Should a new tort be enacted?

1.17 The ALRC was asked to design a cause of action, rather than to determine whether it is needed or desirable. This second question was considered and answered affirmatively by three recent law reform inquiries in Australia. It was also the subject of an Issues Paper prepared by the Department of Prime Minister and Cabinet in September 2011.[3] Nevertheless, many stakeholders in this Inquiry commented on the issue.

1.18 The ALRC considers that the question of whether a statutory cause of action for serious invasion of privacy would be beneficial to the Australian community should be assessed on the basis of an understanding of:

  • the existing legal protections for privacy;

  • gaps and deficiencies in that legal protection;

  • the likelihood of the common law developing a cause of action for invasions of privacy in the absence of a statute;

  • the detailed design of the cause of action—its elements, defences and remedies; and

  • whether the cause of action is better designed in statute, or left to be developed by the courts.

1.19 Many stakeholders expressed their support for a statutory cause of action.[4] Only a few told the ALRC that the law did not need to be changed at all, and that there were no gaps in the legal protection of privacy in Australia.[5] Even many of those who opposed a privacy tort did not deny the importance or value of privacy.[6] Rather, they based their opposition to the tort on other grounds. It was said that there was little evidence that privacy is invaded in Australia, and that there are no media practices in Australia such as those exposed in the UK phone hacking scandal involving the now defunct News of the World. It was also said that there are no significant gaps in the law, and a new tort would have an undesirable effect on the media, on other businesses, and on the free flow of information.

1.20 The ALRC is not convinced that there is no evidence of invasions of privacy in Australia. Invasions of privacy by intrusion or misuse of private information are known to occur in a wide variety of circumstances.

1.21 While it may be true that the Australian media operate more appropriately than some of their UK counterparts, it is not necessarily the case that the Australian media never unjustifiably invade people’s privacy. Rather, it may be that where they have done so, and the plaintiff complains, they have settled the plaintiff’s claims to avoid litigation, publicity and the setting of a precedent.

1.22 The fact that courts have not recognised a common law cause of action, as they have in other countries, also does not show that there is no need for a statutory cause of action. It may merely indicate that litigants are reluctant to risk lengthy and costly proceedings and appeals arguing a novel point of law. ALRC consultations with practitioners confirmed this view.

1.23 Some who opposed the introduction of a new cause of action recognised that there are gaps in the law, but submitted that it would be preferable to fill those gaps in other ways.[7] Other stakeholders who opposed a new privacy tort submitted that it would nevertheless be preferable to ‘shoehorning’ privacy protection into existing actions.[8]

International developments

1.24 There are civil causes of action for serious invasion of privacy in New Zealand, the United Kingdom, the United States and Canada.

1.25 The UK has developed extensive legal protection of privacy by extending the equitable action for breach of confidence, under the influence of the Human Rights Act 1998 (UK).[9] This Act requires the courts to give effect to the protection of rights and freedoms in the European Convention on Human Rights.

1.26 Article 8 of the Convention provides that everyone has the right to respect for their private and family life, their home and their correspondence, and that there shall be no interference with this right by a public authority except by lawful authority in the interests of national security, public safety, the economic well-being of the country, the prevention of disorder or crime, the protection of health or morals, or the protection of the rights and freedoms of others. Article 10 provides that everyone has the right to freedom of expression, subject to certain necessary restrictions, including the protection of the reputation or rights of others, and the prevention of disclosure of confidential information.

1.27 This UK action for disclosure of private information—sometimes called a tort—has provided a useful guide to the possible structure of the statutory cause of action designed in the Report. The UK has also enacted the Protection from Harassment Act 1997 (UK), which provides a civil remedy for harassment.[10]

1.28 New Zealand courts have recognised common law torts of misuse of private information[11] and of intrusion.[12] New Zealand has enacted the Harassment Act 1997 (NZ), which provides criminal penalties for harassment.

1.29 Although committees in the UK and New Zealand have recommended against the introduction of a statutory cause of action,[13] this must be seen in light of the significant and recent developments in the common law in those two countries.

1.30 The Canadian provinces of British Columbia,[14] Manitoba,[15] Newfoundland and Labrador,[16] Quebec[17] and Saskatchewan[18] have enacted statutory torts for invasion of privacy, and the Ontario Court of Appeal has also recognised common law protection.[19]

1.31 Privacy torts have been well-established in the United States for many decades, although the protection they provide is limited by the special protection given to free speech by the First Amendment of the Constitution. Some states, such as California, have also introduced a statutory tort of invasion of privacy.[20]

A common law or statutory tort?

