Privacy and 'Public Registers'

Roger Clarke

Principal, Xamax Consultancy Pty Ltd, Canberra

Visiting Fellow, Department of Computer Science, Australian National University

Version of 11 May 1997

© Xamax Consultancy Pty Ltd, 1997

Available under an AEShareNet Free for Education licence

Invited Address to the IIR Conference on Data Protection and Privacy, Boulevard Hotel, Sydney, 12-13 May 1997

This paper is at http://www.anu.edu.au/people/Roger.Clarke/DV/PublicRegisters.html


Abstract

The law and practice of privacy protection law is a quarter-century old. During that time, the basic principles have become broadly accepted among advocates, regulators, and the regulated. Many areas of contention remain, however.

A particular weaknesses in some privacy regimes is the notion of a 'public register'. This paper explains the concept and its origins, and identifies examples. It then examines the impact that information technology is having, and outlines the competing public interests. Building on a survey of the law relating to 'public registers', it proposes a framework within which a balance can be sought between the public interests in access to, and protection of, personal data in such collections.

The inescapable conclusion is that any form of exemption from the privacy laws for such registers is unjustifiable. As with many other personal data collections, however, the law needs to be applied and interpreted in a manner that reflects the particular circumstances.


Contents

Introduction

Examples of 'Public Registers'

The Ravages of Information Technology

Competing Public Interests

'Public Registers' and Privacy Law

A Framework

Conclusions

References


Introduction

A significant number of collections of personal data exist that are widely accessible. A term that is commonly used to refer to such collections is 'public registers'.

Some privacy and data protection laws implicitly assume that such 'public registers' need not be protected at all, or that only very limited protections are needed. The purpose of this paper is to examine these assumptions.

It commences by identifying a range of collections of personal data that might be regarded as 'public registers'. It then considers the impacts of sophisticated information technologies, and the public interests in both open access and restrictions on access to them.

The present application of privacy laws to 'public registers' is scanned, and a framework proposed whereby an appropriate balance can be achieved among the various interests.


Examples of 'Public Registers'

A vast array of collections of personal data exist, that are contenders for classification as a 'public register'. For a compendium of collections in N.S.W., see Seaton (1986), which identifies about 50 registers of details about individuals. Remarkably, that first edition omitted a number of important instances, including driver licensing records, and telephone directories.

The New Zealand Privacy Act 1993 refers specifically to about a dozen collections, but "there are hundreds of Government registers and well over 100 of these are expressly open to public search (and information on many of the others will be available if anyone simply asks)" (Stewart 1995b. p.196).

The following sub-sections identify and provide outline information about a few of these collections, grouped according to whether the records have primarily to do with people's social roles, political life, or financial activities.

* Personal Records of a Social Nature

One of the most fundamental collections is the Register of Births, which, in British jurisdictions, dates from a statute enacted during the reign of Henry VIII (Clarke 1994b). This was originally a function of the established church, but responsibility was assumed by the State in 1837 in the United Kingdom, and later in the then colonies (e.g. in 1856 in N.S.W.). Seaton (1986, p.5) states that "Although anyone may apply for certificates or extracts, these records are regarded as confidential rather than as public records ...".

The related, but separate, Register of Adoptions, is particularly sensitive, and, although social values have changed significantly during the last few decades, the personal data in this collection continues to be very carefully protected.

Traditionally, the Registers of Marriages and Deaths are maintained by the same Registrar as for Births and Adoptions, and under similar conditions. No correlation is undertaken among these registers (although the suggestion is made from time to time); and any such undertaking would be fraught with difficulties.

Another collection of importance is the Citizenship Index, maintained by the Department of Immigration, which identifies the many people who have gained Australian citizenship through naturalisation.

A particularly comprehensive, and reasonably up-to-date, set of records about people is driver licensing records, which are maintained by motor registries in each State and Territory. In some cases, these may include entries about some people who do not hold a driver's licence, but have sought an equivalent document evidencing their identity and/or age.

The sensitive contents of traffic convictions records, and criminal records more generally, are (at least in principle) available only in very specific situations, such as to a court during sentencing procedures.

