Amendments to the Privacy Act 1988 (the Privacy Act) will come into effect on 12 March 2014.
One of the changes introduced to the Privacy Act is the Information Commissioner's powers under the new section 35A to recognise external dispute resolution (EDR) schemes to handle privacy related complaints.
Importantly, from 12 March 2014, under the new Part IIIA of the Privacy Act, a credit provider (as defined by sections 6G to 6K and which includes a service provider offering post-paid telephone services), must be a member of an EDR scheme recognised under the Privacy Act to be able to participate in the credit reporting system. Existing EDR schemes like the TIO can be recognised under the Privacy Act if they meet the requirements of the Information Commissioner's Guidelines for recognising external dispute resolution schemes.
TIO's application for recognition
On 12 November 2013, the TIO submitted its application for formal recognition by the Information Commissioner as an EDR scheme under section 35A of the Privacy Act. Read the TIO's application for recognition.
TIO's role in privacy-related complaints
On 19 December 2013, the TIO became the first EDR scheme - effective 12 March 2014 - to be recognised by the Information Commissioner under section 35A of the Privacy Act to "receive, investigate, facilitate the resolution of, make decisions and recommendations for, and report on, complaints about acts or practices of TIO members that may be an interference with the privacy of an individual under subsections 13(1) and/or 13(2) of the Privacy Act 1988."
This recognition does not materially change the existing functions and responsibilities of the TIO as we currently already handle telecommunications complaints about an interference with the privacy of an individual under the current Privacy Act and Credit Reporting Code.
OAIC's role in privacy-related complaints
The Information Commissioner will continue to retain its own jurisdiction over complaints about an interference with the privacy of an individual - for example, an individual who is not satisfied with a service provider's response to a privacy related complaint may access the TIO as the recognised EDR scheme or make a complaint to the Information Commissioner.
For more information, please visit the OAIC website.