Credit Reporting Changes as New Privacy Laws Commence
Wednesday 12 March 2014 @ 10.51 a.m. | Corporate & Regulatory | IP & Media | Trade & Commerce
Many significant changes to the Privacy Act 1988 (Cth) (the Privacy Act) effected by the Privacy Amendment (Enhancing Privacy Protection) Act 2012 (Cth) (the Privacy Amendment Act) commence today (12 March 2014) as does the Privacy Regulation 2013 (No 262 of 2013) (Cth) (the Privacy Regulations).
Key Changes
The Privacy Amendment Act is part of the privacy law reform process started in 2004 and brings about several key changes, for example:
- the Privacy Act now includes a set of 13 "harmonised privacy principles" regulating the handling of personal information by the government agencies of Australia and Norfolk Island and some private sector organisations. These principles are to be known as the Australian Privacy Principles (the APPs) and replace both the Information Privacy Principles (the IPPs) that applied to Australian Government agencies and the National Privacy Principles (the NPPs) that applied to some private sector organisations (see further, APP 7 dealing with the use and disclosure of personal information for the purpose of direct marketing, and APP 8 on cross-border disclosure of personal information).
- enhanced powers for for the Office of the Australian Information Commissioner (the OAIC) including:
- conducting assessments of privacy compliance for both Australian Government agencies and some private sector organisations,
- accepting enforceable undertakings,
- seeking civil penalties in the case of serious or repeated breaches of privacy.
- External Dispute Resolution Schemes (EDRS) can now be recognised by the OAIC as schemes to handle privacy-related complaints.
- The Privacy Act now includes new provisions on codes of practice about information privacy known as APP codes and a code of practice for credit reporting known as the CR Code, as well the Information Commissioner is able to develop and register binding codes that are in the public interest.
Perhaps the most controversial of the changes are the changes to credit reporting laws.
Changes to credit reporting laws
The new Privacy Act changes to credit reporting provisions include the:
- introduction of more comprehensive credit reporting, a simplified and enhanced correction and complaints process,
- introduction of civil penalties for breaches of certain credit reporting provisions, and
- a requirement for credit providers to be a member of an EDRS, recognised under the Privacy Act, to be able to participate in the credit reporting system.
Note that a new mandatory credit reporting privacy code (CR Code), developed by the Australian Retail Credit Association (ARCA), also commenced on 12 March 2014 (the Code can be found on the OAIC's Codes Register at the OAIC's website).
Reaction to the New Laws
The ABC reports the reaction of some consumer groups as:
". . . warning that Federal Government changes to credit history reporting rules will make it more difficult for low-income Australians to get loans."
As the ABC points out under the changes banks will be required to report payment defaults more thoroughly and more regularly unlike the previous position where lenders have only been required to report a customer default on loans when they are more than 60 days late in their payments. From today (12 March 2013) more detailed information about credit card and loan repayments will be handed over to credit reporting agencies.
A reported key concern on the part of consumer groups is that late repayments of even only a few days will be recorded in people's credit histories. Kat Lane of the NSW Consumer Credit Legal Centre is reported by the ABC as saying:
"The big issue is this is something that's been pushed in by industry to manage making decisions on credit risk when lending to people and, of course, the problem is for consumers is that this isn't necessarily a good thing for them, . . . Australians who are just struggling with paying their everyday bills, if they're more than five days late on their credit card, their home loan or their personal loan, then suddenly they're going to have a mark on their credit report. . . That may mean that when they go to get credit, they may have to pay a higher interest rate."
The belief is that it is then unlikely that lenders will use the information to scale back on the number of loans and credit cards they give out but more likely they will use the information to charge more interest.
As Kat Lane is further quoted:
"I think the low-income and disadvantaged people in our society are going to be severely disadvantaged by these changes because a lot of them, particularly those people living working poor or on part-Centrelink struggle to pay their bills already, particularly their loans, and they're going to be people who are constantly facing higher credit costs."
Former Deputy Privacy Commissioner Nigel Waters, now working with the Australian Privacy Foundation, is reported by the ABC as having serious concerns about the changes. Primarily, he is disappointed that the Federal government when it made these changes did not fund a public education campaign and thinks a lot of people are going to be very surprised and very upset when they find out what the position with respect to credit reporting is after the changes take effect.
Australia's Privacy Commissioner, Timothy Pilgrim is reported by the ABC as responding by saying that the changes have been publicised on his commission's website and adding that OAIC's website had ". . . quite a large number of hits on it, it is extraordinarily well used, so we're making sure we use that to the greatest extent possible . . ."
In response to the concerns about the changes the ARCA is reported as saying that: "the new rules offer a clearer picture of people's credit records".
TimeBase is an independent, privately owned Australian legal publisher specialising in the online delivery of accurate, comprehensive and innovative legislation research tools including LawOne and unique Point-in-Time Products.
Sources:
- Privacy Regulation 2013 (No. 262 of 2013) and Privacy Amendment (Enhancing Privacy Protection) Act 2012 (Cth) and supporting Explanatory Statements as reported by the TimeBase LawOne Service.
- Privacy law reform (2014 Law Reform) (OAIC Webpage)
- Consumer groups raise concern over major credit reporting changes (ABC News - 11 March 2014)