Another collection of great consequence is telephone directories, colloquially referred to as Telstra or, more generally, telco white-pages. These are published, and are accessible in hard-copy and CD-ROM formats, and, since 1996, also via the World-Wide Web. Similar though less widely-distributed directories exist for fax-numbers. For a fee, any subscriber may choose to have their details suppressed, i.e. to have 'a silent number', or be 'unlisted' or 'ex-directory'. The proportion of Australian subscribers who do so appears to have leapt from 6% in the 1970s to somewhere in the range 15-25% in the 1990s.

Local governments maintain a range of collections of data about people in their area, such as building applications, and dog licences.

Beyond these existing sets of records, new data-trails are arising in the context of the information infrastructure, including logs of email messages and of web-pages visited. One particular class which may be argued to have features akin to a 'public register' is registers of email addresses.

The protections applicable to many other collections of non-financial personal data (such as medical records and service with the armed forces) are such that they could not reasonably be regarded as being publicly accessible.

* Personal Records of a Political Nature

The Electoral Roll is a particularly important case, and needs to be treated separately. The Roll (or, more colloquially, but less accurately, 'Rolls') are available for inspection at the Australian Electoral Office, in accordance with the Electoral Act s.90.

The purpose of public accessibility of the Roll appears to be related to the need to prevent electoral fraud: by having the Roll open, any person is able to check whether particular people are registered other than in the electorate in which they live; and hence fraudulent enrolment is deterred. Evidence in support of that interpretation is provided by s.91A(1A)(b), which refers to "monitoring the accuracy of information contained in a Roll".

There has, however, been a considerable amount of 'function creep', i.e. application of the Roll to purposes for which it was not intended.

One such use is the marketing of political messages to electors. The maintainance by MPs of lists of people in their electorates may well not have been an originally contemplated purpose of the electoral roll; but at least it might reasonably be considered as a related purpose. Moreover, s.91 expressly authorises the provision of copies of the Roll to registered political parties, and s.91A(1A) expressly authorises use of data provided on tape or disk for "any purpose in connection with an election or referendum", at Commonwealth or State level, and "the performance by the Senator or member of his or her functions ... in relation to a person or persons enrolled ...".

Another function for which the Roll is used is the marketing of goods and services to consumers (through the expropriation of data from the Roll, for the purposes of addressing promotional materials to identified people at their home-addresses, rather than merely to 'the householder'). Such access appears not to be authorised, and is another matter entirely.

* Personal Records of a Financial Nature

With some qualifications, the registries that contain information related to people's personal matters are moderately closed in practice, reflecting the sensitive nature of much of the data.

Registries that contain data concerning people's economic roles tend to be less well-protected, reflecting a different balance between privacy and other, competing public interests.

Personal data collections of a primarily financial nature include:

Even in this category, however, there are some limitations on public accessibility. For example, probate indexes are public, but the details of the estate are restricted to executors and beneficiaries.

Moreover, the protections applicable to many other collections of financially-relevant personal data (such as bank records, social security data and taxation records) are such that they could not reasonably be regarded as being publicly accessible.


The Ravages of Information Technology

For various reasons, the 20th century has seen a vast increase in the 'data intensity' of relationships between individuals and organisations. For a list of data-trails that individuals leave behind them, see Clarke (1996b).

The original purposes for which 'public registers' were created were often implicit rather than being expressed in any official form, and are hence open to interpretation. In some cases, it has suited the interests of various parties to presume that the purposes were all-encompassing, and access and use accordingly completely open.

The result has been that considerable 'function creep' has occurred in respect of some collections, i.e. there are many uses for purposes that have little to do with the apparent purpose of the database.

A serious problem has arisen with the escape of data from official registers, in some cases piecemeal, but in other instances in bulk. This has involved the re-capture of, for example, telephone books, by having the data re-keyed in a low-wage country, or by scanning them and re-constituting the data using OCR (optical character recognition). It has also seen complete copies of some registers, such as driver licensing, provided to corporations, which have then applied the data to a variety of purposes.

This situation was somewhat problematical before information technology matured; but it is now exacerbated by a range of new capabilities. Most critical of these are greatly enhanced abilities to search data. Collections that were once searchable using a primary key only (such as the address of a property or the name of a telephone subscriber), can now be readily trawled, or, to apply the currently fashionable term, 'mined'.

