If someone is adversely affected by criminal activity over the internet, generally the alleged criminal will be prosecuted in the country where he or she allegedly committed the crime and hence that country's criminal laws will apply. However, in some situations the alleged criminal will be extradited to the country of which he or she is a citizen, for prosecution there according to the criminal laws of that country. The Commonwealth Privacy Act 1988 lays down strict privacy safeguards which Commonwealth (federal) and ACT government agencies must observe when collecting, storing, using and disclosing personal information.
The Act also gives individuals access and correction rights in relation to their own personal information. The Act applies to the wider community (including the private sector and state and local governments) only in relation to specific categories of information: tax file number information and consumer credit information. Privacy issues arise in a wide range of areas and circumstances. Privacy legislation deals mainly with information privacy – the handling of personal information.
Other privacy issues such as video surveillance, telephone interception or ‘bugging’, and other laws may cover physical intrusion into private spaces. In December 2000, the Privacy Amendment (Private Sector) Act 2000 (the Amendment Act) was passed by federal Parliament. The private enterprises became subject to privacy laws on December 21, 2001. The application of the Privacy Act is triggered by the financial size of the organization and the nature and use of the data it collects or processes. It is also subject to some ad hoc exceptions and differing start dates.
The National Privacy Principles (NPPs) in the Privacy Act set out how private sector organisations should collect, use, keep secure and disclose personal information. The principles give individuals a right to know what information an organisation holds about them and a right to correct the information if it is wrong. Among critics of the private sector privacy regime has been the European Commission (EC), which commented unfavourably. In essence, the EC said that it did not regard Australia’s privacy regime as sufficiently protective on about nine grounds.
All in all, as noted at the time of its passage into law, the application criteria is open to criticism for being arbitrary and the wording of the provisions makes it less than crystal clear how, or even if, it is to apply in given cases, especially, to small business. Information Privacy in the United States of America Americans have long been concerned with privacy, yet privacy concerns trail the introduction of new technologies. By definition, the law must respond to what technology defines as possible.
The American tradition of concern for privacy varies from the European approach. The European Community and Canada have principles of data protection, whereas the American tradition revolves around privacy. American considerations are based on common law tradition and a constitutional right, rather than on the more practical approach implied by data protection. Privacy law, as opposed to data protection, has been implemented piecemeal. Privacy protection views each subject area of data as separate and requires action for each subject area as necessary.
The data protection approach offers blanket guidelines for all data with an identifiable subject. In the United States there is privacy protection for federal records (Privacy Act of 1974), financial records (Right to Financial Privacy Act, Fair Debt Collection Practices Act), educational records (Family Education Rights and Privacy Act), and video rental records (Video Privacy Protection Act). There are no such controls on medical records, as this had not been identified as a problem area. The American right to privacy is actually two sets of rights: rights of autonomy and rights of seclusion.
Autonomy is the right to act freely; autonomous actions are taken without coercion. Surveillance is a form of coercion. The rights of seclusion can be seen in the original definition of the right to privacy by Warren and Brandies as "the right to be let alone. " The right to be let alone was defined as consisting of four types of privacy rights: absence of intrusion upon seclusion, absence appropriation of name and likeness, absence of false light, and absence of public disclosure of private facts.
The original definition of privacy clearly singled out the press for intrusion into private affairs: "Gossip is no longer the resource of the idle and of the vicious, but has become a trade which is pursued with industry as well as effrontery" . But what is electronic seclusion? Is it one's own electronic mailbox where particular messages are unwelcome? The law has not answered these questions--or rather, the law has answered, but so inconsistently that there is no coherent answer.