Serious Invasions of Privacy in the Digital Era
Total Page:16
File Type:pdf, Size:1020Kb
Serious Invasions of Privacy in the Digital Era FINAL REPORT ALRC Report 123 June 2014 This Final Report reflects the law as at 30 June 2014 The Australian Law Reform Commission (ALRC) was established on 1 January 1975 by the Law Reform Commission Act 1973 (Cth) and reconstituted by the Australian Law Reform Commission Act 1996 (Cth). The office of the ALRC is at Level 40 MLC Centre, 19 Martin Place, Sydney NSW 2000 Australia. Postal Address: GPO Box 3708 Sydney NSW 2001 Telephone: within Australia (02) 8238 6333 International: +61 2 8238 6333 Facsimile: within Australia (02) 8238 6363 International: +61 2 8238 6363 E-mail: [email protected] Website: www.alrc.gov.au ALRC publications are available to view or download free of charge on the ALRC website: www.alrc.gov.au/publications. If you require assistance, please contact the ALRC. ISBN: 978-0-9924069-1-2 Commission Reference: ALRC Final Report 123, 2014 © Commonwealth of Australia 2014 This work is copyright. You may download, display, print and reproduce this material in whole or part, subject to acknowledgement of the source, for your personal, non- commercial use or use within your organisation. Requests for further authorisation should be directed to the ALRC. Printed by Ligare Pty Ltd The Hon George Brandis QC MP Attorney-General of Australia Parliament House Canberra ACT 2600 30 June 2014 Dear Attorney-General ALRC Terms of Reference—Serious Invasions of Privacy in the Digital Era On 12 June 2013, the Australian Law Reform Commission received Terms of Reference to undertake a review into Serious Invasions of Privacy in the Digital Era. On behalf of the Members of the Commission involved in this Inquiry, and in accordance with the Auustralian Law Reform Commission Act 1996, I am pleased to present you with the Final Report on this reference, Serious Invasions of Privacy in the Digital Era. Yours sincerely, Professor Rosalind Croucher Professor Barbara McDonald President Commissioner in Charge Contents Terms of Reference 5 Participants 7 Recommendations 9 Part 1 15 1. Introduction 17 Context of the Inquiry 17 The design of a cause of action 18 Should a new tort be enacted? 20 Other reforms 26 The law reform process 27 2. Guiding Principles 29 Summary 29 Principle 1: Privacy is a fundamental value worthy of legal protection 30 Principle 2: There is a public interest in protecting privacy 32 Principle 3: Privacy should be balanced with other important interests 33 Principle 4: Australian privacy laws should meet international standards 35 Principle 5: Privacy laws should be adaptable to technological change 36 Principle 6: Privacy laws should be clear and certain 36 Principle 7: Privacy laws should be coherent and consistent 37 Principle 8: Justice to protect privacy should be accessible 38 Principle 9: Privacy protection is an issue of shared responsibility 39 3. Overview of Current Law 41 Summary 41 Existing legislative privacy protection 42 Existing common law causes of action 47 Filling the gaps in existing law 51 A common law action for breach of privacy in Australia? 53 Part 2 57 4. A New Tort in a New Commonwealth Act 59 Summary 59 A new stand-alone Commonwealth Act 59 Constitutional issues 62 An action in tort 67 Abolition of common law actions 72 2 Serious Invasions of Privacy in the Digital Era 5. Two Types of Invasion 73 Summary 73 A cause of action for two types of invasion of privacy 74 Intrusion upon seclusion 76 Misuse of private information 81 Examples 85 False light and appropriation 87 An open-ended action? 88 One cause of action, not two 89 6. Reasonable Expectation of Privacy 91 Summary 91 A test for what is private 92 Considerations 96 7. Fault 109 Summary 109 Intentional or reckless invasions of privacy 110 Negligence 118 Strict liability 124 Effect of apology on liability 128 8. Seriousness and Proof of Damage 131 Summary 131 Seriousness 132 Proof of damage not required 138 9. Balancing Privacy with Other Interests 143 Summary 143 The balancing exercise 144 Public interest matters 150 Onus of proof 158 A discrete exercise 161 10. Forums, Limitations and Other Matters 163 Summary 163 Forums 164 Alternative dispute resolution processes 168 Cause of action limited to natural persons 171 Non-survival of the cause of action 172 Limitation periods 177 Young plaintiffs 181 First publication rule 182 11. Defences and Exemptions 185 Summary 185 Lawful authority 186 Incidental to the exercise of a lawful right of defence of persons or property 191 Necessity 193 Contents 3 Consent 195 Absolute privilege 202 Publication of public documents 204 Fair report of proceedings of public concern 205 Safe harbour scheme for internet intermediaries 207 Exemption or defence for children and young persons 210 Defences