Particular possibilities that now exists include 'reverse-searching' (e.g. by property-owner's name or telephone-number), and free-text retrieval (i.e. searching for the occurrence of a word anywhere within the database, and hence discovering references to people in other people's records). An early warning of these risks was published in Greenleaf and Clarke (1984).

The extent to which these technological capabilities are undermining conventional privacy protections is evidenced by the following examples:

To this catalogue of threats must be added the tendency of government agencies and marketing organisations to cross-reference and cross-link multiple sources of data, enabling them to infer even more than is contained within any one data collection. An example of an attempt to apply these technologies was the ill-fated Law Enforcement Access Network (LEAN) proposal ( Clarke 1992b).

Additional technological challenges are arising, which need to be confronted urgently. These include:

It is becoming increasingly untenable to dismiss warnings about consumer-profile construction and citizen-dossier creation as mere paranoia.


Competing Public Interests

This section briefly discusses the public interests in both open and restricted access, and the way in which balances among the various interests can be achieved.

* Interests in Open Access

There is a variety of interests in personal data being accessible. These appear to be at their weakest in the context of essentially social data; but stronger in relation to the electoral roll, and to financial data. The interests vary greatly in each case, however, and it is not simple to express general rules.

Some interests relate to the impossibility of performing a function unless such access is permitted (e.g. the discovery of individuals registered in the wrong electorate).

In other cases, the interest is that public access improves the efficiency of:

* Interests in Restricted Access

There is a comprehensive set of moral, psychological, social-psychological, sociological and political arguments in favour of restricted access to personal data. Among many other references, see Clarke ( 1988, 1 1994a).

Particular factors that arise in relation to 'public registers' include:

Specific examples of difficulties that have arisen in relation to vehicle registration and driver licensing registers are provided in NSWPC (1991), reproduced in Stewart (1997).

* Mechanisms for Finding Appropriate Balances

Balances need to be found between the privacy interest and other, competing interests. These balances are situation-specific rather than general, and the solutions that are appropriate to society's needs change over time.

The problem has been, and continues to be, that Australia has failed to establish the comprehensive framework within which those balances can be sought, negotiated and implemented. The few exceptions are in the Commonwealth public sector (where, despite the Privacy Act and the Privacy Commissioner, there are still some glaring weaknesses, e.g. in relation to outsourcing - Dixon 1997), in credit reporting, and in N.S.W. (which has had an energetic statutory watchdog for over 20 years, but which is essentially toothless).

A great deal of progress towards effective mechanisms will be made if and when:


'Public Registers' and Privacy Law

This section considers the extent to which these kinds of collections of personal data are protected by privacy laws. Consideration is given firstly to Australian laws, in the Commonwealth public sector, in the public sectors of the State and Territories, and in the private sector.

This author has argued elsewhere that Australian privacy laws are desperately inadequate ( Clarke 1997b), that the Australian public is very concerned about privacy ( Clarke 1997a), and that business has recognised the strategic significance of privacy ( Clarke 1996). These general arguments are not reproduced here.

The rather different position in New Zealand is then assessed, and the exhortations of the OECD Data Protection Guidelines and the Australian Privacy Charter are explained.

* Australia - Commonwealth Public Sector

Collections held by Commonwealth government agencies include the Electoral Roll, the Citizenship Register, and registers held by the Australian Securities Commission (ASC). All of these agencies are subject to the Privacy Act 1988.

The Privacy Act refers to a 'generally available publication', which is defined at s. 6 as "a magazine, book, newspaper or other publication that is or will be generally available to members of the public". That section also defines a 'record' so as to exclude a generally available publication.

There appears to be no case law or other determination that clarifies what is and is not a 'generally available publication'. In light of the propensity of Australian legislation drafting norms and court procedures to create and extend ambiguities and uncertainties, it is highly unlikely that any simple answer exists.

The term 'publication' implies the widespread availability of copies, for sale or distribution to the public. On that basis, the Electoral Roll (which can be inspected in government offices and libraries), and the Citizenship Register (which is held by the Department of Immigration) are arguably not publications.

