
[9]
This presumably referred to the widespread phone hacking by journalists and their sources that led to the Leveson Inquiry in the United Kingdom: Lord Justice Leveson, An Inquiry into the Culture, Practices and Ethics of the Press, House of Commons Paper 779 (2012).
-
[10]
California Civil Code § 1708.8.
-
[11]
Campbell v MGN Ltd [2004] 2 AC 457. See Ch 12.
-
[12]
Privacy Act, RSBC 1996, c 373.
-
[13]
Privacy Act, RSM 1987, c P125.
-
[14]
Privacy Act, RSNL 1990, c P-22.
-
[15]
Civil Code of Quebec, SQ 1991, c 64 ss 3, 35–37.
-
[16]
Privacy Act, RSS 1978, c P-24.
-
[17]
Jones v Tsige (2012) 108 OR (3rd) 241.
-
[18]
Hosking v Runting (2005) 1 NZLR 1.
-
[19]
C v Holland [2012] 3 NZLR 672 (24 August 2012).
-
[20]
Joint Committee on Privacy and Injunctions, Privacy and Injunctions, House of Lords Paper No 273, House of Commons Paper No 1443, Session 2010–12 (2012); New Zealand Law Commission, Invasion of Privacy: Penalties and Remedies: Review of the Law of Privacy Stage 3, Report No 113 (2010).
-
[21]
Australian Broadcasting Commission v Lenah Game Meats Pty Ltd (2001) 208 CLR 199.
-
[22]
Grosse v Purvis [2003] QDC 151 (16 June 2003); Doe v Australian Broadcasting Corporation [2007] VCC 281. Both cases were settled before appeals by the respective defendants were heard.
-
[23]
The case law on the issue since Australian Broadcasting Corporation v Lenah Game Meats Pty Ltd is discussed in Ch 3.