Caslon Analytics elephant logo title for Aust Privacy profile
home | about | site use | resources | publications | timeline   spacer graphic   Ketupa





1988 Act

other law

2000 Act
















cases 1

cases 2


related pages icon




related pages icon
& Notes:


& Cyberspace





100 Points

section heading icon     entertainment venues

This page considers privacy in entertainment venues, such as pubs, clubs and sports complexes.

It covers -

subsection marker icon     introduction

Public and private entertainment venues do not automatically and comprehensively fall outside national or state/territory privacy legislation.

The operators of Australian entertainment venues can accordingly seek identification of potential patrons as a condition of entry, with collection and handling of that personal data occurring within frameworks provided by the legislation.

Operators are also subject to law in relation to surveillance of individuals within the venue, for example covert/overt video surveillance in toilets, concourses and lifts.

The expectations of operators and of consumers vary, with some club and hotel patrons for example asserting that federal law (or even the Australian Constitution) prohibits an operator's demand for provision of a proof of identity or that it is necessarily illegal for the operator to scan that identity document.

A discussion of age verification systems features here.

subsection marker icon     entry

As with the 'workplace' and retail privacy regimes noted in the preceding page of this profile, audiences do not have a comprehensive right of access to any entertainment venue. (National and state/territory anti-discrimination law bounds differential access, for example inhibiting refusal of entry on the basis of ethnicity.)

The owners and/or operators of venues can require some indication of identity as a prerequisite for authorised entry to spaces such as -

  • restaurants
  • nightclubs
  • hotels
  • football and other social clubs
  • casinos
  • theatres
  • sports facilities such as a pool, racetrack or stadium.

Some venue operators are less concerned than others and identification often consists simply of carrying a ticket of entry, a document that may be underpinned by specific conditions.

Other operators are required to ascertain a potential entrant's eligibility. That eligibility might involve determining that the individual meets a statutory proof of age test, for example bears a driver's licence or discrete proof of age card and therefore satisfies obligations placed on the venue operator under state alcohol licensing law.

Some organisations have gone beyond identity checking to satisfy government requirements and have used personal identity documents as a form of audience management, for example excluding patrons from repeat visits on the basis that an individual has misbehaved in the past. Such blacklisting is analogous to the motel blacklists discussed elsewhere on this site. Others have selectively sought verification of identity to inhibit ticket scalping.

Venue operators have similarly sought to collect data to cut costs (eg automate screening by bouncers in queues for nightclubs), as the basis for 'stealth' customer loyalty programs (eg unauthorised mailshots to customers) or even egregious abuses such as selling data to third parties.

One mechanism has been digital copying of 'proof of identity' documents, either through a 'front desk camera' or a proof of ID scanner. That copying has sometimes been supplemented by issue of venue-specific identity passes or even by biometric systems such as thumbprint scanning.

Commercial ID scanning systems are being actively marketed in Australia and overseas. One vendor for example touts a solution with attributes that include -

  • Immediately alerts to under-age and banned customers
  • Share your banned customers with other venues automatically
  • Builds an accurate and precise database
  • Creates doorman nightly report
  • Photo gallery of customers
  • Graphic demographic reports
  • Average age
  • Male/Female ratios
  • 700 + scans per hour will not hold up your queue
  • Amazing marketing tool
  • Automatically produces address labels
  • Saves money and your license
  • Customer frequency report

Uptake of that technology and misuse by venue operators or third parties is unclear.

subsection marker icon     issues and responses

Some consumers, privacy-savvy or otherwise, appear to be indifferent to copying. Others have expressed concerns that include -

  • unhappiness that identity information is being captured per se
  • fear that information will be provided to criminals (eg used to alert burglars that a patron is at the venue and thus unlikely to interrupt a robbery)
  • wariness about the security of the data
  • lack of information about the venue's data handling practice
  • uncertainty about whether information is being provided to third parties
  • uncertainty about whether the venue operator and associates are integrating the captured data with other information for internal use or provision to another organisation.

There has not been a comprehensive study by government agencies or other entities regarding consumer perceptions and actual venue practice. Operators typically appear to rely on the argument that scanning is a condition of entry to the particular venue, a condition freely accepted by a patron who can choose another venue that does not require data capture.

One twenty-something nightclubber thus said "it's fine ... I surrender my privacy when I go through the door. If that's the price I pay to be hot, its fine". A response is that habituation of venues and consumers will presumably encourage proliferation of scanning systems, reducing the number of alternative venues that do not require image capture as a condition of entry.

The Office of the Federal Privacy Commissioner (OFPC) has not moved beyond exhortation. In 2007 for example it indicated that

This practice can, however, create significant privacy risks and could undermine customers' trust in the business. In some cases, customers may choose not to do business with that organisation.

This Office's Community Attitudes to Privacy 2007 survey found only 18% of individuals surveyed felt it was acceptable for identification documents to be copied in order to obtain entry into licensed premises.

The OFPC advised that a venue operator may only scan patron identity documents if that is "necessary" for its "functions or activities", although offering little guidance on what is "necessary" and appropriate. It suggests that in the first instance organisations should consider whether identification is required and, if so, whether simply sighting a 'proof of identity' document without scanning it would be sufficient.

Organisations that use scanning technology must comply with the National Privacy Principles. The OFPC has indicated that

in general, if you scan customers' identity documents, the Privacy Act requires that, among other things, you:

  • collect only necessary personal information;
  • give customers information about why you are collecting their personal information and how it will be handled;
  • only use or disclose the personal information for the purpose of the collection, unless an exception applies;
  • only retain the scanned personal information for as long as necessary, consistent with the collection purpose;
  • store the personal information securely and allow access to it by the individual if requested.

It comments that

businesses may be able to have greater confidence about meeting their obligations under the Privacy Act by getting the express consent of customers before scanning identity documents.

That comment should give little comfort to many consumers, given the low threshhold facing organisations that wish to meet obligations under the national legislation.

The OFPC notes that the federal Privacy Act gives individuals the right to complain if they think personal information has been mishandled, with potential investigation by the Privacy Commissioner.

subsection marker icon     activity

What of privacy once a patron has entered an entertainment venue?

Regimes within venues are the same as those in retail and other spaces highlighted in the preceding page of this profile. It is a commonplace that venue operators use CCTV to track movement, identify incidents and even deter misbehaviour in 'public' areas of entertainment venues. Those areas include -

  • stairs, escalators and elevators
  • concourses
  • carparks
  • stadium and other sports facility seating
  • dance floors
  • bars

Some of that video might only be sighted by the venue operator; it might instead be displayed to the audience (often more exciting than shots of seagulls expiring of boredom during a cricket match at the MCG).

Visitors to entertainment venues have some protection in 'non-public' areas (such as toilets) where there is a reasonable expectation of privacy. As with retail spaces, venue operators sometimes engage in electronic surveillance of those areas, typically with signage alerting patrons that cameras or other devices may be used.

icon for link to next page   next page (politics)

this site
the web


version of July 2007
© Bruce Arnold | caslon analytics