Consumer Credit Reporting

This page reports on a highly successful campaign conducted in 1988-89,
and continues the story through the following two decades, up to the present


The Setting

From 1967 to 1998, the consumer finance industry in Australia operated a cooperative called the Credit Reference Association of Australia (CRAA). Its function was to build a record about each consumer who sought a loan and to make the the contents available to lenders. The main flow of data was reports of applications for credit, but the record also contained defaults and ‘skips’, and entries for the public notices of bankruptcy.

The purpose of such ‘credit reporting agencies’ was (and is) to reduce the incidence of people who are not creditworthy being granted loans that they’re likely to default on. Some of the people being targeted are acting criminally, others are failing to declare all of their current repayment obligations, and some are inveterately incapable of managing their finances. Although primarily for the benefit of lenders, these operations were and are also advantageous to consumers, by avoiding over-commitment and slightly reducing the cost of borrowing.

No laws existed to regulate the activity. And, unfortunately, the way in which the processes were performed, the quality of the data, and the patterns of use of the data, were seriously harmful to consumers – including blameless consumers. The scheme was operated with little publicity, it involved the collection of personal data without consent and without legal authority, people who were refused credit because of such ‘credit reports’ were commonly not told that was the reason and hence were unaware of the source of the problem, and there were very limited means of recourse.

When the NSW Privacy Committee was formed in 1975, it entered into negotiations with CRAA (which operated nationally, but was based in Sydney). This resulted in an agreement that had no legal force, but that did specify some requirements that the scheme and its participants were expected to comply with.

The Privacy Act of 1988

The Australia Card Scheme had collapsed in September 1987. (The APF’s Australia Card Campaign played a highly significant role in that story). However, the package of Bills also contained a Privacy Bill. That survived, was somewhat improved (largely as a result of effort by the Opposition Coalition Parties led by Neil Brown), and was passed as the Privacy Act 1988. It was an orthodox statute, was long overdue, and applied only to the Commonwealth public sector. But it was Australia’s first substantive privacy protection legislation.

The Credit Reporting Summit in 1989

With privacy protections emerging, and with the first Privacy Commissioner about to be appointed, the APF sought both to maintain momentum, and to broaden the scope of privacy protections to the private sector. The parlous state of affairs in consumer credit reporting was selected as the target. As with the Australia Card campaign, the primary driver was Simon Davies, supported by Tim Dixon, and with research work undertaken by Prof. Graham Greenleaf (who had been the architect of the NSW Privacy agreement with CRAA 13 years earlier).

In April 1989, the APF organised a ‘Summit’ in Sydney, to which it invited the then Minister for Consumer Affairs, Nick Bolkus, members of the Opposition, the NSW Privacy Committee (the only government body in existence at the time, because the federal Commissioner was still in the process of being appointed), participants in the consumer credit industry, and consumer and privacy advocates. The proposal was that the Privacy Act be extended to encompass the credit reporting sector. A press report appeared in The Melbourne Age of 20 April 1989.

“[At the conclusion of the meeting,] the then Commonwealth Attorney-General (Senator Bowen) and Minister for Consumer Affairs (Senator Bolkus) announced that the Government would introduce legislation to prohibit ‘positive reporting’ and, furthermore, to comprehensively regulate credit reporting” (Greenleaf 1992).

The Resulting Legislation of 1990

Subsequent to that Summit, and leveraging off its outcomes, Minister Bolkus introduced the Privacy Amendment Bill 1989. It was described by CRAA as “the most restrictive credit reference laws in the Western world”. According to (Greenleaf 1992), “The credit industry launched a concerted media and Parliamentary campaign against the Bill, and in 1990 the Minister for Justice and Consumer Affairs, Senator Tate, introduced a number of amendments, and accepted others initiated by the Australian Democrats, but the 1989 Bill remained substantially intact when enacted”.

The Privacy Act Amendment Act of 1990, and especially ss. 8 and 12-13, inserted into the Privacy Act ss. 11B, 18A-18B, Part IIIA, ss. 18C-18V, and several further sections, which regulated credit reporting and gave the Privacy Commissioner some limited powers and responsibilities in relation to it.

