Commonwealth Numbered Regulations - Explanatory Statements

[Index] [Search] [Download] [Related Items] [Help]


PRIVACY AMENDMENT (EXTERNAL DISPUTE RESOLUTION SCHEME--TRANSITIONAL) REGULATION 2014 (SLI NO 8 OF 2014)

EXPLANATORY STATEMENT

Select Legislative Instrument No. 8, 2014

Issued by the authority of the Attorney-General

 

Privacy Amendment (Enhancing Privacy Protection) Act 2012

 

Privacy Amendment (External Dispute Resolution

Scheme--Transitional) Regulation 2014

 

The Privacy Amendment (Enhancing Protection) Act 2012 (Privacy Amendment Act) comes into force on 12 March 2014 introducing significant amendments to the Privacy Act 1988 (Privacy Act). 

 

Item 19 of Schedule 6 to the Privacy Amendment Act allows the Governor-General to make regulations dealing with matters of a transitional, application or saving nature relating to the amendments made by the Amendment Act.

 

Section 4 of the Acts Interpretation Act 1901 allows for the making of regulations under the Privacy Amendment Act before that Act commences, as long as the new Regulation does not commence before the Privacy Amendment Act. 

 

Under subparagraph 21D(2)(a)(i) of the Privacy Amendment Act, credit providers are required to be members of an external dispute resolution (EDR) scheme which is recognised by the Australian Information Commissioner in order to disclose credit information about an individual to a credit reporting body and thereby participate in the credit reporting system.  The purpose of this requirement is to ensure the quick, low-cost handling of consumer complaints.  Utilities (water, gas and electricity providers) and commercial credit providers (to the extent that they access the consumer credit reporting system) are considered credit providers under the Privacy Act.  From 12 March 2014, any utility or commercial credit provider that is not a member of a recognised EDR scheme will be unable to participate in the credit reporting system. This means that the utility or commercial credit provider is not be permitted to provide particular types of personal information (including identification information as well as credit information) about an individual to a credit reporting body, nor is the utility be able to access credit reporting information about any individual.

 

Exemption for utilities

 

All States and Territories have EDR schemes in place that apply to utilities operating in their jurisdiction.  In most cases, these EDR schemes take the form of an ombudsman service.  Some State and Territory ombudsman services are seeking recognition as EDR schemes from the Australian Information Commissioner in line with the process for recognition set out in section 35A of the amended Privacy Act.  However, not all States and Territories are able to apply for recognition for a range of reasons, including limitations contained in jurisdictional enabling legislation.

 

For example, as some relevant EDR schemes are established under State or Territory law, those schemes may only be able to exercise powers in performance of the State or Territory based functions.

 

The Regulation provides a transitional, 12-month exemption for utilities (providers of water, gas, and electricity services) in Australia from the requirement to be a member of an EDR scheme in order to disclose information to a credit reporting body.

 

As a result of the Regulation, utilities are provided with an extended period to meet the requirements in subparagraph 21D(2)(a)(i) of the Privacy Amendment Act.  It is anticipated that, during this period, States and Territories will progress necessary legislative or administrative changes in their jurisdictions to enable them to meet their obligations under the amended Privacy Act from 12 March 2015.

 

In the meantime, the Regulation ensures that jurisdictional variances do not create complex and unnecessary differences for consumers based on their jurisdiction of residence.

 

Exemption for commercial credit providers

 

While it was the clear policy intention of the Privacy Amendment Act to bring commercial credit providers within the scope of the EDR obligations (to the extent that they access the consumer credit reporting system to assess applications for commercial credit), some stakeholders have argued that commercial credit providers should be exempt from the EDR obligation because they only obtain credit reporting information and do 'not otherwise participate in the credit reporting environment'. 

 

From 12 March 2014, it is possible that commercial credit providers may make lending decisions without accessing the consumer credit file rather than paying the fee to join an EDR scheme. If this occurs, it may result in commercial credit providers deciding to provide credit in situations where the business does not have capacity to repay that credit.  Conversely, commercial credit providers may restrict businesses access to credit on the basis that the provider does not have sufficient information on which to assess the creditworthiness of an individual.  Both these outcomes would have negative consequences for consumers and businesses in Australia. 

 

The Regulation provides a transitional, 12-month exemption for commercial credit providers (to the extent that they access the consumer credit reporting system) in Australia from the requirement to be a member of an EDR scheme in order to disclose information to a credit reporting body.

 

If a permanent solution is unable to be found prior to 11 March 2015, the requirements in subparagraph 21D(2)(a)(i) of the Privacy Amendment Act will apply to commercial credit providers.

 

In the meantime, the Regulation ensures commercial credit is available in appropriate circumstances.

 

Details of the Regulation are set out in Attachment A.

A Statement of Compatibility with Human Rights is set out in Attachment B prepared in accordance with Part 3 of the Human Rights (Parliamentary Scrutiny Act) 2011.

 

The Regulation is a legislative instrument for the purposes of the Legislative Instruments Act 2003.