On the other hand, some of the directories maintained by the ASC, which are searchable through value-added network operators on a user-pays basis, might or might not be regarded as 'publications'. A key question that would need to be addressed is whether a reasonably volatile database, a copy of which is searchable, but which is not browsable or printable in full, is a publication.

Most of the Information Privacy Principles (IPPs), which are expressed in s. 14 of the Act, use the term 'record' alone, and hence a generally available publication is largely exempt from the Privacy Act. (The exceptions are some aspects of the Collection Principles).

One of the Privacy Commissioner's Public Interest Determinations, No. 6, is relevant; but generally it is not clear to what extent each of the personal data collections held by Commonwealth agencies that might be argued to be 'public registers' or 'generally available publications' are subject to which provisions of the Privacy Act.

In respect of the Citizenship Register, the Department of Immigration advises that public access to records that were created after the Privacy Act 1988 is precluded by law, and that access to records that pre-existed the Act is precluded by policy, although records older than 30 years old might be accessible through the Australian Archives (personal communication, 9 May 1997).

* Australia - State and Territory Public Sectors

The majority of data collections that might be regarded as 'public registers' are the responsibility of the States and Territories.

At the date of writing, there is no significant privacy protection legislation in any Australian State. Public sector records are therefore subject only to incidental protections rather than to a comprehensive regime addressing the public's needs. In some States, Freedom of Information legislation may provide some privacy-related rights, such as access by data subjects to data about themselves. Individual statutes may to some extent clarify the nature and extent of accessibility of particular 'public registers'.

Collections such as births, deaths and marriages registers; driver licensing registers; traffic offence records; criminal records; bankruptcy records; land titles registries; professional registers; and rate-payers and dog registers; are therefore generally not subject to any explicit privacy protections at all.

Moreover, these data collections are generally not subject to the purview of any privacy watchdog agency. The honourable, long-standing (since 1975) and long-suffering exception is the N.S.W. Privacy Committee). It provides advice in relation to privacy matters, to individuals, government agencies and corporations; for example, it advises that access to the N.S.W. motor vehicle register is only available for specific purposes.

The Committee made submissions to the N.S.W. Law Reform Commission (NSWPC 1988, 1989), recommending specific refinements to the law relating to the Registry of Births, Deaths and Marriages. Contrary to the NSWPC submissions, the N.S.W. Law Reform Commission subsequently proposed that the Registers become open to all members of the public, although it failed to state what the purposes of the proposal were (NSWLRC 1989). A further submission was made to a Parliamentary Committee (NSWPC 1992). It does not appear that any further action has been taken on the matter.

* Australia - Private Sector

With some specific exceptions relating to credit reporting and use of the Tax File Number, and incidental protections through such torts as the law of confidence, there is no privacy protective regime affecting the private sector.

Collections such as the telephone, fax and email 'white pages' are therefore not subject to any explicit privacy protections at all, and are not subject to the purview of any privacy watchdog agency.

* New Zealand Public Sector

This sub-section draws heavily on the Privacy Commissioners' Fact Sheet on the matter (NZPC 1993) and Stewart (1997).

The New Zealand Privacy Act 1993 deals expressly with 'public registers' in Part VII, ss. 58-65. Under this law, the concept of a 'public register' is distinct from other kinds of 'publicly available information' such as telephone directories (Edwards 1994, p.2, in Stewart 1997). Hence the term is rather narrower in its scope than that adopted elsewhere in this paper.

Under s.60, "the agency responsible for administering any public register shall ... comply, so far as is reasonably practicable, with the information privacy principles and the public register privacy principles, [except that], where any information privacy principle or any public register privacy principle is inconsistent with any provision of any enactment, then ... that enactment shall, to the extent of the inconsistency, prevail". Hence, in respect of each particular register, some degree of ambiguity may exist. S.63 empowers the Privacy Commissioner to issue codes in relation to public registers, which may vary the applicability of the principles.

The public register privacy principles do not appear in any predecessor codes or legislation, and were inserted by the New Zealand Parliamentary Select Committee that considered the Bill. They are reproduced in Exhibit 1.

