State/Territory privacy regimes
This page considers the privacy regimes of the Australian
states, the Northern Territory and Australian Capital
It covers -
and New Zealand surveillance agencies are examined here.
The Australian privacy regimes include surveillance, spent
convictions, credit reporting, health, adoption records
and criminal trespass legislation.
The only states with a comprehensive data protection regime
are New South Wales (NSW), with the Privacy & Personal
Information Protection Act 1998, and Victoria,
with the Information Privacy Act 2000. Commonwealth
and State/territory Freedom of Information legislation
is identified here,
followed by a discussion of Australian and overseas archives
For legislation and practice in New Zealand see the coverage
in the Privacy guide.
In New South Wales the 1998 Privacy & Personal
Information Protection Act (PPIP)
covers the public sector and established an Office
of the NSW Privacy Commissioner (NSWPC).
Major government agencies, such as the police, are exempt
from some or all of the privacy principles. All state
owned corporations, courts, tribunals and Royal Commissions
are fully exempt.
The 1998 Workplace Video Surveillance Act (WVSA)
was superseded in 2005 by the Workplace Surveillance
Act 2005 (WSA).
The latter enactment, along with the broader 1984 Listening
Devices Act (LDA),
features provisions dealing with covert surveillance.
In December 2001 the NSW Law Reform Commission issued
a major report
on Surveillance, calling for a significant extension
of privacy protection.
Spent convictions are dealt with under the Crimes
Act of 1900 (as subsequently amended) and the Criminal
Records Act 1991.
The Health Records & Information Privacy Act 2002
deals with medical records.
The salient criminal trespass enactment is the Inclosed
Lands Protection Act 1901. The legislation is important
because restricting physical access to a location remains
a key builkding block for the protection of privacy.
This culminated in the Charter of Human Rights, which
took effect this year and is the first in Australia. Taking
pride of place in the charter is the right to privacy
In Victoria the new Information Privacy Act (IPB)
articulates 10 Information Privacy Principles, based on
the National Privacy Principles. It is restricted to the
public sector and does not apply to health information,
covered by the Health Records Act 2001
The information privacy legislation establishes a State
Privacy Commissioner (SPC)
to administer the Act and to deal with complaints. The
Victorian Act is more comprehensive than the NSW Act:
it has fewer exemptions, and covers state government owned
enterprises. Complaints to the Privacy Commissioner, if
not conciliated, can be decided by the Victorian Civil
& Administrative Tribunal which can make binding orders,
including for compensation of up to $100,000.
Other Victorian privacy legislation includes the -
Devices Act 1999 (SDA)
Credit reporting is covered by the Credit Reporting
Act 1978. The Equal Opportunity Act 1995
makes it unlawful to request sensitive personal information,
such as marital status, that may be used to discriminate
against the individual.
The salient criminal trespass enactment is the Summary
Offences Act 1966.
An overview of the Victorian regime is provided by
the Victorian Law Foundation's Private Lives
Australian Capital Territory government agencies are notionally
covered by the federal legislation, although health records
were removed from the jurisdiction of the Federal Privacy
Commissioner by the ACT Health Records (Access &
Privacy) Act 1997 (AHRAP)
based on the federal privacy principles and intended to
allow patients access to their own medical records in
the public and private sectors.
The ACT Listening Devices Act 1992 is here.
The Northern Territory is developing privacy legislation
for the public sector only, with the Information Act
2002 (IA). Surveillance
legislation includes the Surveillance Devices Act 2000
which replaced the Listening Devices Act 1990 and
Listening Devices Amendment Act 1991.
Spent convictions are dealt with under the Criminal
Records (Spent Convictions) Act 1992.
The salient criminal trespass enactment is the Trespass
The Invasion of Privacy Act 1971 (PDF)
was primarily concerned with the licensing of private
inquiry agents and the regulation of listening devices,
as well as a number of offences relating to unlawful entry
of homes. The Privacy Committee Act 1984 established
a state Privacy Committee with an Ombudsman complaint-handling
function but featured a sunset clause: the Committee was
wound down in 1991.
Surveillance legislation includes the Drugs Misuse
Act 1986 and Criminal Justice Act 1989.
Spent convictions are dealt with under the Criminal
Law (Rehabilitation of Offenders) Act 1986.
In 2003 Justice Skoien of the Brisbane District Court,
in Grosse v Purvis  QDC 151, ruled for
the plaintiff in a suit for the tort of privacy, noting
that in Australia it would be
first step to hold that there can be a civil action
for damages based on the actionable right of an individual
person to privacy
albeit "a logical and desirable step". The
case is claimed as the first in Australia where a claimant
has successfully sued for damage to privacy and creates
a right of action independent of statute. As the
decision is by the District Court it is not binding on
other jurisdictions. Higher courts in subsequent decisions
have - in our view unfortunately - held that the law has
not developed to the point where action for breach of
privacy is recognised in Australia. Examples are Giller
v Procopets  VSC 113 and Kalaba v Commonwealth
of Australia  FCA 763 and FCAFC 326.
In Grosse v Purvis the Court awarded damages
of $178,000 after the defendant stalked the claimant.
Skoien held that Queensland law allows an individual to
recover damages for mental, psychological or emotional
harm (including embarrassment, hurt, distress and post
traumatic disorder) for a willed act that intrudes upon
the claimant's privacy or seclusion and causes the claimant
harm or distress (or prevents or hinders the claimant
from doing an act which that person is lawfully entitled
Justice Gillard of the Victorian Supreme Court, in Giller
v Procopets, was unpersuaded. He specifically rejected
a cause of action based on breach of privacy under Australian
The other states have issued administrative instructions
requiring broad compliance by government agencies with
the federal principles but are not moving towards discrete
privacy legislation covering public or private sector
The Instructions in South Australia, Tasmania and Western
Australia do not have the force of law and there are few
supervisory or enforcement mechanisms. South Australia
has a part time Privacy Committee with some advisory and
Tasmania has a specific Listening Devices Act 1991
For spent convictions see the Records of Offences (Access)
The salient criminal trespass enactment is the Police
Offences Act 1935.
For listening devices legislation in Western Australia
see the Surveillance Devices Act 1998 (here).
The State's Spent convictions regime is based on the
Spent Convictions Act 1988.
In South Australia the Listening Devices Act 1972
was amended in 1974, 1989 and 2001, becoming the Listening
& Surveillance Devices Act 1972.
Credit reporting is covered by the Fair Trading Act
For criminal trespass see the Summary Offences
SA legislation is accessible from the State Parliament's
legislation database here.
Australian privacy, censorship and intellectual property
regimes have been criticised for inadequate protection
of celebrity personality rights and for failing to prevent
online "voyeuristic" photos of teens or other
people snapped without their consent.
The 2005 Standing Committee of Attorneys-General Unauthorised
Photographs on the Internet And Ancillary Privacy
Discussion Paper (PDF)
explored concerns regarding both taking photos and their
publication on the net. It highlights a range of state
and federal legislation, including the Victorian Crimes
Act, NSW Summary Offences Act, ACT Public
Baths & Public Bathing Act and WA Surveillance