Businesses sound alarm over class action risk in privacy bill
Labor warned businesses across Australia would become the target of crippling class actions in response to data breaches under reforms to the privacy act being proposed by the Albanese government.
Businesses would become targets of crippling class actions in response to data breaches under reforms to the privacy act being proposed by Labor, peak bodies warn, with the increased legal exposure jacking up insurance premiums and costs being passed on to consumers.
In a series of submissions to a parliamentary inquiry that is investigating Labor’s privacy legislation – which is due to publish its final report on Thursday – business groups raised alarm over the ability for legal action to be taken for any invasion of privacy, rather than only serious incidents, and on grounds of “negligence” rather than recklessness by companies.
The Australian Chamber of Commerce and Industry warned this element of the bill would “expand the risk of legal exposure across more types of breaches and encourage speculative claims to be made by well-resourced litigation funders for mental distress, where evidence of harm is not required”.
“Recent data suggesting that Australia has become the class action capital of the world is concerning,” the ACCI submission states. “The class-action industry is a multibillion-dollar sector, which profits off speculative claims. This is just another step along a worrying trend, which is creating an increasingly risky environment for businesses of all sizes to operate in. This may have a flow-on impact for insurance premiums, business operations and prices which are ultimately passed on to consumers.”
Labor’s proposed changes to the privacy act follow a series of high-profile data breaches of companies storing the information of millions of Australian customers, namely Optus and Medibank.
The cyber attack on Optus in September threatened the personal information of more than nine million customers, including passport numbers and drivers licence details. Optus announced earlier this year it would fight allegations by the Australian Communication and Media Authority it had failed to protect the confidential details of its customers.
While business groups agreed that legal action should be possible for any “serious” invasion of privacy, they warned that without adequate thresholds, companies that had largely done the right thing could be heavily penalised.
“There is a risk that a lower fault threshold of ‘negligence’ and no requirement for a ‘serious’ invasion of privacy would allow potentially opportunistic class actions in respect of data breaches – particularly where there is no requirement to prove actual loss or damage, plaintiff law firms and litigation funders have commercial imperatives that incentivise litigation and the novelty of the law in Australia,” a submission by the Australian Institute of Company Directors states.
“A claim involving hundreds of thousands, or even millions of customers, could have a major financial impact on entities if a court were to determine that the appropriate compensation, including for emotional distress, was a small sum such as a few hundred dollars for each individual.”
The AICD called for legal repercussions to be confined to “serious” invasions of privacy and require a fault element of “intentionality or recklessness”.
“We strongly urge these thresholds be retained in the bill,” the submission states.
The Business Council of Australia said while there was a need for consequences for serious breaches of privacy, the current drafting of the bill was “too broad” and would “result in a high degree of volatility in interpretation through case law”.
“We are … concerned that this may open new avenues for class action lawsuits,” it said.
A spokesman for Attorney-General Mark Dreyfus said “the bill makes it clear that the invasion of privacy has to be serious and it has to be intentional or reckless – negligence isn’t sufficient.”
More Coverage
‘Inflation our biggest priority’: Dutton quizzed on tax cut back-down
Opposition Leader Peter Dutton has come under greater scrutiny for his hesitancy in backing a former Coalition policy to reinstate higher tax cuts for those earning more than $150,000 annually.
‘CFMEU tax’ to drive up rents
A deal between Queensland unions and the former Palaszczuk-Miles Labor government could jeopardise housing targets and drive up rents by 7 per cent, treasury modelling reveals.