A new statutory cause of action for serious invasions of privacy has been recommended, but much will depend upon the drafting of any legislation.
A statutory cause of action for serious invasions of privacy could be enacted in NSW if the recommendations of a Parliamentary Committee are accepted.
The NSW Legislative Council Standing Committee on Law and Justice has recommended in its report Remedies for the serious invasion of privacy in New South Wales the establishment of a statutory cause of action for serious invasions of privacy. In coming to this recommendation, the Committee:
- considered various law reform commission reports and other inquiries and the submissions and evidence given directly to it and found a strong consensus for creating such a cause of action in order to provide an adequate remedy for serious invasions of privacy;
- acknowledged the absence of a common law tort to protect privacy and noted evidence that existing common law protections fail to provide adequate remedies to many people who suffer a serious invasion of privacy; and
- specifically examined the equitable action of breach of confidence and, notwithstanding recent promising steps in the right direction, found that more needs to be done now to better protect and remedy serious breaches of privacy.
The Committee recommended that, in establishing the statutory cause of action, it should be based on the Australian Law Reform Commission's (ALRC) model detailed in its 2014 report Serious Invasions of Privacy in the Digital Era (which was the subject of considerable focus during the Committee's inquiry). While not within the Committee's remit, the Committee also provided support for the Bill currently before the Australian Parliament to criminalise revenge pornography (the Criminal Code Amendment (Private Sexual Material) Bill 2015).
The report's recommendations were made by MPs from four parties, including those of the Coalition, so this is clearly an idea in the mainstream of NSW political thought. Nothing will happen, however, until the NSW Government's response to the report, which is expected by 5 September 2016.
Support for the ALRC model
In recommending that the statutory cause of action be based on the ALRC model, the Committee agreed with most inquiry participants in regarding that model as well-considered and balanced. In supporting that model, the Committee specifically addressed:
- its use of an objective test for "reasonable expectation of privacy": the plaintiff must prove that a person in their position would have a reasonable expectation of privacy in the circumstances and a Court must be satisfied that the public interest in privacy outweighs any countervailing interest; and
- its inclusion of a "seriousness" threshold, despite differences in approach on this issue (and the contrary views even of some of the ALRC's review participants). The Committee noted that the ALRC report included commentary on the discouraging effect of such a threshold on the bringing of trivial actions and a recommendation that legislation provide specific guidance on the meaning of "serious".
The report noted that none of the relevant law reform committee proposals, including the ALRC model, required damage to be proved by a claimant.
Divergence from the ALRC model
Despite otherwise supporting the ALRC model, the Committee recommended that the statutory cause of action have two different levels of fault:
- intent, recklessness and negligence for governments and corporations; and
- intent and recklessness for individuals.
The ALRC model was confined to intentional and reckless invasions of privacy only.
Additional NSW Privacy Commissioner and NCAT powers
The Committee thinks it would be appropriate that the NSW Privacy Commissioner be given powers to hear and determine complaints between individuals and order non-financial forms of redress, including apologies, take-down orders and cease and desist orders and, if these are not complied with, the power to refer the matter to the NSW Civil and Administrative Tribunal for hearing.
The NSW Government is currently considering the Committee's recommendations for the establishment of the statutory cause of action, along with the other recommendations raised in the report, and is due to provide its response by 5 September 2016.
Corporations should be keep an eye out for the NSW Government's response to the report and be aware how any legislation could affect them, particularly given the Committee's approach that, while national uniformity would be desirable, the broader policy interest warrants NSW taking the lead on the issue. Corporations should also keep an eye out for other States and Territories, and the Federal Government, following NSW's lead.
Although much will depend upon the drafting of any legislation, issues include:
- the "serious" threshold, which the ALRC proposed be the subject of specific guidance in the legislation;
- the probable increase in claims due to there being no need for a claimant to prove damage;
- the assessment of any damages payable for a breach; and
- corporations' exposure to liability for negligent breaches, as well as intentional or reckless breaches.
Organisations should be prepared to review any draft legislation carefully with particular attention to these points and make submissions where appropriate in accordance with any future Government consultation.
You might also be interested in...
- Serious Data Breach Notification Bill ‒ exposure draft released for consultation
- The prospect of a tort for invasion of privacy arises again
Clayton Utz communications are intended to provide commentary and general information. They should not be relied upon as legal advice. Formal legal advice should be sought in particular transactions or on matters of interest arising from this bulletin. Persons listed may not be admitted in all states and territories.