Table of contents

Updates and background for this project (Digest)

Terms of Reference
Participants
Submissions
List of proposals and issues

ALRC’S review of privacy law
The purpose of this paper

Information sharing
Criminal sanctions

2. Current privacy protection - Commonwealth
Introduction
The Privacy Act 1988 (Cth)

The Commonwealth Information Privacy Principles
The National Privacy Principles
A unified set of principles
Exceptions and exemptions
Breaches
Enforcement

3. Current privacy protection - New South Wales
Introduction
The Privacy and Personal Information Protection Act 1998 (NSW)

Background and development of PPIPA
What is covered?
What is “personal information”?
Who is covered?
The Information Protection Principles
Exemptions
Enforcement

Historical background
What is covered?
The Health Privacy Principles
Consent
Exemptions
Other exemption mechanisms
Enforcement

4. Achieving a clear and consistent legislative structure
Introduction
Clarifying the structure of New South Wales privacy laws

The structure of PPIPA
The structure of HRIPA
Difficulties with the structure of PPIPA
Level of detail
The Commission’s view

The Commission’s view

Private sector coverage of health information under HRIPA
The Commission’s view
Should health information continue to be regulated separately?

Background
Personal information – PPIPA s 4; HRIPA s 5
Definition of “public sector agency” - PPIPA s 3(1); HRIPA s 4(1)
Unsolicited information – PPIPA s 4(5); HRIPA s 10
Law enforcement and investigative agencies – PPIPA s 23, 24 and 27; HRIPA s 27
State owned corporations
Government contractors

Background
What are “privacy related matters”?
Bodily privacy
Privacy of communications
Territorial privacy

6. The privacy principles
Introduction
Collection for lawful purposes – IPP 1; HPP 1
Collection directly from the individual – IPP 2; HPP 3
Further collection requirements – IPP 3 and IPP 4; HPP 4
Application of IPPs to records of observations or conversations
Retention and security of information – IPP 5; HPP 5
Access to, and alteration of, information – IPP 7 and IPP 8; HPP 8
The dichotomy between “use” and “disclosure” – IPPs 9, 10, 11 and 12; HPPs 9, 10, 11 and 12
Identification of the purpose for collection – IPPs 10 and 11; HPPs 10 and 11
Application of IPPS 10 and 11 and HPPs 10 and 11 to unsolicited information
Disclosure to third parties – IPP 11
Special restrictions on disclosure – IPP 12

Section 19(1) of PPIPA – disclosure of sensitive information
Section 19(2) of PPIPA – disclosure outside NSW

7. Other operational issues
Introduction
Exemptions

Section 24 of PPIPA – exemptions relating to investigative agencies
Section 25 of PPIPA – exemptions where non-compliance is otherwise permitted
Application of s 25(b) to a preliminary inquiry by the
Ombudsman

Complaints on behalf of the individual
Criteria to be applied by the Privacy Commissioner
Relationship between s 45 and s 36(2)(k) of PPIPA
Application of s 51 of PPIPA to withdrawn complaints
Report to Parliament under s 65 of PPIPA

Nature of the jurisdiction
Absence of a limitation period for review by the ADT
The ADT’s powers on review
Role of the Privacy Commissioner
Commissioner Determination model vs Tribunal
Determination model

Disclosure, access and correction provisions
Complaints-handling and review provisions
Amalgamation of the oversight of privacy and FOI

Tables
Table of cases
Table of legislation

Commonwealth
New South Wales
Northern Territory
Tasmania
Victoria
Other