Mr ROBERT BROWN (11:29 AM) —I am pleased to join this debate to assist in reinforcing the concerns which are being expressed by my colleagues in the opposition about the inadequacies of the Privacy Amendment Bill 1998 and, as well, to express our concern that there is absent from this legislation provisions which quite clearly and firmly had been part of undertakings given by the present government, particularly by the present Prime Minister (Mr Howard), prior to the last election.

The Privacy Act, which this legislation proposes to amend, was enacted in 1988, which of course means that it was a Labor initiative. The act at present provides privacy provisions which relate only to Commonwealth government agencies and agencies of the Australian Capital Territory. In addition to those which are the primary purpose of the act, the privacy provisions also relate to or extend into a number of other areas, including for example tax file number information, consumer credit information and more recently it was amended to apply to contracted case managers for the long-term unemployed.

This amending legislation is designed to ensure that the privacy provisions also extend to contractors who enter into arrangements with Commonwealth agencies, but our chief concern is that it does not honour an undertaking that was given by the Prime Minister to extend the provisions of the Privacy Act, modified and amended as they may need to be, to deal with questions of privacy within the private sector itself. An interesting thing about this is that the government's own explanatory memorandum provides in large part the case for an extension to the private sector.

The explanatory memorandum refers to three possible options in dealing with the circumstances to which this amending legislation relates. Option 2 suggests that the circumstances of contracting arrangements with Commonwealth government agencies could be dealt with by self-regulatory measures. We need to keep in mind the fact that the intention of the government is to leave private sector privacy considerations to precisely self-regulatory measures, but in this legislation the government, in its explanatory memorandum, says what some of the costs of this approach will be. It says that, for business, there will be compliance costs. If these contractors to whom this amending legislation relates were left to self-regulate privacy requirements, it says those compliance costs would be involved in `designing and implementing systems and procedures'. That is precisely the problem which will be experienced by the private sector because the private sector is not part of these provisions. It says what some of the costs will be for the community and says that `there may be inconsistencies between standards'. By excluding the private sector and leaving the private sector to self-regulate, there will be inconsistencies between standards. It also says, `The Privacy Commissioner would have no jurisdiction over the acts or practices.' That is precisely the situation in which the private sector will continue to find itself.

Option 3 applies the Privacy Act to contractors supplying services to the government, that is, applying this act which we are now in the process of amending. The government says in relation to that, as among the benefits, to do that `would achieve certainty and consistency'. We say yes, it would. Extend it then to the private sector in order to achieve certainty and consistency. It says that it would apply `the same standards'. We say yes, indeed it would, so apply it to the private sector. It says it would involve `the same consequences'. Yes, it would, so apply it to the private sector. It says, `Any administrative costs . . . would be certain and quantifiable . . . ` Yes, they would, so apply it to the private sector. Do not exclude the private sector. In relation to businesses themselves, it says, `Contractors would have clear consistent standards . . . ' Yes, they would, so apply it to the private sector. In addition, it says those standards `would be known to be acceptable to government'. Yes, they would.

In the face of the fact that the government promised to apply the provisions of the Privacy Act to the private sector, and the fact that it here provides arguments in support of that approach, why then does it repudiate it? I will make some suggestions further on about why I feel it has repudiated it. As far as the community is concerned, it says as well that option 3 is to apply the Privacy Act to contractors and for the community the benefit would be that `The Privacy Commissioner would have jurisdiction'. Yes it will. If it were applied to the private sector generally, then the Privacy Commissioner would have jurisdiction there. So as I say, in the government's own publication, the explanatory memorandum, the government makes out a case in favour of it acting where it promised to act but has failed to act.

I said that the legislation, as it was enacted in 1988, was a Labor initiative. The provisions within the act are based on the Organisation for Economic Cooperation and Development guidelines of 1980 on the question of protecting privacy, and Australia is a signatory to those principles. I said that the government had repudiated its own pre-election position. After that pre-election commitment to extend the privacy regulation to the private sector, the Attorney-General (Mr Williams) then announced in September 1996—a few months after the government came to office—that the government would be legislating to extend the Privacy Act to the private sector as it had undertaken to do in opposition. Then, in March 1997, the Prime Minister announced that the government would not legislate to extend the Privacy Act to the private sector. Presumably, that was another non-core promise.

What happened between the time when the Prime Minister, speaking on behalf of the coalition, which was then in opposition, and March 1997 to cause the government to suddenly decide that there was no need for any government intervention in the private sector to ensure that Australian citizens would have their privacy protected? Was it to advantage 18 million Australians who could have had their privacy protected? I think not.

Who may have been advantaged by that reversal, that repudiation of a firmly adopted former position? If it is not 18 million Australian citizens, who are the other parties to that? Private business? Why then did private business prefer that no protection be imposed by the government in terms of the types of provisions which exist within the existing Privacy Act? Why did they decide that they would be better off being excluded from those requirements? In what way was pressure brought to bear on the government to repudiate its former position?