1.32 In contrast to these other jurisdictions, a common law tort for invasion of privacy has not yet developed in Australia, despite the High Court leaving open the possibility in Australian Broadcasting Corporation v Lenah Game Meats Pty Ltd.[21] While a tort of invasion of privacy has been recognised by two lower court decisions,[22] no appellate court has confirmed the existence of this tort. In Chapter 3, the ALRC reviews the relevant case law, but agrees with the general consensus that the direction of the future development of the common law is difficult to predict.[23]

1.33 However, Australian law is unlikely to stand still, given developments in other countries with similar legal systems and principles. Although Australia does not have a Human Rights Act, Australia is a signatory to the International Covenant on Civil and Political Rights, which requires countries to protect the privacy of its citizens. Privacy is also grounded in clear and important common law principles. Professor Eric Barendt has noted that in the 18th century, property rights that would now be identified as personal privacy interests, ‘were used to safeguard radicals against the arbitrary confiscation of their manuscripts and papers’.[24] It will be increasingly difficult to justify denying legal redress to people whose privacy has been seriously invaded, when other countries offer such redress.

1.34 If a cause of action for serious invasion of privacy is likely to be developed in Australia, is it better enacted by parliament, or left for the courts to develop under the common law? There are benefits of having the law develop in the courts. A statute can have unintended consequences.[25] It may capture, or fail to capture, activities or conduct that were not considered when the statute was enacted. A statute may also become outdated by changes in social or technological changes.[26] A court, on the other hand, can only decide the case before it, and only the issues in contention between the parties. It does not need to anticipate or resolve all the possible issues that might arise in other cases. The common law may therefore develop more incrementally and, some would say, cautiously.

1.35 However, there are also many benefits of statutory reform. Parliament can act on its own motion, and proactively address emerging issues in the community. The development of the common law depends on the existence of parties with the will, and the necessary resources, to litigate their claim in court.[27] There will be continuing uncertainty about how the law will be developed in the courts.[28] Reform by legislation can also be effected more rapidly than development at common law.[29]

1.36 A statute can legislate for a range of situations, both for what has occurred in the past and for what may happen in the future. A court will focus on the specific issues of a particular case, and this may lead to the development of narrow, fact-specific legal principles.

1.37 There is more flexibility in the development of the law by statute than by common law. Statute is not bound to follow precedent, unlike the courts.

1.38 Statutes can also select the most appropriate elements of a cause of action, remedies, defences, thresholds, caps, conditions and exceptions, while courts often do not have this freedom.[30] A statute can also build in incentives to use alternative dispute resolution processes.

1.39 Finally, statutes can address the complex policy issues and legal concepts involved and express the law in language which is more accessible than case law for people without legal training.[31] As a result, statutes may be more effective in having a normative impact on behaviour.

1.40 The advantages of statutory reform should not be underestimated by those who oppose a new privacy tort. If instead of statutory reform, the equitable action for breach of confidence were extended, defendants may be faced with a much stricter standard of liability. There may also not be a clear and separate ‘seriousness’ threshold and countervailing public interests may not be given sufficient weight. Such things considered, potential defendants may prefer a more targeted statutory tort, such as the one designed in the Report.

Other inquiries

1.41 This Inquiry builds on four other recent inquiries into privacy law or related issues conducted in Australia, three of which recommended the enactment of a statutory cause of action.[32]

1.42 The ALRC’s 2008 Report, For Your Information: Privacy Law and Practice, focused on data protection: information collection, access and use. The ALRC recommended that Commonwealth legislation should provide for a statutory cause of action for serious invasion of privacy.[33]

1.43 In 2009, the New South Wales Law Reform Commission recommended that a general cause of action for invasion of privacy was required to provide a ‘basis for the ongoing development of the law of privacy in a climate of dynamic societal and technological change’.[34]

1.44 In 2010, the Victorian Law Reform Commission issued the report, Surveillance in Public Places, which followed a decade-long inquiry into workplace privacy and privacy in public places.[35]

1.45 In September 2011, the Department of the Prime Minister and Cabinet released an Issues Paper on a statutory cause of action for invasion of privacy,[36] prompted by a number of ‘high profile privacy breaches’ in Australia and overseas.[37]

1.46 During this Inquiry, the Law Reform Institute of South Australia has initiated an Inquiry into whether or not South Australia should enact a statutory cause of action for invasion of privacy.[38]

1.47 The Law Reform Committee of Victoria also recommended in early 2013 that Victoria give further consideration to introducing a statutory cause of action for invasion of privacy by the misuse of private information.[39]

[3] See below, [1.41] ff.

[4] Law Society of NSW, Submission 122; N Witzleb, Submission 116; Women’s Legal Services NSW, Submission 115; T Butler, Submission 114; Australian Privacy Foundation, Submission 110; Office of the Victorian Privacy Commissioner, Submission 108; Public Interest Advocacy Centre, Submission 105; N Henry and A Powell, Submission 104; UNSW Cyberspace Law and Policy Community, Submission 98; Australian Sex Party, Submission 92; G Greenleaf, Submission 76; M Paterson, Submission 60.

[5] Free TV, Submission 55; The Newspaper Works, Submission 50.

[6] Media and Communications Committee of the Law Council of Australia, Submission 124; AMTACA, Submission 101.

[7] Telstra, Submission 107; Australian Bankers’ Association, Submission 84; Guardian News and Media Ltd and Guardian Australia, Submission 80; P Wragg, Submission 73; SBS, Submission 59; AIMIA Digital Policy Group, Submission 56; News Corp Australia, Submission 34.