Exhibit 1: N.Z. Public Register Privacy Principles ( s.59)

Principle 1 - Search references

Personal information shall be made available from a public register only by search references that are consistent with the manner in which the register is indexed or organised.

Principle 2 - Use of information from public registers

Personal information obtained from a public register shall not be re-sorted, or combined with personal information obtained from any other public register, for the purpose of making available for valuable consideration personal information assembled in a form in which that personal information could not be obtained directly from the register.

Principle 3 - Electronic transmission of personal information from register

Personal information in a public register shall not be made available by means of electronic transmission, unless the purpose of the transmission is to make the information available to a member of the public who wishes to search the register.

Principle 4 - Charging for access to public register

Personal information shall be made available from a public register for no charge or for no more than a reasonable charge.

The motivations underlying these Principles are clear enough, but their wording fails to reflect the realities of contemporary technology; for example, in the case of some registers, the basis on which it is "indexed or organised" is clear; but in other cases interpretation difficulties arise.

Under Schedule 2 to the Act, a number of personal data collections are designated as public registers; and further collections may be added later. Those already designated include:

A further development of significance is the passage of the Domestic Violence Act 1996. This empowers a person to obtain a protection order to apply to any agency that administers a public register, requiring suppression of details of the person's whereabouts.

New Zealand's regulatory framework for 'public registers' is the most clearly elaborated such approach anywhere in the world. It recognises competing interests, and the nature of the technological threats, and seeks balances. Care does appear to be needed, however to ensure that:

* The OECD Guidelines

The OECD Data Protection Guidelines (1980) are the primary international document providing guidance to countries in relation to the protection of information privacy. They contain a well-known and respected set of Principles. Australia acceded to the Guidelines a decade ago.

The OECD Guidelines make no special exception for 'public registers' or for any other similar class of data collection. They envisage the Principles applying to collections of personal data generally.

* The Australian Privacy Charter

The Australian Privacy Charter Group is a group, established in 1992 under the Chairmanship of Justice Michael Kirby, now of the High Court, and now chaired by Janine Haines, which comprised 25 invited members with backgrounds in law, business, auditing, information technology, security, privacy, media and politics.

The Australian Privacy Charter was published in 1994. The Charter has no substantive, legal authority. On the other hand, it has attracted considerable attention from regulators, corporations and public interest advocates alike.

The Charter includes at Principle 17 (Public registers) the statement that: "Where personal information is collected under legislation and public access is allowed, these Principles still apply except to the extent required for the purpose for which public access is allowed".

* Interim Conclusion

The position in Australian law is unclear at Commonwealth level, and there is no law at State level. The OECD Guidelines and Australian Privacy Charter positions are that 'public registers' should be subject to the full force of the privacy-protective regime.

In New Zealand, 'public registers' have been expressly identified, and are expressly regulated by the privacy legislation, subject to some allowance for exigencies that may arise in particular circumstances.


A Framework

Fundamentally, the question must be asked as to why any collection of personal data whatsoever should be exempted from all, or even some, of the privacy principles.

The conclusion that arises from the preceding analysis is that there is no logical justification for special treatment for 'public registers'. Such collections should be subject to the same principles as any other collection of personal data. The particularites of their operations and accessibility should, of course, be reflected in the ways in which the principles are interpreted and applied, just as occurs with every other collection of personal data.

The key feature of such collections is the fact that individual records within the collection may be disclosed to absolutely any person, natural or legal. But disclosure is qualified, in that:

This is no different from any other database. What is different is the degree of difficulty involved in controlling abuses relating to the purpose of access.

The appropriate controls are as follows:

The reasonableness of measures to test purposes of access have to be decided in respect of each particular collection. Electoral Commissioners and their staff will be quite gentle in their quizzing of applicants for access (because of sensitivities about the democratic process); and so will Registrars of Births, Deaths and Marriages (whose role is quite explicitly to facilitate access to data and the provision of certificates, not to build bureaucratic barriers). Nonetheless, each must have the capacity and responsibility to deny access when they reasonably believe that an applicant's purposes are not appropriate.

To the extent that orthodox privacy protections do not apply to 'public registers', it is essential that measures be implemented to provide protections for individuals who are likely to be subject to threats to their safety.