unsuited to a privacy action 213 12. Remedies and Costs 219 Summary 219 Damages 220 Account of profits 238 No recommendation on notional licence fee 240 Injunctions 241 Delivery up, destruction or removal of material 251 Correction orders 252 Apology orders 254 Declarations 256 Costs 258 Part 3 261 13. Breach of Confidence Actions for Misuse of Private Information 263 Summary 263 The likely future development of the action for breach of confidence 264 Compensation for emotional distress 265 Public interest and injunction applications 273 14. Surveillance Devices 275 Summary 275 Existing surveillance device laws 276 A Commonwealth Act 278 Technology neutral surveillance legislation 282 Telecommunications surveillance 285 Participant monitoring 286 Responsible journalism and the public interest 289 Workplace surveillance 293 Remedial relief and compensation 295 Alternative forums for complaints about surveillance 296 15. Harassment 299 Summary 299 Statutory tort of harassment 300 Criminal offences for harassment 304 Harassment laws in other countries 307 4 Serious Invasions of Privacy in the Digital Era 16. New Regulatory Mechanisms 309 Summary 309 Privacy Commissioner investigations for serious invasions of privacy 310 Amicus curiae and intervener functions 317 Deletion of personal information 319 Review of the small business exemption 321 Consultations 323 Abbreviations 327 Terms of Reference SERIOUS INVASIONS OF PRIVACY IN THE DIGITAL ERA I, Mark Dreyfus QC MP, Attorney-General of Australia, having regard to: • the extent and application of existing privacy statutes • the rapid growth in capabilities and use of information, surveillance and communication technologies • community perceptions of privacy • relevant international standards and the desirability of consistency in laws affecting national and transnational dataflows. REFER to the Australian Law Reform Commission for inquiry and report, pursuant to s 20(1) of the Australian Law Reform Commission Act 1996 (Cth), the issue of prevention of and remedies for serious invasions of privacy in the digital era. Scope of the reference The ALRC should make recommendations regarding: 1. Innovative ways in which law may reduce serious invasions of privacy in the digital era. 2. The necessity of balancing the value of privacy with other fundamental values including freedom of expression and open justice. 3. The detailed legal design of a statutory cause of action for serious invasions of privacy, including not limited to: a. legal thresholds b. the effect of the implied freedom of political communication c. jurisdiction d. fault elements e. proof of damages f. defences g. exemptions h. whether there should be a maximum award of damages i. whether there should be a limitation period 6 Serious Invasions of Privacy in the Digital Era j. whether the cause of action should be restricted to natural and living persons k. whether any common law causes of action should be abolished l. access to justice m. the availability of other court ordered remedies. 4. The nature and appropriateness of any other legal remedies for redress for serious invasions of privacy. The Commission should take into account the For Your Information ALRC Report (2008), relevant New South Wales and Victorian Law Reform Commission privacy reports, the Privacy Amendment (Enhancing Privacy Protection) Act 2012 and relevant Commonwealth, State, Territory legislation, international law and case law. Consultation In undertaking this reference, the Commission will identify and consult relevant stakeholders including the Office of the Australian Information Commissioner, and relevant State and Territory bodies. Timeframe The ALRC will provide its final report to the Attorney-General by June 2014. 12 June 2013 Mark Dreyfus Attorney-General Participants Australian Law Reform Commission President Professor Rosalind Croucher Commissioner in Charge Professor Barbara McDonald Part-time Commissioner The Hon Justice John Middleton, Federal Court of Australia Executive Director Sabina Wynn Senior Legal Officer Jared Boorer Legal Officers Dr Julie Mackenzie Brigit Morris Dr Steven Robertson Legal Interns Claire Bready Ravi Gosal Georgie Leahy Alisha Mathew Timothy Maybury Michelle Meares Jack Murray Hagen Sporleder Jackson Wherrett Bradley Woods 8 Serious Invasions of Privacy in the Digital Era Advisory Committee Members The Hon Justice Peter D Applegarth, Supreme Court of Queensland Richard Coleman, Fairfax Media Limited Professor Graham Greenleaf, Professor of Law & Information Systems, University of New South Wales Anna Johnston, Director, Salinger Privacy Peter Leonard, Partner, Gilbert & Tobin The Hon W H Nicholas QC Tara McNeilly, Senior General Counsel, Office of General Counsel, Australian Government Solicitor Timothy Pilgrim, Privacy Commissioner, Office