26 June, 2014
Legal News & Analysis – Asia Pacific – Australia – TMT
Data Protection Law Changes Before Victorian Parliament
The Victorian government has introduced a Bill which will, if enacted, replace the Information Privacy Act 2000 (Vic). Known as the Privacy and Data Protection Bill 2014, the legislation proposes to merge the existing roles of Privacy Commissioner and the Commissioner for Law Enforcement Data Security to create a single Commissioner for Privacy and Data Protection. The Bill addresses a number of data security issues identified by the Victorian Auditor-General in 2009, and provides for a new protective data security framework. The legislation re-enacts most of the key provisions of Victoria’s existing privacy legislation, and leaves the current Information Privacy Principles (IPPs) unchanged. No attempt has been made to adapt the existing IPPs in order to reflect the revamped Australian Privacy Principles which came into force on 14 March 2014, the government preferring to continue with the established Victorian principles for the sake of continuity.
- To see the Bill, click here.
ACCC Regulates SMS Services
The Australian Competition and Consumer Commission (ACCC) has decided to expand its regulation of mobile terminating access services (MTAS). After completing its review into these services, the ACCC has decided to continue to regulate mobile voice termination services for a further five years, and to commence regulating SMS termination services. SMS termination fees are incurred where a SMS is made across different networks and the receiving network may charge a fee to carry, or “terminate” the SMS. In deciding to regulate the fees charged for these service, the ACCC found that mobile service providers are keeping wholesale SMS termination rates above costs, which was having a negative impact on competition.
- A link to the ACCC’s media release can be found here.
auDA Opens Up Access To Domain Name Data
The .au Domain Administration Ltd (auDA) has released the outcome of its review of its policies relating to WHOIS, a feature of domain name systems that allows users to search a web-based registry for details of a domain name owner. The auDA will implement a number of changes relating to the collection, disclosure and use of WHOIS data for .au domain names and whether registrants’ ability to access to .au domain name data should be increased. Registrants will now be allowed to access the creation and expiry date for their domain name as well as a complete list of all their own domain names, or domain names that have been registered using their details. The auDA will also endeavour to increase awareness of a registrant’s right to not use their personal email address on WHOIS. The auDA has determined that there is no need to change the amount or type of registrant data that has been collected or disclosed. The auDA also found that it would not be appropriate or desirable toallow proxy registrations, where the domain name can be registered without the true registrant details being stored in the database, in .au.
- A link to the auDA response to submissions can be found here.
Small Businesses May Be Protected Against Unfair Contract Terms
The Australian Government Treasury is seeking submissions on providing protection to small businesses against unfair terms in standard form contracts. At present, protection is only available to “consumers” under the Australian Consumer Law. The Treasury is undertaking a consultation process on behalf of Consumer Affairs Australia and New Zealand. The submissions deadline is 1 August 2014. In the context of the IT industry, the outcome of the process will potentially be of direct relevance to small businesses which deal with large IT suppliers under standard form contracts.
- A link to the Treasury’s media release can be found here.
Sports Company Shown Competitor’s Work Did Not Breach Confidentiality Or Copyright
The Federal Court has declined to award an injunction to restrain a sports information services company from using templates used in the production of sports statistics: Sports Data Pty Ltd v Prozone Sports Australia Pty Ltd [2014] FCA 595. Sports Data Pty Ltd (Sports Data), a company that provided data and statistics for sporting events was the official supplier of statistics to the National Rugby League Ltd (NRL), until it was replaced by Prozone Sports Australia Pty Ltd (Prozone) in December 2013. Sports Data claimed that Prozone was provided with Sports Data’s input criteria during the development of its event template, which was used in the production of sports statistics that Prozone would provide to the NRL. Sports Data sought an injunction restraining Prozone from using, copying or dealing with its confidential information and infringing its copyright.
In relation to Sports Data’s confidentiality claim, Prozone had been provided with Sport’s Data’s input criteria by an employee of the NRL. However, the information was not confidential as the confidentiality notices were available only on the native database, not on the main website that most customers, including the NRL, accessed. Additionally, Sports Data claimed confidentiality over the entire compilation, rather than the individual event descriptions and it could not prove Prozone had accessed the entire database.
In relation to the copyright claim, copyright may have subsisted in the compilation of event descriptions located in Sports Data’s rugby league database, as the event descriptions and their selection and arrangement involved sufficient effort on the part of the authors. However, it was not infringed as there had not been a substantial reproduction of its copyright works, as the two works were not substantially similar. Sports Data’s work was a compilation comprising a field within a table within a large database and Prozone’s work was a hardcopy guide. Additionally, Prozone had expended independent work and effort in creating its event template, using a number of employees over a significant period of time.
The Court dismissed the application for an injunction.
- A link to the judgment can be found here.
Be Careful What You Ask: Damages For Privacy Breaches After Intrusive Questioning
The Office of the Australian Information Commissioner (Commissioner) has held that AeroCare Pty Ltd (Aerocare) breached the National Privacy Principles (NPPs) by asking a blind customer a range of questions relating to his medical condition: ‘BO’ and AeroCare Pty Ltd [2014] AICmr 32. Aerocare provides flight support services to airlines, such as customer service and cleaning services. The customer presented a letter to an Aerostaff staff member explaining that he was required to wear a medical device following recent surgery. The staff member proceeded to ask the customer a range of questions about the customer’s illness and surgery in front of the customer’s sighted guide and in earshot of other passengers. Although Aerocare was obligated to collect this information, the manner in which it was done was an unreasonable invasion of the claimant’s privacy The Commissioner ordered AeroCare to apologise to the customer in writing, review its staff training and pay the claimant AUD 8500 for non-economic loss caused by the interference with the complainant’s privacy.
- A link to the Office of the Australian Information Commissioner’s decision can be found here.
Dodo Warned For Failing To Send Usage Alerts
The Australian Communications and Media Authority (ACMA) has formally warned telecommunications services provider, Dodo Services Pty Ltd (Dodo) for failing to send data usage alerts as required by the Telecommunications Consumer Protections Code (TCP). Under the TCP, telecommunications services providers are required to send usage alerts to customers on post-paid broadband internet plans when they reach 50, 85 and 100% of their monthly data allowance. Dodo was the only company found to have breached the requirements after the ACMA audited seven large and medium telecommunications service providers to determine compliance with usage alert requirements.
- A link to the ACMA’s media release can be found here.
ACMA Seeking Submissions On Restrictions To Online Content
The ACMA is conducting a review of the Restricted Access System Declaration 2007 (the Declaration) for online content to identify opportunities to reduce costs and administrative burdens. The Declaration specifies the minimum requirements of an access-control system for online MA15+ content that is provided on a commercial basis, and online R18+ content. The ACMA intends to draft a new restricted access system declaration to take into account technological changes as well as to be consistent with the government’s deregulation agenda.
Submissions can be made until 8 July 2014.
- A link to the ACMA’s media release can be found here.
For further information, please contact:
Gordon Hughes, Partner, Ashurst
[email protected]
Ashurst TMT Practice Profile in Australia