The implications of this framework for consumer marketing organisations may be considerable. There has long been a presumption that corporations have a right of access to and use of whatever personal data they can acquire, for whatever reasons they see fit, subject only to explicit laws to the contrary.

A change has been in progress for some time now. Corporations are hoping to hold the line, such that they will retain (and even entrench) this privileged position. They hope to achieve this in return for, at worst, a responsibility to provide 'opt-out' mechanisms, whereby the express wishes of a person that does not want their data expropriated and used (or at least does not want their data used to market to them) are to be respected.

Whether this will be sufficient to placate the swelling public concerns is not clear. If consumer rights are to be respected, then the appropriate approach is 'opt-in' arrangements, i.e. informed and free consent by each individual to extrinsic accesses by organisations to data about that individual.


Conclusions

There has to be serious doubt as to whether such a concept as 'public register' has any place in the lexicon of privacy protection.

All collections of personal data should be subject to the generally-accepted privacy principles.

Those principles should be drafted and administered in such a way that the manifold complexities of human and business life can be accommodated, and appropriate balances among conflicting interests found in respect of each collection and each would-be accessor.

This may force many organisations, in both the public and the private sectors, to seek explicit legislative authority for particular kinds of access, or consent from the data-subject.

That kind of public visibility, public justification and consequent public debate, are precisely what is necessary for society during a period in which sophisticated information technologies are enabling enormously intrusive uses of personal data.


References

General Sources on Privacy
http://www.anu.edu.au/people/Roger.Clarke/DV/">http://www.anu.edu.au/people/Roger.Clarke/DV/

Publications

Clarke R. (1988) 'Information Technology and Dataveillance' Commun. ACM 31,5 (May 1988). Republished in C. Dunlop and R. Kling (Eds.), 'Controversies in Computing', Academic Press, 1991', at http://www.anu.edu.au/people/Roger.Clarke/DV/CACM88.html

Clarke R. (1992a) 'The Resistible Rise of the National Personal Data System' Software Law Journal 5,1 (January 1992) , at http://www.anu.edu.au/people/Roger.Clarke/DV/SLJ.html

Clarke R. (1992b) 'LEAN Times Ahead?' Policy, 8,2 (Winter 1992) 55-57, at http://www.anu.edu.au/people/Roger.Clarke/DV/PaperLEAN.html

Clarke R. (1993) 'Profiling: A Hidden Challenge to the Regulation of Data Surveillance', Journal of Law and Information Science 4,2 (December 1993), at http://www.anu.edu.au/people/Roger.Clarke/DV/PaperProfiling.html

Clarke R. (1994a) 'Dataveillance: Delivering '1984'', in Green L. & Guinery R. (Eds.), 'Framing Technology: Society, Choice and Change', Allen & Unwin, Sydney, 1994, at http://www.anu.edu.au/people/Roger.Clarke/DV/PaperPopular.html

Clarke R. (1994b) 'Human Identification in Information Systems: Management Challenges and Public Policy Issues' Information Technology & People 7,4 (December 1994) 6-37, at http://www.anu.edu.au/people/Roger.Clarke/DV/HumanID.html

Clarke R. (1996a) 'Privacy and Dataveillance, and Organisational Strategy', Proc. Conf. I.S. Audit & Control Association (EDPAC'96), Perth, 28 May 1996, at http://www.anu.edu.au/people/Roger.Clarke/DV/PStrat.html

Clarke R. (1996b) 'Trails in the Sand', at http://www.anu.edu.au/people/Roger.Clarke/DV/Trails.html

Clarke R. (1997a) 'What Do People Really Think? MasterCard's Survey of the Australian Public's Attitudes to Privacy', Privacy Law & Policy Report 3,9 (January 1997) ', at http://www.anu.edu.au/people/Roger.Clarke/DV/MCardSurvey.html

Clarke R. (1997b) 'Flaws in the Glass; Gashes in the Fabric', Symposium on 'The New Privacy Laws', Queen Victoria Ballroom, George St, Sydney, 19 February 1997 ', at http://www.anu.edu.au/people/Roger.Clarke/DV/Flaws.html