Of course there are going to be suspicions surrounding that issue—and, by the way, I am not suggesting for a moment that it implies any corruption, but obviously there would have been pressure, discussions, negotiations, understandings reached between prominent organisations and operatives within the private sector and the government to bring about that change.

Our concerns are contained in the second reading amendment that was moved by the member for Banks (Mr Melham), who represents the shadow Attorney-General in this House. I referred to the government's failure to keep its election promise; that is the first item to which we have drawn attention in our second reading amendment. The second item includes a reference to possible damage to the trading prospects of many Australian firms, particularly those trading with the European Union, unless suitable types of private sector privacy provisions are put in place.

The business sector itself needs to be perfectly aware of this fact and of this danger. They are the ones whose position can be prejudiced as a result of inadequate provision being made within privacy legislation for the private sector. There is a threat by the European Union that it will not trade with countries that do not have strong privacy laws. On Thursday, 17 April 1997, the AM program dealt with the concern about Privacy International, which is a private sector organisation concerned about privacy matters. Privacy International threatened to push for the European Union to impose economic sanctions on Australia after Europe's privacy laws came into effect in October last year. So Australia needs to give serious consideration to the circumstances and the possible dangers to which it leaves itself open as a result of a failure to move in this area.

In Lateline, on 17 April last year, reporters Bronwen Reid and Maxine McKew made a number of comments. In her introductory comments, after referring to some of the excesses of privacy invasion of individuals, Maxine McKew said:

Now, this trend so alarmed the Federal Coalition that in the lead-up to the 1996 election it promised a major extension of privacy legislation. Twelve months on that promise has been broken. After furious lobbying from some sections of business, the Government agreed that any extension to the current legislation would be costly and unnecessary. It was a smack in the eye for Attorney-General, Daryl Williams, who'd supported change, and it outraged privacy campaigners.

Now they've found a major ally in the European Union. The EU has issued an ultimatum to all countries, including Australia, that it will not trade with them if they do not have strong privacy laws. For many of our major companies, this could effectively become a trade embargo.

In the same program, Bronwen Reid said:

Companies wanting to trade in Europe's common market first have to show they can protect personal data. They must demonstrate that they can be trusted with the vast rivers of information on citizens so routinely collected, stored and traded. It sounds abstract, but the Europeans recognised that in the course of daily life citizens impart enormous amounts of personal information.

That was spelt out then. Now, in this month of this year this legislation is coming here, legislation which leaves Australia and Australia's overseas trading and business interests seriously exposed. I have already referred to Privacy International. Simon Davies is head of that watchdog group. During that Lateline program, he said:

This isn't a national issue at all. The information market is a global market. What affects one country affects another country. So if, for example, my data is accumulated in, say, France, it can find its way and will find its way to the United States or Australia. So this is an issue which affects all citizens globally, and what we've sought for many years, and almost achieved, is a harmonious global set of rules. And all we're doing is calling on Australia to agree to that harmony.

If we fail to do so, we need to know the reasons for that. We need to know what the motivation is behind it. I also refer to an article in the Sydney Morning Herald on Wednesday, 17 December 1997. This was a joint article by Tony Vinson, who is Emeritus Professor of Social Work at the University of New South Wales and Director of Research at the Uniya Jesuit Social Justice Centre, and Karl Langheinrich, who is a social work student. When they were dealing with questions of surveillance standards, privacy and so on as part of that article, they said:

The onus should not be placed on individuals whose rights are infringed to defend them. Rather, it should be placed on those who violate the right to privacy to defend their actions.

That is where governments have a responsibility, particularly national governments with their national responsibilities. They went on further to say:

. . . there must be sanctions for the breach of the standards and a confirmed regulator in the form of a Privacy Commissioner to ensure the application of the standards.

Because, obviously, without having such a responsibility with such a commissioner, there is no guarantee that those types of obligations on the part of the private sector would be honoured.

I know that one of my colleagues referred to Moira Scollay, the federal Privacy Commissioner. Ms Scollay addressed the National Medico-Legal Conference in Sydney in February this year. I know that some of her claims were disputed, but I leave it to others to judge whether or not they are plausible. She told the conference:

. . . once current research mapping all 100,000 human genes is completed, there will be `enormous financial pressure'—

financial pressure; business pressure—

on the life insurance industry to discriminate on the basis of people's genetic make-up.

She said:

They already do, . . .—

You see there is a difference between the premiums charged for males and females based on their expected longevity. She also said:

Genetic testing would raise issues within families about who should be tested and who should be told the results, `particularly if there are then financial benefits or disincentives accruing as a result of that knowledge', . . .

There are matters of extreme importance, extreme community, cultural, social and personal importance in the whole question of the explosion of modern technology which make possible serious intrusion into the privacy considerations of individuals. There is an urgent and growing requirement, an absolute necessity, for governments, which are the only authorities with national responsibilities of the kind that should be brought to bear on questions like this, to respond to them. To just say that this is an area where self-regulation is sufficient, is simply not adequate. (Time expired)