From time to time, people use privacy law as an excuse for not doing something. We call such things BOTPAs, standing for ‘Blame it On The Privacy Act’. A note on its origins is below. The term has been picked up by the media, at least in Matthew Moore’s FoI column in the SMH, on 24 August 2006 and 27 June 2007.
This page provides some information about a few of the many BOTPAs we’ve come across. In none of these cases is privacy law a genuine barrier.
If you have other good examples to contribute, please email us the details, with the subject heading “BOTPA”.
Some Examples of BOTPAs
In early 2005, the Howard Government through Immigration Minister Amanda Vanstone held a private, behind closed doors enquiry into the imprisonment of Cornelia Rau. Ms Rau’s privacy had been ignored when she was incarcerated, when she was put in solitary with continual observation of all her personal activities, when she was named to the media, and when her medical condition was published. The in camera inquiry wasn’t to proect Cornelia Rau’s privacy, but to obscure the malperformance of the Department and the detention centre contractors. See, for example, the SMH Editorial of 5 May 2007. (The attempt failed. Public opinion forced publication of the report on the Palmer Inquiry, and 12 of Immigration’s 13 most senior executives were moved on).
In mid-2005, the lack of cameras inside aircraft luggage holds was blamed on privacy laws (e.g. The Age, 14 May 2005). The claim is completely groundless.
In August 2006, Sydney’s Lord Mayor, Clover Moore, said that the NSW Privacy Act prevented her releasing to the Herald the names of restaurateurs fined for breaching health regulations. The Privacy Act can’t be used as a reason to deny an FOI application. The privacy legislation is subordinate to the FOI legislation (Privacy no excuse to hide dirt – Matthew Moore’s FoI column in the SMH, 24 August 2006). The Ombudsman got the Mayor off the hook, by determining that “there is not enough public interest in knowing the names of offenders because it would hurt their businesses” (SMH, 1 March 2007).
On 20 December 2006, ABC News reported that the Australian Taxation Office (ATO) was claiming that it couldn’t comment on the Ruling that wheat marketer AWB is permitted a $300m tax deduction for its not-quite-bribes in Iraq, because of the Privacy Act. If the report was correct, the ATO’s claim was completely false, because the Privacy Act does not apply to corporations, and it could easily make meaningful statements without mentioning any individual.
The report on the Sea King helicopter disaster in 2005 named ten Defence Force personell who were held responsible for Australia’s worst military disaster in a decade. But Defence Chief, Air Chief Marshal Angus Houston pretended that the Privacy Act prevented publication of information about their roles in the disaster, the charges laid, and the outcomes of the charges (SMH, 27 June 2007). The accused have very real privacy concerns, because publication of such things as their addresses, information about their medical history, or the names of their children and the schools they attend, would be a serious breach of privacy and create the risk of physical threat. On the other hand, there’s a very real public interest in (and, in the the case of the bereaved, a real need for) publication of relevant information. Moreover, there is a long history of publication of the names of people facing criminal charges in both the civil and military jurisdictions.
Some conference organisers claim that they can’t make lists of delegates available, ‘because of the Privacy Act’ – at considerable cost to social networking. Professional conference organisers have a tickable box on the registration form.
Some universities have claimed that ‘privacy legislation prevents university staff from communicating with students except via each student’s university-issued email account’. It’s true that a teacher must not disclose personal data in an email reply unless they have reasonable grounds for believing that the message will be seen only by the student concerned; but that’s a far cry from a blanket prohibition, and sweeping statementsabout privacy law like that are simply wrong.
Some doctors have been known to excuse themselves from discussing a patient’s prognosis with other members of the patient’s health care team, on the basis of privacy. The Commonwealth and State privacy statutes emphatically do not prevent the sharing of appropriate patient data among team-members. For example, the Commonwealth Privacy Commissioner’s Guidelines say “In the health sector, the flow of personal information usually occurs in accordance with concepts such as sharing within the ‘treating team’ or ‘on a need to know basis’. For many health service providers, the use and disclosure of personal information is already bound by the codes of practice or rules of confidentiality of their professions. The Privacy Act provides for the continuation of necessary information handling practices in the health sector …”.
Another example in the health care sector arose when the NSW Minister for Health, Reba Meagher, avoided examination of the incompetence of the NSW Medical Registration Board by refusing access by the federal government to data relating to doctors registered in that State. This was reported in the media about 14 March 2008. (There are well-established policies and procedures whereby personal data is subject to audit; but if it’s politically convenient, these can be overlooked).
After natural disasters such as the Indonesian tsunami in 2004, and Cyclone Larry which hit Innisfail in 2006, claims are made that the Privacy Act hinders the activities of rescuers and aid-providers. The fact is that the Privacy Act, at NPP 2 .1(e), expressly states that “an organisation [may] use or disclose personal information [if] the organisation reasonably believes that the use or disclosure is necessary to lessen or prevent (i) a serious and imminent threat to an individual’s life, health or safety; or (ii) a serious threat to public health or public safety”. (That clause is in there at least in part because privacy advocates lobbied for it).
“By all means let us debate the balance, but let it be a more honest debate than we are seeing at present, with misleading claims and downright furphies abounding about the supposed effect of privacy laws. Australians deserve intelligent solutions to contemporary issues that preserve privacy and respect for individuals’ dignity and autonomy” – Anna Johnston, Chair of APF, 23 February 2005
“Australian privacy law embodies a well thought-out and practical balance between privacy interests and the special needs of various important public benefit activities, so that it rarely need
cause disruption to essential services or the means to protect people from harm” – David Vaile, Vice-Chair of APF, 17 June 2005
Origins of the Term
It appears that the term was invented in the mid-1990s by Bruce Slane, then New Zealand Privacy Commissioner. The earliest NZ reference that turns up on Google appears to be in October 2003.
It was used by the NSW Privacy Commission in a newsletter in September/October 2003. Victorian Commissioner Paul Chadwick used it in evidence before a Senate Committee in April 2005, and in a presentation in August 2005, saying “we use [the term ‘botpa’] as a shorthand term to describe the many examples of organisations or individuals mistakenly or wilfully ‘blaming’ the privacy act when refusing to disclose information that the privacy act allows to be disclosed. Sometimes, it is the result of lack of training or excessive caution. Sometimes, it is because the holder of information would prefer not to disclose for reasons unrelated to privacy, but finds it convenient to ‘blame’ privacy law”. It was also used by the Australian Privacy Commissioner, Karen Curtis, in a speech in September 2006.
The meme is spreading. In January 2007, it appeared in a submission to a federal government agency by the NSW Energy & Water Ombudsman.
In the Offices of Privacy Commissioners, the term stands for ‘Because of The Privacy Act’, but we think ‘Blame’ conveys the meaning much more clearly.
Former APF Board member Jan Whitaker reports the following tale, which reflects popular understanding of BOTPAs:
The Melbourne Museum has a brain in a new exhibit. The Channel 10 Weatherman doing the story said “Because of Privacy Laws, they can’t tell whose brain it is. But we hope it’s from a politician because then we know it hasn’t been used”.