Dixon T. (1997) 'Privacy laws: why they're a must for the public good', Opinion Piece, The Sydney Morning Herald, Tuesday April 29, 1997, p.19, at http://www.anu.edu.au/people/Roger.Clarke/DV/Outsourcing.html

Greenleaf G.W. and Clarke R. (1984) 'Database Retrieval Technology and Subject Access Principles' Austral. Comp. J. 16,1 February, 1984

Greenleaf G.W. & Clarke R. (1997) 'Privacy Implications of Digital Signatures', IBC Conference on Digital Signatures, Sydney, 12 March 1997, at http://www.anu.edu.au/people/Roger.Clarke/DV/DigSig.html

NSWLRC (1989) 'Names: Registration and Certification of Births and Deaths' N.S.W. Law Reform Commission, Sydney, 1989

NSWPC (1988) 'Registration and Certification of Births and Deaths' N.S.W. Privacy Committee, Submission to the N.S.W. Law Reform Commission, 28 February 1988

NSWPC (1989) 'Privacy Issues Relating to the Births, Deaths and Marriages Registry' N.S.W. Privacy Committee, Comment on the N.S.W. Law Reform Commission Report on 'Names', October 1989

NSWPC (1991) 'Privacy and Data Protection in N.S.W.: A Proposal for Legislation', N.S.W. Privacy Committee, Sydney, 1991, p.15

NSWPC (1992) Submission to the N.S.W. Parliamentary Standing Committee on Social Issues, N.S.W. Privacy Committee, Sydney, 25 June 1992

NSWPC (1994) 'Submission to the N.S.W. Government Select Committee on the Privacy and Data Protection Bill 1994', N.S.W. Privacy Committee, Sydney, July 1994

NZPC (1993) 'Fact Sheet No. 4: Public Register Privacy Principles', New Zealand Privacy Commissioner, July 1993, at http://io.knowledge-basket.co.nz/privacy/facts/fact4.htm

OECD (1980) 'Guidelines on the Protection of Privacy and Transborder Flows of Personal Data' OECD, Paris, 1980, at http://www.anu.edu.au/people/Roger.Clarke/DV/OECDPs.html

Stewart B. (1995a) 'Public Registers and Profiling' Privacy Issues Forum, Wellington, 29 June 1995, pp. 183-190, in Stewart B. (1997)

Stewart B. (1995b) 'Public Registers and Personal Safety' Privacy Issues Forum, Wellington, 29 June 1995, pp. 193-199, in Stewart B. (1997)

Stewart B. (1997) 'A Compilation of New Zealand Materials in Relation to Public Register Privacy Issues' N.Z. Privacy Commissioner, January 1997

Seaton G. (1986) 'Directory of Registers and Records in New South Wales' Longman Professional, 1986

Legislation

Australian Privacy Act 1988, at http://www.austlii.edu.au/do/sinodisp.pl/au/legis/cth/consol_act/pa1988108/index.html

New Zealand Privacy Act 1993, at http://www.knowledge-basket.co.nz/privacy/legislation/legislation.html

NewZealand Domestic Violence Act 1996


Acknowledgements

I express my thanks to Stewart Blair of the office of the New Zealand Privacy Commissioner, John Gaudin of the office of the N.S.W. Privacy Committee, and Nigel Waters of the office of the Commonwealth Privacy Commissioner, for assistance provided during the preparation of this paper; and to Graham Greenleaf, Andrew Mowbray, Geoffrey King and their team at the Australian Legal Information Institute for making legislative research dramatically simpler.


Navigation

Go to Roger's Home Page.

Go to the contents-page for this segment.

Send an email to Roger

Created: 15 January 1997

Last Amended: 11 May 1997; addition of FfE licence 5 March 2004


These community service pages are a joint offering of the Australian National University (which provides the infrastructure), and Roger Clarke (who provides the content).
The Australian National University
Visiting Fellow, Faculty of
Engineering and Information Technology,
Information Sciences Building Room 211
Xamax Consultancy Pty Ltd, ACN: 002 360 456
78 Sidaway St
Chapman ACT 2611 AUSTRALIA
Tel: +61 2 6288 1472, 6288 6916