[Computerbank] Re: [CAI-committee] Draft CAI Privacy Statement

Wendy Langer wlanger at bigpond.net.au
Fri Jan 17 08:55:01 UTC 2003


Hi there,

 I used to work with a guy called Tom Graves who is a computer dude and very
interested in open source, and who also does consulting to companies
concerning the new privacy act, so he may be able to give some useful
advice - not a lawyer, but au fait with the area, and may be willing to
consult for "in kind" return, ie some advice or training on linux, as I know
that a while ago he was setting up mandrake linux on one of his syetms, and
had had a couple of problems.

that was a long sentence wasn't it!



He lives in the country (Malmsbury, near Castlemaine), but comes into town
fairly regularly.

I could write to him and ask if he would be at all interested, but i am not
sure exactly what the issues are at this point.

lmkwyt :)

Wendy Langer

-----Original Message-----
From: computerbank-admin at lists.linux.org.au
[mailto:computerbank-admin at lists.linux.org.au]On Behalf Of cromwell
Sent: Sunday, 12 January 2003 08:04
To: cai-committee at lists.linux.org.au
Cc: CAISA; computerbank
Subject: [Computerbank] Re: [CAI-committee] Draft CAI Privacy Statement


Greetings all,
	there's probably a bit more that i should read about this to truly
understand
all the underlying principles, threads, aggendas, etc, and for anybody who
can give me a tip or twain, it would be greatly appreciated.  I honestly
don't remember having to comply with some new changes to the Privacy Act
2000
and am unsure what the ramifications are and more to the point, who they
apply to, so thank you Kylie for raising this.

	I've read through the National Privacy Principles but their "mock-up copy
of
the Privacy Ammendment (Private Sector) Act 2000" link was unsupported so i
could not read section 6 of this.  Most of it seemed to make sense, although
there may be a few stumbling blocks, especially where language issues exist.
For instance, i forsee difficulty in satisfying point 1.5 in the context of
point 1.3.c, i.e. ensuring that we have fullfilled our duty in conveying
through an intermediary the purposes for which we collect a recipient's
private information.  Also, to satisfy point 2.1.b, it may be a good idea to
include on our volunteer and member forms a question to the effect "Do you
give your consent to give your private details to other volunteers and/or
members?"  We might also need to include in our privacy "waiver" (probably
the wrong term and all due apologies to the legally ruffled :)  something to
cover us for 2.1.c, that is disclosing for any secondary purposes.  Has
anyone ever heard of point 8 (Anonymity) put to the test?  And point 10, do
we have a working definition of exactly what constitutes sensitive
information?

	"Reasonable steps" gets thown about a bit in the document and sounds a very
scary phrase indeed, like the sort of thing that gets defined by a judge
minutes before you get sued for every penny you possess.  Is there any scale
of "reasonable steps" for every occasion out there on a statute somewhere?

	I have been able to read neither the privacy_statement.html nor
privacy_policy.html documents, those links don't appear to be supported
either, the now.  Even if i had been able to, i've had no legal training
equal to this situation and i suspect that many of us would be incompetant
to
judge what the relationship (in a legal sense) twixt these documents and the
ammended Privacy Act 2000 is.  Would it be worth bringing in someone more
legally qualified for comment?

	I've heard about the Brotherhood of St Laurence's ability to hold it's head
above water in the legal arena and while i don't actually know all the
ramifications, i am inclined to trust their ability to appropriately
interpret legislature.  Kylie seems to have done a good job picking up the
core items that apply to us.

	Regarding changes to the Privacy Statement, i commend to our consideration
an
addition to the effect that as well as posting changes to the relevant
website, that we will also alert those that need to know that changes have
occurred, so they may appraise themselves of any new responsibilities in
timely fashion.

	Another possibility to consider is that the role of Privacy Officer have an
associated CAI officer who automatically assumes this position's duties in
the stead, for whatever reason, of the incumbent's incapacity and who should
be informed whenever (if ever) this occurs.

	Working in Victoria i heard discussion of requirements to destroy private
information when it was no longer appropriate to hold it.  Is anybody aware
of what, if any, requirements need be met in this regard?

	That was a long haul, sorry but i have no idea when it comes to legal
matters, per hap all this was unneccessary but better safe than sorry.

Best regards and faithfully yours,

cromwell
--------------------------------------------------------------------------
Cromwell Hooper
Volunteer and WFTD Co-ordinator
Computerbank Australia Incorporated, SA Branch
http://sa.computerbank.org.au/
Vice President
Computerbank Australia Incorporated
http://www.computerbank.org.au/
--------------------------------------------------------------------------


