Key developments in the area of Technology, Media and Telecommunications (TMT) are summarised as follows.

Judgments

Court orders delivery up of infringing firmware

On 8 November 2016, the Federal Court issued injunctions against three respondents and ordered the delivery up or certified destruction of infringing copies of the applicant's software which comprised firmware for materials testing equipment: IPC Global Pty Ltd v Pavetest Pty Ltd (No 2) [2016] FCA 1332. The First Respondent had admitted infringing the Applicant's copyright and the Second and Third Respondent's had admitted having authorised the infringement. The Second and Third Respondent's were former employees of the Applicant who had resigned and formed the First Respondent company. The Court interpreted Rule 22.07 of the Federal Court Rules 2011 as permitting it to make an order following an admission by a party, notwithstanding that other issues in the proceeding remained to be determined. By way of exception, the Court permitted the Respondents to retain a copy of the firmware as a reference copy on the basis that it might subsequently be established in the proceeding that parts were original works created after the establishment of the First Respondent. The Court also carved out existing supply contracts entered into by the First Respondent, after taking account of the impact of a destruction order on third parties who had contracted with the First Respondent.

ACMA finds TV station to be in breach of privacy code

On 9 November 2016, the Australian Television and Media Authority (ACMA) held that Tamworth-based Prime7's Local News breached the Commercial Television Industry Code of Practice by using material relating to a child's personal or private affairs in the broadcast of a sensitive matter concerning the child. The Code is formulated pursuant to section 123 of the Broadcasting Act 1992 (Cth), and clause 3.5 provides that a licensee must not broadcast material relating to a person's personal or private affairs or which invades a person’s privacy without consent unless there a public interest reason for doing so, with "special care" being required in relation to a child's affairs. The incident in question related to a program on school bullying in which video footage revealed the identity of an alleged child culprit. In response to the findings, the licensee agreed adopt various internal measures to avoid similar infringements in future – ACMA does not have the power to fine or prosecute broadcasters, but can agree to accept measures designed to avoid recurrences or else accept enforceable undertakings or impose additional licence conditions in appropriate circumstances.

Federal Court awards damages awarded against ex-employee who copied computer files

On 14 November 2016, the Federal Court awarded damages for breach of contract and breach of copyright against an employee who copied his employer's files onto a USB before resigning: SAI Global Property Division Pty Ltd v Johnstone [2016] FCA 1333. The defendant resigned as the plaintiff's business development manager and commenced working for a competitor. He admitted copying confidential information relating to the plaintiff's customers before leaving his employment, and he commenced his new job two weeks prior to his employment with the plaintiff expiring. In addition to ordering the deletion of electronic copies of certain documents and granting an injunction restraining the defendant from using the copied information, the court awarded damages representing the amount which the plaintiff had paid the defendant when he was simultaneously working for his new employer. The court awarded only nominal damages for breach of copyright, but further awarded additional damages under section 115(4) of the Copyright Act 1968 on the basis that the copyright infringement was "properly characterised as flagrant".

New legislation and guidelines

Australian Consumer Law amended to embrace "small business contracts" Effective from 12 November 2016, the Australian Consumer Law has been extended to incorporate small businesses within the "unfair contracts" regime. Until now, section 23 has provided that a term of a "consumer contract", being a contract for the supply of goods or services to an individual, is void if it is a standard form contract and the term is unfair. Section 23(1) now extends the regime to "small business contracts" as well as "consumer contracts". Section 23(4) defines a "small business contract" as being a contract in respect of which at least one party employs fewer than 20 persons and in respect of which there is either an upfront price payable which does not exceed $300,000.00 or, if the contract has a duration of more than 12 months, an upfront price payable which does not exceed $1,000,000.00. Given the prevalence of standard form contracts in the e-commerce and telecommunications industries, the change is of significance from a TMT perspective. The change will impact contracts regardless of whether the "small business" party to a "small business contract" is the supplier or the customer.

AUSTRAC issues privacy guidelines for KYC information collections On 14 November 2016, the Australian Transaction Reports and Analysis Centre (AUSTRAC) issued a guidance memorandum relating to the collection of know your customer (KYC) information for the purposes of complying with the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth). The memorandum was prompted by amendments introduced on 16 September 2016 by the Anti-Money Laundering and Counter-Terrorism Financing Rules Amendment Instrument 2016 (No 1) which now permits reporting entities to collect KYC information from sources other than a customer. Consistent with Australian Privacy Principle 3, the memorandum emphasises the importance of ensuring that only personal information which is "reasonably necessary" for the reporting entity's functions Is collected, and that information is collected from third parties only where it is "unreasonable or impracticable" to collect it direct from the customer.

