Protecting information rights – advancing information policy

You are here: Home > Publications and resources > Case notes > S and Telecommunication Company [2011] AICmrCN 13

S and Telecommunication Company [2011] AICmrCN 13 (22 December 2011)


Subject heading

Access to personal information

Law

National Privacy Principle 6.1 and 6.7 in Schedule 3 of the Privacy Act 1988 (Cth)

Facts

The complainant had attempted to access their personal information, held by a telecommunication company, which they believed included correspondence to a law enforcement agency. The telecommunication company relied on its internal privacy policy in its explanation of its decision to deny access. When the complainant pursued the matter, the telecommunication company quoted exceptions under NPP 6.

Issues

NPP 6 provides that an organisation that holds personal information about an individual must provide the individual with access to that information unless one or more exceptions apply.

NPP 6.1(j) permits an organisation to deny access to an individual when this would prejudice activities being carried out by, or on behalf of, an enforcement body. These activities include the prevention, detection, investigation, prosecution or punishment of criminal offences, breaches of a law imposing a penalty or sanction or breaches of a prescribed law.

NPP 6.7 requires an organisation to give an individual its reasons for denying access or refusing to correct personal information.

Outcome

The Commissioner investigated the matter under section 40(1) of the Act.

In response to the Commissioner's investigation, the telecommunication company searched the majority of its records for the complainant's personal information. It did not search all its records as certain records included requests for information from law enforcement agencies in a specific context.

The telecommunication company relied on NPP 6.1(j) to deny the complainant access, claiming access would reveal strategy and procedures employed in law enforcement.

The Commissioner found that the telecommunication company could rely on the NPP 6.1(j) exception to deny access. The telecommunication company was not obligated to reveal whether it possessed records from a law enforcement agency, as such actions would prejudice the law enforcement activities of the agency. The Commissioner considered if law enforcement processes were revealed to the complainant this would prejudice activities carried out by the enforcement body.

The Commissioner closed the complaint under section 41(1)(a) of the Act on the grounds that the telecommunication company had complied with its NPP 6 obligations.

Office of the Australian Information Commissioner

December 2011