Roger Clarke's Web-Site


© Xamax Consultancy Pty Ltd,  1995-2018

Roger Clarke's 'Australian Privacy Law'

History of Australian Privacy Law

Emergent Draft of 29 October 2010

Roger Clarke ** [and co-authors?]

© Xamax Consultancy Pty Ltd, 2010

Available under an AEShareNet Free
for Education licence or a Creative Commons 'Some
Rights Reserved' licence.

This document is at

It is one chapter in a study of privacy law in Australia

1. Introduction

Victoria is a State of c. 230,000 (about the same as the U.K.). It has a population of 5.5 million, 75% of whom live in the capital city, Melbourne.

The area was first settled by the British in 1803, on Port Phillip Bay, south of present-day Melbourne, which was itself established only in 1835. The Port Phillip District was a separately-administered part of New South Wales until Victoria was proclaimed as a separate colony in 1851. Self- government commenced in 1855. It became a State of the Commonwealth of Australia at federation in 1901.

This paper reviews the history and status of privacy law in Australia's second most populous State, Victoria. Separate papers in the series address the Commonwealth, the complex situation in the private sector, NSW, and the other six smaller States and Territories.

2. The Beginnings - To 1995

Virtually nothing of consequence in relation to privacy protection appears to have occurred in Victoria until the mid-1990s.

3. 1996-2001

The Information Privacy Act was drafted by a Data Protection Advisory Council formed by the Minister for Multimedia in 1996. (The author of this paper was a member of that Council).

This Council recommended the form of legislation to regulate the public, and probably also the private, sector. It reported to the commissioning Minister, Alan Stockdale, on 20 December 1996. [Declaration of interest: I was a member of that Council].

Shortly afterwards, in March 1997, the Prime Minister reneged on his party's election promise. He requested State Premiers not to introduce laws regulating the private sector, but to instead rely on self-regulation based on the Principles that he had requested the Privacy Commissioner prepare.

As a result, the tempo eased for some time. Following the publication of the Privacy Commissioner's FHIPs in February 1998, the Victorian Government re-asserted its intention to legislate. In July 1998, it published a Discussion Paper ( MMV 1998). It is assessed in Greenleaf (1998a).

My Submission to the Victorian Minister for I.T. & Multimedia, Alan Stockdale, concluded that "The privacy-protective regime described in the Discussion Paper has many excellent features. It has three very serious weaknesses, which would undermine public acceptance if they were not addressed, together with a number of additional weaknesses of consequence" (Clarke 1998g).

The three very serious weaknesses are in the following areas:

Progress with the preparation of the Bill was suspended during the election campaign of August/September 1998.

The Government had stated that it intended tabling its Data Protection Bill before the end of 1998. As a result of the federal election, sittings of the Victorian Parliament were curtailed, and the tabling of the Bill deferred.

On 4 December 1998, exposure drafts of Victoria's proposed data protection and electronic commerce legislation were made available at Multimedia Victoria (under publications), and at Minister Stockdale's site (under 'What's New') and at the government's site (also under 'What's New'). The closing date for submissions was mid-February 1999. A revised version was subsequently published, and the Bill tabled in May 1999 (see the Department of Permier and Cabinet site, under Bills.

It appears to be a fairly sensible implementation of the co-regulatory approach, although there remain a couple of areas of concern. Graham Greenleaf has provided a detailed review.

The Victorian government, especially through MMV, is a leader in information technology applications, especially electronic services delivery; hence its concern to implement meaningful privacy protections and thus earn public confidence. As a result, it is conducting a number of projects that have potentially substantial privacy implications. An example of such an initiative, which has, from the outset, involved privacy and consumer advocates, is a trial of smart cards in health.

The Surveillance Devices Act was introduced and passed by the Victorian Parliament during 1999. It replaces the Listening Devices Act 1969, and regulates not only listening devices, but also optical surveillance devices, tracking devices (defined as electronic devices the primary purpose of which is to determine the geographical location of a person or an object) and data surveillance devices.

The Liberal Government was surprisingly defeated in an election in 1999, and the Data Protection Bill lapsed. The new Labor Government acted fairly quickly, however, along fairly similar lines, resulting in the Information Privacy Act 2000. This is also a conventional statute, imposing a degree of regulation on the public sector, broadly in line with OECD norms, and including a wide array of exemptions and exceptions.

Despite a change of Government in the meantime, the Bill was passed virtually unchanged in 2000. It is a straightforward implementation of the OECD Guidelines, and the approach is therefore dated but mainstream. It established a set of Information Privacy Principles, and a Privacy Commissioner and Office, referred to as Privacy Victoria or OVPC.

The Victorian Health Records Act was passed in 2001. This includes a set of Health Privacy Principles which is highly permissive of data disclosures. The law is administered by the Health Services Commissioner. It encompasses both public and private sector organisations active in the Victorian health care sector.

4. 2002-


A further, highly specialised Office was created by the Commissioner For Law Enforcement Data Security Act 2005 to address the public disquiet about rampant leakage of personal data from Victoria Police records. The Commissioner (CLEDS) has powers relating to management practices for law enforcement data. The Office does not have its own web-site, but has its pages within the site of the Chief Examiner, an office provided with extraordinary investigative powers relating to organised crime.

In 2006, Victoria became only the second Australian jurisdiction to provide a degree of generic protection of human rights in the form of the Charter of Human Rights and Responsibilities Act. Under s.13, "a person has the right (a) not to have his or her privacy, family, home or correspondence unlawfully or arbitrarily interfered with; and (b) not to have his or her reputation unlawfully attacked". The statutory protection is very limited, and whether this will actually help at all in stemming the tide of privacy-invasive behaviour is unclear.

An emergent tort of invasion of privacy was heralded by a County Court decision in 2007, Jane Doe v ABC and ors [2007] VCC 281. The ABC reported a woman's name as part of a radio news item about the sentencing of her husband, who was convicted of her rape. The Judge found that that the publication induced post traumatic stress disorder. It does not appear that the judgement has been published.


5. Conclusions


Relevant laws are identified in APF (2010).



See the consolidated reference list for the complete series of papers.



Author Affiliations

Roger Clarke is Principal of Xamax Consultancy Pty Ltd, Canberra. He is also a Visiting Professor in the Cyberspace Law & Policy Centre at the University of N.S.W., and a Visiting Professor in the Department of Computer Science at the Australian National University.

xamaxsmall.gif missing
The content and infrastructure for these community service pages are provided by Roger Clarke through his consultancy company, Xamax.

From the site's beginnings in August 1994 until February 2009, the infrastructure was provided by the Australian National University. During that time, the site accumulated close to 30 million hits. It passed 50 million in early 2015.

Sponsored by Bunhybee Grasslands, the extended Clarke Family, Knights of the Spatchcock and their drummer
Xamax Consultancy Pty Ltd
ACN: 002 360 456
78 Sidaway St, Chapman ACT 2611 AUSTRALIA
Tel: +61 2 6288 6916

Created: 7 August 2010 - Last Amended: 29 October 2010 by Roger Clarke - Site Last Verified: 15 February 2009
This document is at
Mail to Webmaster   -    © Xamax Consultancy Pty Ltd, 1995-2017   -    Privacy Policy