 

The Privacy Amendment Act specifies no conditions that need to be met before the power to make the Regulation can be exercised.

 

The Regulation commences immediately after the commencement of the Privacy Regulation 2013 on 12 March 2014, the same day as the commencement of the Privacy Amendment Act.  It ceases to have effect from the end of 11 March 2015.

 

 

 

                                                                   


ATTACHMENT A

 

Privacy Amendment (External Dispute Resolution Scheme--Transitional) Regulation 2014

 

Preliminary

 

Section 1 - Name of Regulation

 

This section provides that the title of the Regulation is the Privacy Amendment (External Dispute Resolution Scheme--Transitional) Regulation 2014.

 

Section 2 - Commencement

 

This section provides that the Regulation commences on 12 March 2014 immediately after the commencement of the Privacy Regulation 2013.

 

Section 3 - Authority

 

This section provides that the Regulation is made under item 19 of Schedule 6 to the Privacy Amendment (Enhancing Privacy Protection) Act 2012 (Privacy Amendment Act).

 

Section 4 - Schedule(s)

 

This section provides that amendments or repeals have effect according to the terms set out in the Schedule(s).

 

Schedules

 

Item 1

 

Privacy Regulation 2013

 

This item amends existing Part 5 of the Privacy Regulation 2013 by inserting a new transitional regulation 23 titled, 'Membership of recognised external dispute resolution schemes', at the end of existing Part 5. The regulation is divided into three subsections.

 

Subsection 23(1) is titled, 'Energy utilities and water utilities', and provides that, for item 19 of Schedule 6 to the Privacy Amendment Act, subparagraph 21D(2)(a)(i) of the Privacy Act 1988 does not apply in relation to a disclosure of credit information by a credit provider that is either an entity that engages in the retail sale of electricity or gas services (paragraph 23(1)(a)), or an entity that engages in the retail sale of water, sewerage or drainage services (paragraph 23(1)(b)).

 

Subsection 23(2) is titled, 'Commercial credit providers', and provides that, for item 19 of Schedule 6 to the Privacy Amendment Act, subparagraph 21D(2)(a)(i) of the Privacy Act does not apply in relation to a disclosure of credit information by a credit provider if the disclosure is made in connection with the provision of commercial credit.

 

Subsection 23(2) is titled, 'Expiry of this section', and provides that regulation 23 expires at the end of 11 March 2015 as if it had been repealed by another regulation.


 

ATTACHMENT B

Statement of Compatibility with Human Rights

Prepared in accordance with Part 3 of the Human Rights (Parliamentary Scrutiny) Act 2011

Privacy Regulation 2013

This Legislative Instrument is compatible with the human rights and freedoms recognised or declared in the international instruments listed in section 3 of the Human Rights (Parliamentary Scrutiny) Act 2011.

Overview of the Legislative Instrument

The Privacy Amendment (External Dispute Resolution Scheme--Transitional) Regulation 2014 amends Part 5 of the Privacy Regulation 2013 by inserting a new transitional regulation 23 titled, 'Membership of recognised external dispute resolution schemes', at the end of existing Part 5.  This Regulation is made under item 19 of Schedule 6 to the Privacy Amendment (Enhancing Privacy Protection) Act 2012 (Privacy Amendment Act).  The effect of the Regulation is to provide a transitional, 12-month exemption for utilities (providers of water, gas, and electricity services) and commercial credit providers (to the extent that they access the consumer credit reporting system) in Australia from the requirement to be a member of an external dispute resolution (EDR) scheme in order to disclose information to a credit reporting body.

Human rights implications

This Legislative Instrument engages the right to the protection against arbitrary interference with privacy, protected in Article 17 of the International Covenant on Civil and Political Rights (ICCPR).  The right to privacy in Article 17 of the ICCPR prohibits unlawful or arbitrary interferences with a person's privacy, family, home and correspondence.   In order for an interference with a right not to be 'arbitrary', the interference must be for a reason consistent with the relevant Convention and reasonable in the particular circumstances.  The Regulation engages with the use and disclosure of credit information, which may include consumer credit and commercial credit information.  By clearly stipulating that the exemption from the requirement that particular credit providers be a member of an EDR scheme in order to disclose information to a credit reporting body, is transitional, limited to a 12 month period, and applies only to those utilities (providers of water, gas, and electricity services) and commercial credit providers (to the extent that they access the consumer credit reporting system), the Regulation ensures that consumers are not disadvantaged simply because of their jurisdiction of residence.  The Regulation also ensures that legitimate commercial activity that facilitates consumer lending and transactions can take place in appropriate circumstances whilst a more permanent solution is found.  The measures are time limited, reasonable, necessary and proportionate as they ensure that a discrete subset of personal data is used for the purpose of providing essential services to Australians as well as providing a functional credit market. These are legitimate objectives consistent with the Privacy Amendment Act.

Conclusion

This Legislative Instrument engages with the right to privacy, through the use and disclosure of personal data, and does so in a reasonable and proportionate way.


AustLII: Copyright Policy | Disclaimers | Privacy Policy | Feedback