There is no absolute right to privacy in Australian law and there is no clearly recognised tort of invasion of privacy or similar remedy available to people who feel their privacy has been violated. Privacy is, however, affected and protected in limited ways by common law in Australia and a range of federal, state and territorial laws, as well as administrative arrangements.^[1]

What is privacy?

There is no statutory definition of privacy in Australia.^[1] The Australian Law Reform Commission (ALRC) was given a reference to review Australian privacy law in 2006. During that review it considered the definition of privacy in 2007 in its Discussion paper 72.^[2] In it, the ALRC found there is no "precise definition of universal application" of privacy; instead it conducted the inquiry considering the contextual use of the term "privacy".^{[2]: para 1.37–1.45}

In reaching that conclusion, the ALRC began by considering the concept of privacy:^{[2]: para 1.29}

"It has been suggested that privacy can be divided into some separate, but related concepts:

• Information privacy, which involves the establishment of rules governing the collection and handling of personal data such as credit information, and medical and government records. It is also known as "data protection";^[3]
• Bodily privacy, which concerns the protection of people’s physical selves against invasive procedures such as genetic tests, drug testing and cavity searches;
• Privacy of communications, which covers the security and privacy of mail, telephones, e-mail and other forms of communication; and
• Territorial privacy, which concerns the setting of limits on intrusion into the domestic and other environments such as the workplace or public space. This includes searches, video surveillance and ID checks.

Privacy at common law

It is unclear if a tort of invasion of privacy exists under Australian law.^[4] The ALRC summarised the position in 2007:^{[2]: para 5.12, 5.14}

"In Australia, no jurisdiction has enshrined in legislation a cause of action for invasion of privacy; however, the door to the development of such a cause of action at common law has been left open by the High Court in Australian Broadcasting Corporation v Lenah Game Meats Pty Ltd (Lenah Game Meats).^[5] To date, two lower courts have held that such a cause of action is part of the common law of Australia. ..."

"At common law, the major obstacle to the recognition in Australia of a right to privacy was, before 2001, the 1937 High Court decision in Victoria Park Racing & Recreation Grounds Co Ltd v Taylor (Victoria Park).^[6] In a subsequent decision, the High Court in Lenah Game Meats indicated clearly that the decision in Victoria Park 'does not stand in the path of the development of … a cause of action (for invasion of privacy)'. The elements of such a cause of action – and whether the cause of action is to be left to the common law tradition of incremental development or provided for in legislation – remain open questions."

However, in 2008, the Court of Appeal of the Supreme Court of Victoria held "damages should be available for breach of confidence occasioning distress, either as equitable compensation, or under Lord Cairns' Act."^[7] This is a reference to the equitable doctrine of breach of confidence, which is different from a tort of invasion of privacy, although it has some applications to situations where one's privacy has been invaded.^[8][9]

In 2013, Attorney-General of Australia Mark Dreyfus QC MP again referred the issue of privacy to the ALRC. Its terms of reference included a detailed legal design of a statutory cause of action for serious invasions of privacy, and to consider the appropriateness of any other legal remedies to redress for serious invasions of privacy. The final report, Serious Invasions of Privacy in the Digital Era (ALRC Report 123), was tabled in September 2014, after there had been a change of government. There has not been a formal response from the Australian government.

Postal confidentiality

Since at least the 19th century, it has been the practice to enclose mail in an envelope to prevent infringement of confidentiality. The unauthorised interception of mail of another is a criminal offence.^[10]

Telecommunications privacy

Telecommunications (Interception and Access) Act 1979

An Attorney-General discussion paper notes:

"The primary objective of the current legislation governing access to communications is to protect the privacy of users of telecommunications services in Australia by prohibiting covert access to communications except as authorised in the circumstances set out in the Telecommunications (Interception and Access) Act 1979."^[11]

Telecommunications (Interception and Access) Amendment (Data Retention) Act 2015

On 26 March 2015 both Houses of Parliament passed the Telecommunications (Interception and Access) Amendment (Data Retention) Act 2015, which received royal assent on 13 April 2015.^[12]

