Gaps in existing law

3.48 Although the existing law provides protection against some invasions of privacy, there are significant gaps or uncertainties. These include the following:

  • The tort actions of trespass to the person, trespass to land and nuisance do not provide protection from unauthorised and serious intrusions into a person’s private activities in many situations.[76] The statutory cause of action for serious, unjustified invasions of privacy committed intentionally or recklessly, detailed in Chapters 4–11, or the proposals in Chapter 14 relating to harassment, would supplement the common law.

  • Outside actions of trespass, malicious prosecution or defamation, tort law does not provide a remedy for intentional infliction of emotional distress which does not amount to psychiatric illness.[77] The proposed statutory cause of action would allow recovery of damages for emotional distress caused by a serious invasion of privacy. In Chapter 12, the ALRC has proposed that, if a statutory cause of action for serious invasion of privacy is not enacted, legislation should be enacted that would provide for the recovery of damages for emotional distress in breach of confidence cases.

  • While the equitable action for breach of confidence can provide effective legal protection to prevent the disclosure of private information (and especially if the Australian common law develops as it has in the UK), it is currently less effective after a wrongful disclosure, because it is unclear or uncertain whether a plaintiff may recover compensation for emotional distress. Proposal 12–1 in Chapter 12 aims to remove this uncertainty.

  • There is further uncertainty, or at least some debate, as to the relevant principles to be applied when a court is considering whether to grant an interlocutory injunction to restrain the publication of true, private information.[78] Chapter 12 includes Proposal 12–2 that would require courts to give consideration to freedom of expression and matters of public interest when considering such an injunction.

  • Legislation dealing with surveillance and with workplace surveillance is not uniform throughout Australia, and is outdated in some states. The ALRC has proposed in Chapter 13 that these surveillance device laws should be made uniform.

  • There is no tort or civil action for harassment, nor is there sufficient deterrence against ‘cyber-harassment’ in Australian law, compared with overseas jurisdictions.[79] The ALRC has made proposals in Chapter 14 for civil remedies and criminal penalties for harassment if a statutory cause of action for serious invasion of privacy is not enacted.[80]

  • Legislation and common law protection against aerial and other surveillance may not provide sufficient protection against advances in technology that facilitate new types of invasion into personal privacy.[81] This limitation would be addressed by the statutory cause of action for serious invasions of privacy. In addition, the proposals in Chapter 13 for the reform of state and territory surveillance devices Acts would regulate new means of surveillance.

  • The Privacy Act and state and territory equivalents deal only with information privacy. Further, the Privacy Act provides for only limited civil redress, that is, only by way of a complaints procedure to the Office of the Australian Information Commissioner (OAIC). While important, this legislation by no means covers the field of invasions of privacy. For example, it does not deal with intrusions into personal privacy or with the behaviour of most individuals or with most activities of media entities.

  • The ACMA cannot provide any monetary redress to those who complain about invasions of privacy by media or communications entities. There is a proposal in Chapter 15 for the ACMA to be given limited powers to redress complaints of serious unjustified invasions of privacy, similar to those of the OAIC.

  • Many small businesses, those with an annual turnover of less than $3 million, are exempt from the regulatory regime of existing privacy legislation. The small business exemption is discussed in Chapter 15.

3.49 The ALRC is not able, in the time allocated to this Inquiry, to consider and make recommendations about all of the concerns that have been raised by the community in relation to privacy in the digital era. This Discussion Paper sets out the key proposals to which, in the light of its Terms of Reference, the ALRC has given priority for consideration.

3.50 Some of the concerns that are raised in the community are more properly dealt with by existing regulatory bodies. Some of the concerns have been the subject of recent, carefully considered enactment by Parliament, for example, the recent amendments to the Privacy Act by the Privacy Amendment (Enhancing Privacy Protection) Act 2012 (Cth), many of which came into effect only in March 2014.

3.51 Further, there have been a number of targeted reviews for existing legislation which is the subject of community debate. The privacy protections of Telecommunications Act and the TIA Act were the subject of a 2013 Parliamentary Inquiry.[82] At the time of writing, a further Parliamentary Inquiry is underway.[83] The ALRC does not consider these provisions in this Inquiry.