Penny Wright (SA, Australian Greens) Share this | Link to this | Hansard source

I rise to speak on the Privacy Amendment (Enhancing Privacy Protection) Bill 2012. The Australian Greens support the aims and objectives of this bill, in particular the unification of the National Privacy Principles and the Information Privacy Principles into the new Australian Privacy Principles that apply to both Commonwealth agencies and private sector organisations.

The bill amends to the Commonwealth Privacy Act 1988. It has been developed following numerous reviews and inquiries, which have included significant consultations with stakeholders. However, as was pointed out during this inquiry process, the reforms have been a long time coming. For example, this is the first major reform to credit reporting since its introduction in the 1990s. While there was majority support for the contents of this bill amongst stakeholders, some concerns were expressed that although the bill did improve on the current position—that is because it is an important step towards that goal of harmonisation and simplification—it could not necessarily be said that it was an enhancement. Indeed, during the Senate committee inquiry into the bill three different stakeholders expressed some concerns that this bill was a missed opportunity and it did not go far enough in either streamlining provisions or in providing consumers and citizens with better protections.

Changes to Australian law to modernise, strengthen and streamline privacy and credit reporting provisions are important. In doing this we need to be careful that we strike the right balance between privacy rights and the free flow of information. The Australian Greens strongly support the strengthening of Australian law to ensure enhanced compatibility with our obligations under international human rights law. As a signatory to the International Covenant on Civil and Political Rights, the ICCPR, Australia has an obligation to promote and protect the right to privacy. Indeed, article 17 of the ICCPR provides that:

1. No one shall be subjected to arbitrary or unlawful interference with his—

And I use that word advisedly; it is slightly anachronistic—

privacy, family, home or correspondence, nor to unlawful attacks on his honour and reputation.

2. Everyone has the right to the protection of the law against such interference or attacks.

In signing up to the ICCPR Australia has agreed to take all the necessary steps to respect, protect and fulfil human rights.

We agree with the findings and recommendations made in the committee report, and we made some additional comments directed at improving consumer protection and privacy rights. We acknowledge that the government has agreed to implement many of those changes and is putting forward amendments today. However, we feel that a couple of additional changes should be made to improve consumer protections. I will turn to these now.

In relation to proposed paragraph 6Q(1), the Australian Greens would have preferred to go further than what was recommended by the Senate committee. We are of the view that a default listing should not occur until at least 30 days after a default notice has been given. In practical terms that gives a borrower sufficient time to receive the notice, which may be subject to the vagaries of the post, contact the credit provider and/or try to rectify a default before a listing can be made, and is consistent with other credit laws. This recommendation was made in the inquiry by the Consumer Credit Legal Centre NSW. The Consumer Credit Legal Centre submitted that the current provisions in the bill essentially enabled a credit provider to list a default immediately after issuing written notice to an individual, and submitted that this is procedurally unfair as it is the notice that is important in notifying the consumer that there actually is a default. It is more than possible to be unaware of the default simply because there was a bank error in direct debits—that is given as an example.

The Consumer Credit Legal Centre has significant expertise in providing consumer assistance advocacy and representation. It sees how these sorts of legal provisions work in practice and how they can impact on, particularly, vulnerable Australians. I think it is important that we respect this expertise and on-the-ground knowledge, which often speaks on behalf of consumers. The Consumer Credit Legal Centre recommended that the bill should be amended to require 30 days to have elapsed from the date of the written notice, before listing can occur, to avoid unintended and unfair consequences.

The submission of the Australian Communications Consumer Action Network also suggested that a listing should not occur until the credit provider has made 'reasonable attempts' to contact the debtor and has provided a specific warning regarding the default listing.

We recognise the practical reality for consumers who face financial strain, and we think that it is important they are provided with sufficient notice about overdue payments and the consequences of failing to pay such overdue payments. For this reason we support the recommendation by the Consumer Credit Legal Centre that the bill should be amended to require 30 days to have elapsed from the date of the written notice, before a default listing occurs. For that reason the Australian Greens will be moving an amendment to that effect.

We also support he recommendations made by consumer advocates that the threshold minimum amount for which a consumer credit default listing can be made should be increased. During the Senate committee inquiry stakeholders also suggested that the threshold overdue amount that gives rise to a default listing was unrealistic. The Energy and Water Ombudsman NSW, the Australian Communications Consumer Action Network and the Consumer Credit Legal Centre advocated for increasing the overdue amount from $100 to $300. The purpose of increasing the threshold overdue amount is to exclude small utility bills from the adverse consequences of credit listing. It also recognises increases in costs of living over recent years.

