[Previous] [Next] [Up] [Title]

Appendix 1 - Australia's international privacy obligations


The OECD privacy Guidelines

The Organisation for Economic Cooperation and Development's Guidelines on the Protection of Privacy and Transborder Flows of Personal Data (OECD, Paris, 1981) are a Recommendation by the Council of the OECD[42], adopted in 1980. Recommendations of the Council are not legally binding on member States, whereas Decisions are. The Guidelines attempt to balance the protection of privacy and individual liberties and the advancement of free flows of personal data through eight privacy principles which, if observed, are supposed to guarantee a free flow of personal information from other OECD countries.

The core of the Guidelines are the eight `Basic Principles of National Application' in Part Two (Principles 7 to 14). These are principles concerning Collection Limitation, Data Quality, Purpose Specification, Use Limitation, Security Safeguards, Openness, Individual Participation and Accountability. All 25 member countries of the OECD have adopted the Guidelines[43] but, outside Europe, only New Zealand and Québec (Canada) have implemented them in full by legislation covering both the public and private sectors.

Australia announced its intention to adhere to the OECD Guidelines in 1984. The 11 Information Privacy Principles in the Privacy Act 1988 (Cth) are intended to implement the OECD's 8 Principles insofar as personal information held by Commonwealth public sector agencies are concerned. The various methods of enforcement of the Principles provided in the Act implement Guideline 19. State and Territory Freedom of Information Acts implement the Individual Participation Guideline in relation to State and Territory public sectors, but not the other Guidelines. Insofar as the private sector is concerned, it would be difficult to argue that the Guidelines have been implemented in any sector except that relating to credit reporting (Privacy Act 1988, Pt IIIA (Cth)). So Australia has still failed to comply with the Guidelines for thirteen years after announcing its adherence.

Guideline 19 concerning the means of enforcement of the Guidelines to be adopted in national legislation is vague in its requirements, in supporting both legislation and self-regulation, but does require both `reasonable means for individuals to exercise their rights' and `adequate sanctions and remedies in case of failures to comply'.

The Privacy Commissioner has a function `to encourage corporations to develop programs for the handling of records of personal information that are consistent with' the OECD Guidelines (A 27(1)(n)), and it will presumably be in the exercise of this function that the Commissioner becomes involved in the development of voluntary codes. It would seems that it is not consistent with the OECD Guideline for the Commissioner to become involved in development of codes which do not provide `adequate sanctions and remedies'. It is worth noting that the Commissioner is also required to take into account other `developing general international guidelines

The ICCPR, A17

Various Asia-Pacific countries[44] are parties to the International Covenant on Civil and Political Rights (ICCPR), Article 17 of which provides:
`1. No one shall be subjected to arbitrary or unlawful interference with his privacy, family, home or correspondence, nor to unlawful attacks on his honour or reputation.;
2. Everyone has the right to protection of the law against such interference or attacks'.
Some ratifications are qualified in respect of A17, such as by Australia's declaration that A17 was accepted without prejudice to `the right to enact and administer laws which, insofar as they authorise action which infringes on a person's privacy, family, home or correspondence, are necessary in a democratic society in the interests of national security, public safety, the economic well-being of the country, the protection of public health or morals, or the protection of the rights and freedoms of others'.

Article 8 of the European Convention on Human Rights (1950) is in very similar terms, and considerable case law by the European Court of Human Rights has elaborated its meaning. The ICCPR is therefore very different from the OECD Guidelines or the European Convention, as it contains only a very general statement of privacy as a right.

A few Asia-Pacific countries[45] have also acceded to the First Optional Protocol to the ICCPR, thereby agreeing to individuals taking complaints (`communications') that they have breached a provision of the ICCPR to the United Nations Human Rights Committee. The Human Rights Committee is made up of 18 experts from different countries, elected for four year terms by countries that are ICCPR parties.

In Toonen v Australia[46] the Committee held that Australia was in breach of the privacy protection of A17 because of legislation in an Australian State (Tasmania) which criminalised homosexual conduct in private. The Australian Commonwealth government then legislated to nullify the effect of the Tasmanian legislation (Human Rights (Sexual Conduct) Act 1994 47). After Croome and Toonen successfully obtained leave from the High Court to challenge the Tasmanian legislation's consistency with the Commonwealth legislation, the Tasmanian Parliament in May 1997 finally repealed the sections which had led to the complaint to the UN.

The Coalition Government is now considering Australia withdrawing from the First Optional Protocol so as to prevent other cases going to the Human Rights Committee, in which case Australia will be the first county to so withdraw.

[42] An inter-governmental organisation, the members of which comprise the European Union countries, Switzerland, Turkey, the former Yugoslav states, Canada, the United States, New Zealand, Australia and Japan

[43] Tucker, G `Present situation and trends in privacy protection in the OECD area', Committee for Information, Computer and Communications Policy, OECD, Paris, 1988

[44] Including Australia, Canada, Chile, Democratic People's Republic of Korea, Fiji, Japan, New Zealand, Philippines, Republic of Korea, USA, Vietnam: Status of International Instruments, Chart of Ratifications as at 31 July 1992, United Nations, New York 1992

[45] Including Australia, Canada, Chile, New Zealand, Philippines, Republic of Korea: ibid

[46] UN Human Rights Committee, Views on Communication No. 488/1992, adopted 31 March 1994 - see 1 Privacy Law & Policy Reporter 50

47 Greenleaf, G 'Human Rights (Sexual Conduct) Bill 1994', (1994) 1 PLPR 121


[Previous] [Next] [Up] [Title]