The summation in Greenleaf (1992) was that “Over the previous twenty years, in the absence of effective prohibitions in State legislation, CRAA had allowed real estate agents to check prospective tenants, government departments to check some occupational licence applicants and applicants for telephone and other government services, insurers to check the credit history of suspect insurance claimants, and mercantile agents to search for debtors’ addresses. Access to credit reporting files for any of these purposes is now prohibited (s18K). The legislation therefore not only limits the future expansion of credit reporting in the private sector, it effectively `rolls back the clock’ by banning past
extensions of credit surveillance which had become accepted practice in the private sector. It is rare for privacy legislation anywhere in the world to attempt such a retrospective repeal of the extension of data surveillance – in the parlance of `Yes, Prime Minister’ it would be described as ‘courageous’!”.

Subsequent Activities, 1990-2010

The regulatory regime that has been in place since 1990 greatly improved the position of credit consumers, by forcing more transparency, subject access, and subject correction rights. However, there have continued to be serious inadequacies in the performance of credit reporting agencies, and particularly of lending organisations. The APF has made multiple subsequent submissions on these issues. A range of amendments have subsequently been passed, resulting in the current version of the provisions.

During the Wallis Enquiry into the Financial System in 1996, CRAA lobbied for positive reporting, and APF and others lobbied against it. The Committee recognised that there was strong opposition, and that this would be a low priority issue compared to other reforms. The Final Report of March 1997 included the vague “Recommendation 99: A working party on positive credit
reporting should be established”. That saw off positive reporting efforts for a further decade.

CRAA was privatised by the credit industry in 1998, originally as the Credit Advantage division of Data Advantage, then from 2001 as Baycorp Advantage, and since 2006 as Veda Advantage. It has continued its consumer credit business. A person can request a copy of their current record.

The provisions survived the Privacy Amendment (Private Sector) Act 2000 largely unscathed. (That legislation, although nominally extending privacy protections to the private sector, also authorised a vast array of privacy-invasive private sector activities). Under that Act, lenders and credit reporting agencies became subject not only to Part IIIA of the Act, but also to the National Privacy Principles.

Veda has since extended its activities into additional areas, including access to an insurance database that’s based on a similar approach to consumers’ data. A person can request a copy of the insurance data on file.

The longstanding approach in the credit reporting industry is based on the central recording of applications for credit, and of defaults. The credit industry has fought a sustained battle to extend into something that the industry’s spin-doctors call ‘positive reporting’, but that from the perspective of consumers is simply consumer surveillance. In 2005, Consumer Affairs Victoria released a “Consumer Credit Review Issues Paper”. This mainly concerned other issues but also asked a few short questions about a potential move to positive credit reporting. Submissions were divided on traditional lines. See the Review web-site. No change resulted from the consultation. The Victorian Government response noted there was insufficient evidence of the benefits of positive credit reporting and concluded that the issue was more suitable for Commonwealth consideration.

The ‘positive reporting’ initiative has been successfully resisted for two decades, and continues to be strenuously opposed by consumer and privacy advocates. In addition to the APF, the Consumer Action Law Centre has been very active on these matters.

The Never-Ending Story, Post-2010

The Australian Law Reform Commission (ALRC) conducted a wide-ranging inquiry into the Privacy Act in 2006-08. The APF submitted on many aspects of the inquiry. See in particular the APF Submission on Credit Reporting of March 2007.

The ALRC Report in August 2008 caved in to the industry lobby, recommending “More comprehensive credit reporting: in addition to the limited types of ‘negative’ information currently permitted, it is recommended that some additional categories of ‘positive’ information should be allowed to be added to an individual’s credit file, in order to facilitate better risk management practices by credit suppliers and lenders” (ALRC 2008. See also Part G of the Report, paras. 52-59).

By March 2010, the Government had still not responded to the ALRC’s Recommendations in Part G.