The Act implements recommendations of the Parliamentary Joint Committee on Intelligence and Security (PJCIS) Report of the Inquiry into Potential Reforms of Australia’s National Security Legislation by amending the Telecommunications (Interception and Access) Act 1979 to:

• require telecommunications service providers to retain for two years telecommunications data (not content) prescribed by regulations;
• provide for a review by the PJCIS of the mandatory data retention scheme no more than three years after the end of its implementation phase;
• limit the range of agencies that are able to access telecommunications data and stored communications;
• provide for record-keeping and reporting the use of, and access to, telecommunications data; and
• require the Commonwealth Ombudsman to inspect and oversight these records for compliance, and Telecommunications Act 1997 to make consequential amendments.

Controversy over 2015 Act

Despite being considered by some^[who?] an absolute and whole violation of the right to privacy under the Privacy Act 1988, the topic, whilst debated,^[when?] was never brought to light by mainstream media.^{[clarification needed on the role of media and definition of "mainstream"]} The consideration was postured^{[clarification needed on the meaning of this phrase]} due to the nature of the metadata being retained under the Act and the concept that^{[clarification needed on how this concept relates to the law that was passed]} while not directly capturing the content of communications undertaken, the bill gives considerable leeway in the kind of metadata being collected.

Australian privacy laws

Commonwealth

• Privacy Act 1988
• Telecommunications Act 1997
• National Health Act 1953
• Data-matching Program (Assistance and Tax) Act 1990
• Crimes Act 1914
• Anti-Money Laundering and Counter-Terrorism Financing Act 2006
• The Healthcare Identifiers Act 2010
• Personally Controlled Electronic Health Records Act 2012
• Telecommunications (Interception and Access) Amendment (Data Retention) Act 2015

New South Wales

• Privacy and Personal Information Protection Act 1998
• Health Records and Information Privacy Act 2002
• Freedom of Information Act 1989 (Repealed)^[13]
• State Records Act 1998
• Criminal Records Act 1991
• Surveillance Devices Act 2007
• Workplace Surveillance Act 2005
• Telecommunications (Interception and Access) (New South Wales) Act 1987
• Access to Neighbouring Land Act 2000
• Crimes (Forensic Procedures) Act 2000

Victoria

• Privacy and Data Protection Act 2014
• Health Records Act 2001
• The Charter of Human Rights and Responsibilities Act 2006
• Freedom of Information Act 1982
• Public Records Act 1973
• Surveillance Devices Act 1999
• Telecommunications (Interception) (State Provisions) Act 1988

Queensland

• Human Rights Act 2019
• Public Interest Disclosure Act 2010
• Information Privacy Act 2009
• Right to Information Act 2009
• Public Records Act 2002
• Police Powers and Responsibilities Act 2000
• Criminal Law (Rehabilitation of Offenders) Act 1986
• Invasion of Privacy Act 1971
• Private Employment Agents (Code of Conduct) Regulation 2005

South Australia

• Freedom of Information Act 1991
• State Records Act 1997
• Surveillance Devices Act 2016
• Listening and Surveillance Devices Act 1972
• Telecommunications (Interception) Act 1988

Western Australia

• Freedom of Information Act 1992
• Health Services (Conciliation and Review) Act 1995
• State Records Act 2000
• Spent Convictions Act 1988
• Surveillance Devices Act 1998
• Telecommunications (Interception) Western Australia Act 1996

Tasmania

• Personal Information Protection Act 2004
• Right to Information Act 2009
• Archives Act 1983
• Annulled Convictions Act 2003
• Listening Devices Act 1991
• Telecommunications (Interception) Tasmania Act 1999

Northern Territory

• Information Act 2002
• Criminal Records (Spent Convictions) Act 1992
• Surveillance Devices Act 2007
• Telecommunications (Interception) Northern Territory Act 2001

Australian Capital Territory

• Privacy Act 1988 (Cth)
• Australian Capital Territory Government Service (Consequential Provisions) Act 1994 (Cth)
• Health Records (Privacy and Access) Act 1997
• Human Rights Act 2004
• Freedom of Information Act 1989
• Territory Records Act 2002
• Spent Convictions Act 2000
• Listening Devices Act 1992