The Australian Greens agree that there should be an amendment to reflect recent changes in the cost of living and we suggest that the threshold amount be changed from $100 to $150. We also note that there is provision in the bill for a higher amount to be prescribed by regulation, which provides flexibility in responding to consumer concerns and cost-of-living increases down the track when $150 is not sufficient. However, we think that this minor change goes some way towards a more realistic situation. We feel that these changes will improve consumer protections in the Privacy Act.

During the inquiry process we noted that some concerns were raised by consumer advocates that the amendment to the definition of 'serious credit infringement' would not address the serious problems that this definition currently creates. As serious credit infringement is, apart from bankruptcy, the most serious type of listing that can be made—and it will ordinarily remain on a credit report for seven years—it is very significant and has substantial ramifications for individuals. For these reasons, consumer advocates such as the Consumer Action Law Centre, considered that it is essential that such listings are proportionate to the type of credit infringement and are accurate and based on clear evidence. The Consumer Action Law Centre, CALC, expressed concerns with the amendment to the bill that requires that a serious credit infringement cannot be listed unless six months has elapsed since the credit provider last had contact with the debtor. It appears that the intent of this change is to ensure that credit providers attempt to make contact with the debtor so as to avoid an incorrect listing. By its intent, the amendment seeks to enhance consumer protections. However, as CALC points out, there is no guarantee that this amendment will achieve its purported aim as the credit provider is not required to be proactive and attempt to make contact. The only requirement is that the credit provider waits six months before listing a serious credit infringement.

CALC referred to a previous submission by consumer advocates and recommended that the definition of 'serious credit infringement' should be replaced with two new definitions: 'uncontactable default' and a 'never paid flag'. The Australian Greens gave serious consideration to this stakeholder recommendation. We considered it in detail in our additional comments and raised it with the government. However, we are not satisfied that the recommendation could be adequately implemented so as to take into account instances where there was intentional fraud, and we were of the view that, practically speaking, it was not appropriate to remove the fraud from the definition of 'serious credit infringement'. We do however understand the concerns raised by stakeholders and we will endeavour to follow up with them as to how this could be reconsidered in the future.

Finally, we note that, during the inquiry process, significant concerns were raised by the Australian Privacy Foundation and the Consumer Credit Legal Centre regarding the lack of determinations that have been made under section 52 of the act. As a result of this history, the Australian Privacy Foundation, the APF, is apprehensive about the effectiveness of new reform under section 96, which provides a right of appeal to the Administrative Appeals Tribunal against decisions by the commissioner to make a determination of a complaint under section 52(1) or 52(1A). In its view, this new right of appeal is of little use unless complainants can require the commissioner to make formal decisions under section 52 of the act. It recommends that the Privacy Commissioner should be required to make a determination under section 52 wherever a complainant so requests and for complainants to be informed that they are entitled to such a formal resolution of their complaint.

The Australian Law Reform Commission, the ALRC, in its Report 108: for your information: Australian privacy law and practice,made a similar recommendation in 2009. The Office of the Australian Information Commissioner provideda supplementary submission to the inquiry and noted that the government specifically rejected the recommendation of the ALRC in 2009 on the ground that, as an independent statutory officer, the Australian Information Commissioner should be responsible for exercising the administrative decision-making powers under the Privacy Act. We understand the tension here and the importance of promoting and respecting the independence of the OAIC, the Office of the Australian Information Commissioner, and we believe that it would be prudent for the government to reconsider this matter and conduct a review of the functions and powers of the OAIC in relation to its system for managing complaints, conciliations and determinations. In our additional comments to the Senate committee, we recommended that, 12 months after the enactment of the bill, the government should conduct a review into the effectiveness of the OAIC's system for managing complaints, conciliations and determinations because, if there is a right to appeal against a determination but no determination is made, essentially there is no right of appeal.

The Australian Greens take an interest in ensuring that the privacy rights of Australians are adequately promoted and protected and we will be monitoring the impact and effectiveness of this bill when it becomes law. While we have some concerns with this bill, overall we feel that it improves and streamlines privacy laws and we support its passage. We note that the government is introducing some amendments which respond to many recommendations put forward by the Senate committee and we will be putting forward our own amendments. On this basis, we support the passage of this bill.

Nick Xenophon (SA, Independent) Share this | Link to this | Hansard source

I indicate my support for the Privacy Amendment (Enhancing Privacy Protection) Bill 2012, with amendments. I believe it makes a number of important and necessary changes in relation to privacy law in Australia. However, I would like to express my concerns in relation to the credit reporting provisions in this bill. I agree that Australia needs a strong and robust credit reporting system. I know that some organisations have concerns about privacy in relation to disclosing credit history and I believe there must be checks and balances in place to address those concerns. But we need to remember that credit reporting forms an important role in our banking and finance sector. It gives credit providers the information they need to make informed decisions about risk. We do not want to see greater risk in this area, particularly in the current financial climate.

