Australian Information Mangement Ethics And Law Essay, Research Paper
In the new electronic age, we are relying more and more on information technology to streamline government, educate our children, make health care more accessible and affordable, and make our businesses more productive and competitive. This rush to embrace a new age of technology must not, however, obscure the ongoing responsibility to protect important information and maintain the personal privacy of citizens.
There is increasing awareness, both in Australia and overseas, of the privacy implications of new information technologies. This has led to mounting pressure to ensure that those technologies are introduced in ways which respect the expectations of individuals in relation to the handling of their personal information.(Task Force, 1997)
The concept of privacy is “the expectation that confidential personal information disclosed in a private place will not be disclosed to third parties, when that disclosure would cause either embarrassment or emotional distress to a person of reasonable sensitivities” (Privacy Commissioner, 1995 ). Information is interpreted broadly to include facts, images (eg. photographs, videotapes) and disparaging opinions.(Privacy Commissioner, 1995)
In the past aswell as the present invasions of privacy had been treated as trespass, assault, or eavesdropping. Part of the reason for the delay in recognising privacy as a fundamental right is that most modern invasions of privacy involve new technology (eg. telephone wiretaps, microphones and electronic amplifiers for eavesdropping, photographic and video cameras, computers for collecting/ storing/ finding information). (Hilvert, 1997)
Before the invention of computer databases, one might invade a few persons’ privacy by collecting personal information from interviews and commercial transactions, but the labor-intensive process of gathering such information made it impossible to harm large numbers of victims (Hilvert, 1997). Hilvert further stated, “storing such information on paper in file cabinets made it difficult to use the information to harm victims, simply because of the disorganized collection of information.” Consequently, there is an overwhelming need to regulate privacy in the private sector.
Over the past 25 years, many countries have introduced privacy and data protection laws. In Australia, the Privacy Act already covers some private sector activities, with special rules in relation to credit reporting and tax file numbers (Privacy Commissioner, 1995). The Act also applies to Commonwealth and ACT government agencies and some private contractors handling personal information on behalf of government. It is soon be extended to all contractors. (Privacy Commissioner, 1995)
In March 1997 the Federal Government announced that it preferred voluntary self-regulation to address the issue of privacy, because of concerns about the costs of compliance with a legislatively based scheme. (Task Force, 1997)
The Scheme deals with the fair and responsible handling of personal information. Put simply, this means:
Informing people about why their personal information is being collected and what it is to be used for;
Allowing people reasonable access to information about themselves and to correct it if it is wrong;
Making sure that the information is securely held and cannot be tampered with, stolen or improperly used; and
Limiting the use of personal information, for purposes other than the original purpose, without the consent of the person affected, or in certain other circumstances.
Then in February 1998 the Privacy Commissioner issued The National Scheme for Fair Handling of Personal Information, giving individuals more control over the way in which their personal information is handled, and ensuring they are treated fairly (law.gov.au, 1999). It also set out the opportunities for businesses and the responsibilities they carry and addresses a possible role for Government in setting the necessary enabling policy framework.
The scheme consisted of the three proceeding components:
Principles or standards for the handling of personal information;
Pocesses for business to `sign on’ to the Scheme, and for promoting and monitoring compliance with the principles; and
Mechanisms for handling complaints about breaches of the principles, and providing effective remedies for people affected.
Within the above time frame, a considerable amount of complaints and enquiries received by the Privacy Commissioner, in regards to the regular flow of media reports of cases of harm or distress that poor information privacy practices had inflicted on individuals. For example, Task Force (1997) remarked that there were more than 500 separate `privacy’ items in national newspapers in the first six months of 1997.