On Thursday 09 January 2003 23:24, Kylie Davies wrote:
> Hi all,
>
> You will remember having to comply with some new changes to the Privacy
Act
> 2000. Compliance date for CAI was Dec 22nd 2002. I suggest that all SC's
> look at using this or *not* collect personal information. I am unsure of
> CBNSW's responsibilities. CAISA and CAIQLD will need to use this when
> collecting personal information.
>
> Below I have drafted a Privacy Statement....which can be used as a
> covernote to be sent out with applications or volunteer forms/membership
> forms. (ie any form that collects personal info). It can be used now, as
> is, however, the web links do not exist...yet....
>
> I think the statement itself satisfies obligations under privacy
> legislation changes, however I am still trying to confirm... Anyone help
> here?
>
> With this in mind...I'd like your comments and would like them quick! :)
>
> _Some Notes_
>
> With respect to the Privacy Policy...the complete one...that'll be
> available next Monday/Tuesday. I will send that to the list...It will
> basically be a document that outlines our policy with respect to the
> National Privacy Principals (see the link in the doc). It will probably be
> quite long.
>
> The statement is designed as a one page (when it is doublesided)
> information sheet that can be sent out with all forms.
>
> Note re sensitive information....where we ask a recip or vol about country
> of birth (ethnicity) - I think we need to get them to sign off on
> it...eg....I acknowledge that I am providing some sensitive info to cb and
> agree to do so or something to that tune.
>
> If any one has any questions...fling them somewhere...and I will try and
> answer. ;)
>
> Cheers and please forward this on to branch lists,
>
> Kylie
>
> ---
> Kylie Davies
> Victorian Branch Coordinator
> Computerbank Australia Inc
>
>
>
>
> _Computerbank Australia Inc Privacy Statement_
>                    DRAFT DOCUMENT
>
> December 2002
>
> Overview
>
> The Privacy Statement below is a summary of Computerbank Australia's
> Privacy Policy. The full text of our Privacy Policy can be found online at
> http://www.computerbank.org.au/privacy_policy.html or can be accessed at
> Computerbank Branches across Australia. The statement can be accessed
> online at http://www.computerbank.org.au/privacy_statement.html
>
> Privacy Statement
>
> Computerbank Australia Inc is committed to protecting the privacy and
> confidentiality of our clients, members, supporters, volunteers and staff.
>
> Computerbank Australia Inc supports and is bound by the Privacy Amendment
> (Private Sector) Act 2000 and the National Privacy Principles. A copy of
> the National Privacy Principles can be found at
> http://www.privacy.gov.au/publications/npps01.html.
>
> Computerbank Australia Inc has always had a policy of protecting the
> personal information of our supporters, clients, members, volunteers and
> staff. We remain committed to ensuring that the information you provide to
> us is secure, accurate and that you are aware of what information is held
> by us and your rights to access that information.
>
> Information you provide
>
> When you become a service user, volunteer, supporter, member, contractor
or
> a job applicant you are generally asked to provide us with your name and
> contact details as well as other information. Under the Privacy Amendment
> (Private Sector) Act 2000, information, which can identify you, is known
as
> personal information. Besides personal information, some specific
> information about you that may include your racial or ethnic origin,
> religious belief or affiliation, criminal record or health information is
> known as sensitive information.
>
> We will not collect sensitive information about you without your express
> consent unless required by law.
>
> Access to your Inforrmation
>
> Unless prevented by legislation, you can check the information we hold on
> you by contacting the relevant State Coordinator of State branches and
> asking for an "access to personal information form". That information will
> then be made available, within a specified time frame, by allowing you the
> opportunity to read the details we hold at a Computerbank site with
> Computerbank volunteers or staff present if appropriate. If there are any
> inaccuracies in the information you can advise changes to the relevant
> State Coordinator.
>
> How we use information
>
> Computerbank Australia Inc uses the information you give to us for the
> purposes of:
>
> 	sending out information about our services
> 	assessing applications for computers and services
> 	evaluating ongoing services provided to you
> 	assessing your application to become a volunteer, member, contractor or
> employee
> 	research and analysis
> 	so we can maintain and update a supporter and sponsorship database
> 	so we can contact our volunteers, members, supporters and staff
>
> Your personal information is not disclosed to third parties without your
> consent or unless required by law.
>
> We may use the information for internal reviews and analysis and may also
> use it to produce certain consolidated statistics about our services.
> However, we will not disclose your individual information nor sell, trade
> or rent that information.
>
> If we need to disclose any information to conform with any laws or legal
> process we will inform you what information has been disclosed and to whom
> (unless informing you is precluded by legislation), so that you can take
> necessary action.
>
> Consent
>
> If you give us your personal and sensitive information you are consenting
> to our use of this information in accordance with the principles outlined
> in this Privacy Statement.
>
> Changes to the Privacy Statement
>
> If at any time we change the Privacy Statement, we will post changes on
our
> website at http://www.computerbank.org.au/privacy_statement.html
>
> Resolution of privacy concerns
>
> If you are concerned about a possible interference with your privacy, you
> should contact the Computerbank Australia Inc Privacy Officer by writing
> to:
>
> The Privacy Officer
> Computerbank Australia Inc
> Victorian Branch
> 92 Rosslyn Street
> West Melbourne. VIC. 3003
>
> Phone: (03) 9600 9161
> Email: kylied at projectx.com.au
>
> If your concerns are not resolved to your satisfaction, the matter can be
> referred to the Privacy Commissioner on 1800 023 985.
>
> Further Information
>
> The full text of Computerbank Australia Inc's Privacy Policy is available
> online at http://www.computerbank.org.au/privacy_policy.html and can be
> viewed at all Computerbank Australia Inc offices.
>
>
>
>
>
>
> Acknowledgements:
> This privacy statement has been adapted and modified by Kylie Davies from
> the Brotherhood Of St Laurence Privacy Statement. The original document
can
> be found online at: http://www.bsl.org.au/about/privacy.html
> _______________________________________________
> cai-committee mailing list
> cai-committee at lists.linux.org.au
> http://lists.linux.org.au/listinfo/cai-committee

--


_______________________________________________
The opinions expressed herein are solely those of the individual, and do not
express the opinions of Computerbank Australia Incorporated (CAI) in any
way.
_______________________________________________

computerbank mailing list
computerbank at lists.linux.org.au
http://lists.linux.org.au/listinfo/computerbank
Web page: http://www.computerbank.org.au




More information about the computerbank mailing list