I am very concerned about the fact that lenders mortgage insurers have not been included in the parties allowed access to credit history information with respect to this bill. Lenders mortgage insurance has been part of the Australian housing and mortgage market since the 1960s. Insurers offer protection to lenders if a borrower defaults on their loan, and the insurance products are usually required where borrowers have contributed less than 20 per cent of the purchase price as a deposit.

This insurance means that lenders have a safeguard in place and it also means that they have the flexibility to allow borrowers to rectify the loan in cases of default.

So, lenders mortgage insurance is a critical part of the housing market and it is a critical part of finance in this nation, and without it housing would be less affordable and fewer Australians would be able to have access to that finance. Overall, the insurers provide a level of protection and security to the market. They also act as an additional level of scrutiny by assessing risk in terms of loan conditions and credit history. It is simply not in the insurer's best interest to cover high-risk loans, given that they bear the risk of borrowers defaulting on their loans.

Lenders mortgage insurers currently have access to credit reporting information. I understand the need for privacy protection in these circumstances, but I am concerned that it will come at the cost of overall increased risk in this area. I know that there is the possibility for lenders to pass on that information to insurers under the bill. I believe that this is not good enough; it should not be up to mortgage insurers, who bear their own risk and who have their own financial structures and models, to rely on a third party to pass on information. Insurers need access to independent, accurate information, such as credit reports, firsthand.

There are also concerns that this will lead to lenders acting as gatekeepers of such information and choosing to insure the low-risk loans themselves, leaving only the higher risk loans for independent insurers. That is untenable in the impact it would have on the market. There are also further concerns that with this increase in self-insurance, lenders may take greater risks themselves or not make appropriate allowances to cover debts. The likely outcome of this in the long term is less choice, and worse, for consumers as insurers fold under the strain of covering high-risk loans. It is important to note that in similar jurisdictions, such as Canada, which operates in a similar regulatory system, insurers have direct access to credit-reporting information.

Lenders mortgage insurance is regulated by APRA, and there are currently specific controls on how credit-reporting data can be used. Insurers are also licensed under consumer credit protection laws and regulated by ASIC. There are multiple reasons why providers of lenders mortgage insurance should be granted access to credit-reporting information. To this end, I have had some very useful discussions with Senator Brandis and his office, the Australian Greens and Senator Williams in relation to this, and that is why I have circulated an amendment in the names of a number of parties in order to rectify this. I understand that the government will be moving its own amendments in relation to this to deal with the same issue, and that is welcome. I really query why it had to come to this, but I do welcome any changes that will rectify what is a glaring anomaly in respect of mortgage insurers.

So I look forward to discussing this amendment further in the committee stage, but it is a problem that must be fixed. With that caveat, I support this legislation.

Joe Ludwig (Queensland, Australian Labor Party, Minister for Agriculture, Fisheries and Forestry) Share this | Link to this | Hansard source

I would like to thank senators for their contributions to this debate. I would also like to put on the record my thanks to the Senate Legal and Constitutional Affairs Legislation Committee for its report and detailed work in considering this bill.

The Senate committee made 21 recommendations. The government has accepted 20 in full or in principle, and has noted the final recommendation, which calls on the Senate to pass the bill. The Senate committee has asked that a number of issues be addressed through amendments to the bill and in the revisions to the explanatory memorandum.

I foreshadow that opposition senators have also sought revisions to the explanatory memorandum and review of certain provisions. The government has carefully considered these requests and agreed to them. These changes will result in privacy laws that balance more appropriately the privacy of individuals and the legitimate activities of government agencies and the private sector.

The bill is ultimately the culmination of an extensive process of consultation with stakeholders and, of course, scrutiny by this parliament. It will implement more than half of the Australian Law Reform Commission's 295 recommendations. The bill will bring Australia's privacy regime into the digital age, reflecting our new approach to providing personal information over the internet. In particular, consumer privacy protection will be strengthened; and can I add that the Commonwealth Privacy Commissioner will also have the power to get an enforceable outcome—an apology, a retraction, a takedown notice or compensation from a court. The commissioner will be able to apply to the courts for a civil penalty, and there are new civil penalties for serious repeated breaches of privacy, for which companies may be liable for a significant penalty.

In dealing with this bill in the summing-up stage, can I then say that the bill contains what this government considers the most significant reforms to privacy law since Labor introduced the act in 1988. They are long-overdue reforms that will give effect to key aspects of the ALRC's landmark report on privacy in Australia. I take this opportunity to thank the numerous stakeholders, from the industry associations to the law reform and privacy advocates, and also those opposite and on the cross benches, for the detailed discussions, arguments and feedback to finalise this bill before parliament.

In conclusion, I add that I am confident that we have struck the right balance in privacy law for Australia in this bill. I commend the bill to the Senate.

Question agreed to.

Bill read a second time.