Press Release

PRIVACY COMMISSIONER DETERMINES 13 BREACHES OF PRIVACY BY TICA

Embargo Monday April 19

Contact:
Tenants' Union Coordinator, Ms Penny Carr 0418 747921
Privacy Expert, Mr Chris Connolly 0414 938942

Today the Privacy Commissioner, in only the third Determination since the commencement of the Federal Privacy Act in 1988, found that the TICA group had breached the Privacy Act an extraordinary 13 times.

The Privacy Commissioner's Determination was in response to four separate representative complaints lodged by the Tenants' Union of Queensland. A representative complaint under the Privacy Act is a special form of class action. TICA is a privately run database which purportedly lists 'bad tenants'.

Tenants Union of Queensland spokesperson, Ms Penny Carr said, "the exceptional number of breaches supports our view that many of TICA's practices were unlawful. It is an outrage that this behaviour has been able to continue for so many years, unfairly disadvantaging many people from accessing housing - a necessity of life."

Ms Carr said that the breaches were significant, affecting every aspect of TICA's operations. "People were being listed inaccurately because TICA did not have adequate processes for verifying data and used overlapping listing categories. Tenants were then charged outrageous amounts if they rang TICA to find out if they were listed - $5.45 per minute, equivalent to $327 per hour. In some cases tenants could be listed for the terms of their natural lives and never get off the database."

The complaint process has taken an inordinate time to complete - 14 months in all - but the result has vindicated tenant advocates across the country, who have lobbied for years for greater protection from unfair listings. Ms. Carr said, “The complaints process has been long and difficult but we have been rewarded with significant outcomes. However, this determination points to the need for specific regulation for tenancy databases

Privacy expert, Mr. Chris Connolly added, 'Under the Act, the Commissioner can only make a Determination that stops an organisation from engaging in defined conduct - the Commissioner cannot determine what an organisation should do. When it comes to databases, such as TICA - that can impact adversely on thousands of people - this means that each and every behaviour may need to be tested through time-consuming complaints under the Act. This cat and mouse approach will not help either industry or tenants. Specific regulation would overcome this and provide a fair, certain marketplace."

The Determination also provides an avenue for individual tenants to gain redress. Any person who believes they have been charged an excessive amount by TICA for either lodging a request for information about a listing or to gain access to their personal information, can make a complaint to the Privacy Commissioner and seek compensation. The charge must have occurred after 21/12/02, when TICA first became subject to the Privacy Act. People who have been unfairly listed on the TICA database for a lengthy period may also be able to complain and seek compensation.

Listed persons who want more information should contact the Tenants' Union in their state or a local tenant advice service. In Queensland, tenants can
seek advice on 1800 177761 or 3257 1108 (in Brisbane).

Attached is a detailed list of the breaches found by the Commissioner. There are a total of 13 breaches, all of which are serious breaches of privacy.

Breaches of the Privacy Act as per Determinations

 

Complaint

National Privacy Principle [1]

Breach [2]
Access
6.4(b)
  • By charging individuals an $11.00 fee to lodge a request for access to their personal information via mail.
6.4(a)
  • By charging individuals an excessive amount of $11.00 for access to their personal information via mail
6.4(b)
  • By charging individuals a $5.45 per minute fee to lodge a request for access to their personal information via the 190 telephone number.
6.4(a)
  • By charging individuals an excessive amount of $5.45 per minute for access to their personal information via TICA’s 190 number.
Accuracy
3, 6.5 and 6.6
  • using an agreement with its members that does not sufficiently specify the data quality standards required
  • failing to take sufficient steps to check listings by property managers and not requiring minimum identification requirement before listing;
  • failing to advise tenants contemporaneously that they have been listed
  • using a ‘pick list’ method of reporting tenancy history, which relies on one category that is broadly defined and on descriptions that are brief, not consistently defined and are not mutually exclusive
  • providing an inadequate dispute resolution process;
  • failing to provide mechanisms to correct records where the individual concerned has established they are not accurate, complete and up-to-date or to associate a statement to this effect when there is a dispute about accuracy, completeness or currency
Timeframes
3
  • By failing to take reasonable steps to make sure the personal information it collects, uses and discloses is up-to-date (in relation to the timeframes for keeping information).
4.2
  • By failing to take reasonable steps to destroy or de-identify personal information that is no longer needed for any purpose.
[1] National Privacy Principle
[2]As per the determination, but our emphasis