The first of two tranches of Australian privacy reforms proposed in 2008 have passed through the House of Representatives.
Close to 300 recommendations were made by the Australian Law Reform Commission in a 28-month inquiry stemming back as far as 2006, but only about half of them have been put before parliament at this point in time.
The proposed changes, some now four years old, are designed to tighten the rules on how personal information is sent outside of Australia, how personal information may be used for direct marketing, increase the protections provided to sensitive information, such as health records and biometric data, and provide the Privacy Commissioner with powers to allow him to apply civil penalties in cases where the Privacy Act has been breached.
The reforms will now be introduced in the Senate to be considered by the Senate Legal and Constitutional Affairs Legislation Committee, which is due to release its report on Thursday. Feedback from the committee may result in some changes to the reforms.
The House Standing Committee on Social Policy and Legal Affairs, which also reviewed the legislation, recommended that the Attorney-General review the legislation 12 months after the commencement of the act, with a view to look at the interaction with overseas laws and de-identified data provision, among others.
There is some overlap on the matter of privacy, with the Parliamentary Joint Committee on Intelligence and Security also having to tackle privacy issues as it debates proposals for a data-retention scheme. Its findings could also come into play as the reforms go through the Senate.