The NSW Government's Office of the Privacy Commissioner has for some time been urging agencies to give early consideration to privacy issues when considering new policies and projects. It has even published a checklist in its Privacy Essentials series (Number 3) to assist.
It doesn't go into whether in establishing a new organisation it will be covered by privacy legislation but in light of the following perhaps it should.
According to an article in today's Australian Financial Review, the Government found itself on the back-foot regarding privacy implications arising from the establishment of the Public Transport Ticketing Corporation.
With NSW years behind in integrating ticketing and fare payment systems for public transport, no one could oppose the idea of establishing a single purpose organisation to at last make this happen. However, legislation introduced in the Parliament would initially establish the corporation as a statutory body which in due course would be transformed into a State Owned Corporation.
The privacy problem is that State Owned Corporations in NSW are not subject to NSW privacy laws, except in respect of the handling of health information. Of the 16 bodies listed in Schedule 1 of the State Owned Corporations Act - the list includes, Sydney Ferries, Sydney Water and NSW Lotteries - only 1 (Integral Energy) is subject to the Private Sector provisions of the Federal Privacy Act. Some of the rest "voluntarily" agree to comply with NSW privacy law.
The (Opposition) Member for Hornsby, Judy Hopwood, raised the privacy concern in the course of parliamentary debate on 1 March 2006. It hadn't been mentioned by government speakers in introducing the Bill. The Deputy Leader of the Opposition also referred to an FOI application for documents relating to the management of the ticketing initiative which is long overdue.
The answer to the problem is simple enough; make all State Owned Corporations - including the proposed Public Transport Ticketing Corporation - subject to the Government's own privacy legislation.
Perhaps these issues will be addressed in the long overdue statutory review of the NSW Privacy and Personal Information Protection Act. The Act required the Attorney General to table the Report on the Review no later than November 2004. It is still to appear.
The Financial Review reports that the Greens plan to move an amendment in the Legislative Council that the Ticketing Corporation not be exempt from NSW privacy law.
No comments:
Post a Comment