There are growing concerns in the community about privacy
breaches involving remotely piloted aircrafts ("RPA"),
commonly known as drones. RPA have the ability to intrude on a
person's private activities intentionally, through deliberate
surveillance, or unintentionally, in the course of other activities
such as aerial photography, and search and rescue. The rapid
improvement in drone technology has increasingly enabled RPA to
become commercially available for use by private individuals. As a
consequence, it has left Australia's current privacy regime
inadequate to specifically deal with RPA. While there is yet to be
any litigation involving RPA in Australia, it appears only a matter
of time before the first case arises.
The main Australian statute dealing with privacy breaches is the
Commonwealth Privacy Act 1988. While the Privacy Act applies to
most Australian federal government agencies and most private
organisations, it does not provide comprehensive privacy protection
for Australians. The Privacy Act does not apply to a number of
groups, including small businesses with an annual turnover of less
than $3 million, political organisations, media organisations, and
individual citizens acting in their personal, family or household
affairs. Moreover, the Privacy Act would be considerably
ineffective against invasive use of RPA because it focuses on data
protection rather than behavioural privacy protection.
The Commonwealth Surveillance Devices Act 2004 regulates the
lawful use of surveillance devices by Federal law enforcement
agencies. However, the prohibitions on the use of surveillance
devices are left to the relevant State and Territory statutes. It
is conceivable that RPA could fall within the scope of the
Commonwealth Surveillance Devices Act under the definitions of
'optical surveillance device' or 'listening
device'. However, this statute was written without
consideration to the capabilities of modern mobile surveillance
devices. Consequently, applying the statute to such cases may be
encumbered by the unique characteristics of drones. Moreover, the
statute does not redress privacy breaches by ordinary citizens.
In Western Australia, the Surveillance Devices Act 1998
prohibits the use of listening and optical surveillance devices by
a person to monitor or record someone engaged in private activity.
Although this statute was introduced to, among other things,
provide protection from child abuse and voyeurism, it may
nonetheless provide some protection against invasive RPA use.
Unlike some other surveillance statutes from other jurisdictions,
the WA Surveillance Devices Act makes exception for the inadvertent
recording of private behaviour that may occur incidentally by the
lawful use of RPA, such as aerial photography. As a result,a person
cannot be penalised for the operation of an RPA resulting in the
unintentional monitoring or recording of a private activity.
Outside the statutory regime, there are a number of common law
torts that may redress invasions of privacy. For example, trespass,
nuisance or breach of confidence may, depending on the
circumstances, be available for causes of action against intruding
RPA operators. However, these torts are untested in RPA scenarios
and, in any case, are unlikely to provide reliable protection
because the respective legal principles emerged well before the
development of drone technology.
In July 2014, the House of Representatives Standing Committee on
Social Policy and Legal Affairs issued a report urging the
Australian government to update Australia's privacy law to keep
up to date with the proliferation of RPA. Among the committee's
recommendations is to introduce new legislation to protect citizens
against privacy-invasive technologies, including RPA. Specifically,
the committee proposes the creation of a tort of serious invasion
of privacy to address some of the gaps and limitations in
Australia's existing privacy law. Whatever the solution, it is
clear that legislative reform is required in the not too distant
future to confront the privacy concerns associated with RPA.
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
To print this article, all you need is to be registered on Mondaq.com.
Click to Login as an existing user or Register so you can print this article.
Concerns about privacy and data control are often cited as major impediments to the growth and wide adoption of Cloud.
Some comments from our readers… “The articles are extremely timely and highly applicable” “I often find critical information not available elsewhere” “As in-house counsel, Mondaq’s service is of great value”
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).