Consumers wanted to know how the information they give to business will be used, and they want to be confident that their personal information will be protected against misuse. Like wise, Businesses wanted to build loyalty and trust with their customers by assuring them that their information will be handled fairly. They also want to be certain that their competitors will not either undermine the image of their industry, or put them at a commercial disadvantage,by misusing personal information. (Hilvert, 1997 )
Thus, policy makers were compelled by all sectors of society to review and update the Privacy Act 1998. An amended privacy legislation was introduced to parliament in 1999 to extend privacy protection across the private sector to corporate or unincorporated bodies through to individuals. (law.gov.au, 1999)
A dominate feature of the legislation deals with the management of private information. Information privacy concerns the handling of personal information, that is, information about a particular person or information that can be used to identify a particular person. The collection and use of personal information is essential to businesses, non-profit organisations, consumers and government: it is a very valuable resource. But it differs from other resources in two ways. It can be shared and used by more than one person at the same time, and it can be used for an unlimited number of different purposes (Hilvert, 1997). These characteristics give rise to the fundamental ideas behind information privacy: that organisations handling personal information have a responsibility to do so fairly, and that the subjects of personal information retain some rights in relation to the way it may be used (or collected or stored or disclosed) by others. (Hilvert, 1997)
The amended Privacy Act supplies a guide of how private information is treated. Failure to concur to the privacy codes will result in an investigation by the Privacy Commissioner. The legislation will require the Privacy Commissioner review, approve and inforce privacy codes. Also, the Commissioner’s approval of a code will be subject to scrutiny by the federal Parliament, to ensure consistency between privacy codes. (Review Council, 1995)
Despite recent attention to the privacy bill, the Australian common law recognises no general right to privacy. Defamation law and actions for breach of a duty of confidence can apply in a limited range of circumstances, but litigation is slow and expensive and not a realistic option for most people affected by privacy intrusions. (law.gov.au, 1998)
However, Australian businesses recognise the importance of information privacy. They want to be sure that there can be a free flow of information in the international trade setting, which requires that our trading partners have confidence that Australia has adequate practices for handling personal information. Businesses and Governments wanting to encourage their customers to use electronic commerce and electronic service delivery need to assure them that their information privacy will be protected.
Survey research for the Privacy Commissioner indicated:
“that nearly 80 per cent of people think computers have made it easier for confidential personal details to fall into the wrong hands and that very few believe there are adequate safeguards for personal information kept on computer.”
(Mastercard International, 1996)
Whether or not these concerns are justified, they obviously affect the willingness of consumers to embrace new technologies that involve the collection and processing of personal information.
Adoption of the amended information privacy scheme by Australian businesses would make it easier to convince overseas authorities and consumers that personal information will be protected in Australia. Thus, encourgaging favourable business relations.
Unfortuntely businesses perspective differ about the best way of protecting information privacy. Some thought that a legislated scheme would give the most certainty and consistency. Others thought that a self-regulatory scheme would be simpler, cheaper and more flexible. However, business unanimously supported the concept of a simple scheme that minimises compliance costs, overlap with other regulation and differences between jurisdictions. The legislation also attempt emulate these requirements.(Australian Banker, 1993)
Additional surveys in 1995 were conducted for the Privacy Commissioner involving the general public. In effect the results had a fundemental influence for the future privacy legislation.
A survey conducted by Mastercard in 1996 indicated that:
Nearly nine in ten people believe that they should have advance notice when personal information is being collected and that they should be asked permission before their personal data can be passed from one organisation to another.
More than nine in ten think that when personal information has been collected they should be told exactly what it will be used for.
People generally do not believe that they should bear all the responsibility for protecting their own personal privacy;
Majority believe that government has a role to play in authorising privacy codes
There is popular support for information privacy protections supported by governments.
More than half do not object to companies using personal details as long as they know about it, and can stop it.
It would be reasonable to conclude from the above results that protection of personal information is an essential accompaniment to the surging information economy. It is also clear that information privacy concerns will continue to feature prominently in discussions about government policy for the new information economy, both in domestic and overseas jurisdictions.
The growth of computer technology in the last thirty years has allowed a massive expansion in the volume of information held and has made it easier to access, process and match it.
Many people are concerned about the increased potential for privacy intrusion that accompanies technological change. Yet it is equally clear that Australia’s prosperity and our capacity to produce high quality goods and services depends to a large extent on the smarter use of information. We must deal adequately with people’s concerns about privacy if we are to gain the maximum benefits from the information society. (Task Force, 1997)
If an information privacy scheme were robust enough to assure consumers that they could exercise some control over the use of their information in sophisticated IT systems, it seems likely that public resistance to such applications would be reduced. Yet there still is evidence that people are wary about entrusting personal details to complex systems that they do not understand(Task Force, 1997). Thus, the proposed changes to the privacy act may be in adequate to obtain a general level of trust from the community. Although the governments approach has installed optimisim and hope of secure handling of personal information in the approaching years.
Australian Banker Association (1993) Code of Banking Practice, Aus.
Australian Law Reform Commission & the Administrative Review Council (1995) Open Governmnet:A Review of the Freedom of Information Act 1982, Canberra, pg 15-16.
Hilvert, L. (1997) Censorship Privacy are Prime concerns, , 17 June.
Information Infrastructure Task Force (1997) A framework for global Electronic Commerce, July.
Mastercard International (1996) Privacy & Payment, p15.
Peladeau, P. (1995) Data Protection Saves Money, Privacy Journal, June, Pg 3-4.
Privacy Commissioner (1995) Community Attitudes To Privacy, August, Pg 2.