[8] Guardian News and Media Ltd and Guardian Australia, Submission 80.

[9] Campbell v MGN Ltd [2004] 2 AC 457. See Ch 12.

[10] See Ch 15.

[11] Hosking v Runting (2005) 1 NZLR 1.

[12] C v Holland [2012] 3 NZLR 672.

[13] Joint Committee on Privacy and Injunctions, Privacy and Injunctions, House of Lords Paper No 273, House of Commons Paper No 1443, Session 2010–12 (2012); New Zealand Law Commission, Invasion of Privacy: Penalties and Remedies: Review of the Law of Privacy Stage 3, Report No 113 (2010).

[14] Privacy Act, RSBC 1996, c 373 (British Columbia).

[15] Privacy Act, CCSM 1996, c P125 (Manitoba).

[16] Privacy Act, RSNL 1990, c P-22 (Newfoundland and Labrador).

[17] Civil Code of Quebec, SQ 1991, c 64 ss 3, 35–37.

[18] Privacy Act, RSS 1978, c P-24 (Saskatchewan).

[19] Jones v Tsige (2012) ONCA 32.

[20] California Civil Code § 1708.8.

[21] Australian Broadcasting Commission v Lenah Game Meats Pty Ltd (2001) 208 CLR 199.

[22] Grosse v Purvis [2003] QDC 151 (16 June 2003); Doe v Australian Broadcasting Corporation [2007] VCC 281. Both cases were settled before appeals by the respective defendants were heard.

[23] The case law on the issue since Australian Broadcasting Corporation v Lenah Game Meats Pty Ltd is discussed in Ch 3.

[24] Eric Barendt, ‘Privacy and Freedom of Speech’ in Andrew T Kenyon and Megan Richardson (eds), New Dimensions in Privacy Law: International and Comparative Perspectives (Cambridge University Press, 2006) 11, 31.

[25] TT Arvind and Jenny Steele (eds), Tort Law and the Legislature: Common Law, Statute and the Dynamics of Legal Change (Hart Publisher, 2013) 8.

[26] SBS, Submission No 8 to DPM&C Issues Paper, 2011; Free TV, Submission 55.

[27] Office of the Victorian Privacy Commissioner, Submission No 46 to DPM&C Issues Paper, 2011; Australian Privacy Foundation, Submission No 7 to DPM&C Issues Paper, 2011.

[28] Law Council of Australia, Submission No 55 to DPM&C Issues Paper, 2011; Office of the Australian Information Commissioner, Submission No 14 to DPM&C Issues Paper, 2011.

[29] Australian Privacy Foundation, Submission No 7 to DPM&C Issues Paper, 2011; Liberty Victoria, Submission No 34 to DPM&C Issues Paper, 2011.

[30] Mark Leeming, ‘Theories and Principles Underlying the Development of the Common Law: The Statutory Elephant in the Room’ (2013) 36 UNSW Law Journal 1002, 1021.

[31] M Paterson, Submission 60.

[32] Privacy was also the subject of earlier reports by the ALRC. In 1979, the ALRC recommended that a person be allowed to sue for damages or an injunction if ‘sensitive private facts’ were published in circumstances that were likely to cause distress, annoyance or embarrassment to a person in the position of the relevant individual: Australian Law Reform Commission, Unfair Publication: Defamation and Privacy, Report 11 (1979). In 1983, the ALRC released a report concentrating on information privacy, and the need to implement the Organisation for Economic Co-Operation and Development, Guidelines Governing the Protection of Privacy and Transborder Flows of Personal Data, 1983: Australian Law Reform Commission, Privacy, Report 22 (1983). This resulted in the enactment of the Privacy Act 1988 (Cth). In the latter report at [1081], the ALRC declined to recommend the creation of a general tort of invasion of privacy. In the ALRC’s view at that time, ‘such a tort would be too vague and nebulous’. The ALRC considers that not only are social and technological conditions 30 years later very different, but also the legal landscape has changed considerably, as shown by developments in other countries discussed above.

[33] Australian Law Reform Commission, For Your Information: Australian Privacy Law and Practice, Report 108 (2008) Rec 74–1.

[34] NSW Law Reform Commission, Invasion of Privacy, Report 120 (2009) [4.14].

[35] Victorian Law Reform Commission, Surveillance in Public Places, Report 18 (2010).

[36] ‘A Commonwealth Statutory Cause of Action for Serious Invasion of Privacy’ (Issues Paper, Department of the Prime Minister and Cabinet, 2011).

[37] This presumably referred to the widespread phone hacking by journalists and their sources that led to the Leveson Inquiry in the United Kingdom: Lord Justice Leveson, An Inquiry into the Culture, Practices and Ethics of the Press, House of Commons Paper 779 (2012).

[38] South Australian Law Reform Institute, Too Much Information: A Statutory Cause of Action for Invasion of Privacy, Issues Paper 4 (2013).

[39] Law Reform Committee, Parliament of Victoria, Inquiry into Sexting (2013) 187–8.