Policies, reports and enquiries

Productivity Commission recommends overhaul of Australia's privacy regime

On 3 November 2016, the Productivity Commission launched a draft report on Data Availability and Use. A focus of the draft recommendations is that individuals should have greater control over information collected about them. There should be a new "comprehensive right" for consumers which, in addition to existing rights of access and correction arising under the Privacy Act, would involve improved rights to opt out of collection and to obtain machine-readable copies of their personal data from those in possession of it. The "comprehensive right" would also give consumers the right to direct data holders to transfer their data to a nominated third party. Describing current data laws as being out of touch with the requirements of the digital age, the draft report recommends the introduction of a new Data Sharing and Release Act, the creation of a National Data Custodian supported by a suite of Accredited Release Authorities. The recommendations are open for public comment until 12 December 2016.

ACMA to review telemarketing standards

On 7 November 2016, the Australian Communications and Media Authority (ACMA) announced the commencement of the process for remaking of the Telemarketing and Research Industry Standard 2007 by releasing a consultation paper entitled Automatic Sunsetting of Legislative Instruments – Proposal to remake the Telemarketing and Research Industry Standard 2007. ACMA administers the Do Not Call Register Act 2006, pursuant to which all telemarketers must adhere to the Standard which regulates such matters as the hours and days when calls can be made, information which must be provided during a call, when calls must be terminated and the use of calling line identification. The current Standard has a sunset clause which will cause it to lapse on 1 April 2017 unless it is remade beforehand. The present consultation will not address broader issues such as whether each of the current exemptions from the Standard – such as charities and registered political parties and religious organisations – should remain as these exemptions are enshrined in the legislation and are beyond the scope of the Standard.

Telecommunications Security Bill introduced in the senate

On 9 November 2016, the Telecommunications and Other Legislation Amendment Bill 2016 was introduced in the Senate.

The Bill amends:

The Telecommunications Act 1997,

– The Telecommunications (Interception and Access) Act 1979,

– The Administrative Decisions (Judicial Review) Act 1977, and

– The Australian Security Intelligence Organisations Act 1979.

This is with the objective of establishing a regulatory framework to manage national security risks of espionage, sabotage and foreign interference in Australia's telecommunications networks and facilities. Specifically, the Bill would place obligations on telecommunications carriers, carriage services providers and carriage services intermediaries to protect networks and facilities to ensure the confidentiality of communications and information, as well as to ensure the availability and integrity of networks and facilities. This security obligation would be supported by a requirement for industry to provide information to government, powers of direction and a penalty regime to encourage compliance. On the same day, the Bill was referred to the Parliamentary Joint committee on Intelligence and Security with a view to seeking written submissions by 3 February 2017 and reporting back to the Parliament in April 2017.

Re-identification Bill referred to Senate committee

On 10 November 2016, the Privacy Amendment (Re-identifications Offence) Bill 2016 was referred to the Senate Legal and Constitutional Affairs Legislation Committee, with a report due back to the Senate on 7 February 2017. As previously reported, the Bill would amend the Privacy Act 1988 to prohibit conduct related to the re-identification of de-identified personal information published or released by Commonwealth entities. The Bill creates penalties not only in relation to re-identification of de-identified data but also in relation to the disclosure of re-identified data and the failure to report de-identification activity to the Privacy Commissioner (even where such re-identification may have occurred unintentionally).

ASIC issues consultation paper on the regulation of internet offers

On 10 November 2016, the Australian Securities and Investments Commission (ASIC) issued a consultation paper dealing, amongst other things, with the extension of a class order which provides relief for foreign offerors of securities: Consultation Paper 271: Remaking and Repealing ASIC Class orders on Internet Offers, hawking and PDS Obligations. Class order CO 02/246 is entitled Offers of Securities on the Internet and is considered by ASIC to be operating well. The Class Order conditionally exempts offerors from complying with PDS (product disclosure statement), advertising and hawking restrictions imposed by the Corporations Act 2001. The exemption applies to offers issued in Australia which are incidental to their issue in foreign jurisdictions where those offers can lawfully be made, and which are not intended to result in applications for investments being made by persons in Australia. The relief is intended for the benefit of foreign offers who make offers of financial products to persons outside of Australia. Subject to some minor amendments, ASIC is proposing to issue a new Class Order which would extend the current relief beyond the current sunset date of 1 April 2017.

Attorney-General's Department releases identity crime statistics

On 16 November 2016, the Commonwealth Attorney-General's Department published a report which assessed the prevalence and cost of identity crime in Australia: Identity Crime and Misuse in Australia 2016. The report estimated that the annual cost of identity crime in Australia was $2.2bn, together with a further $390m spent on prevention and response. Around 4-5% of Australians experienced financial loss from identity crime each year, with the greatest vulnerability arising from stolen driver licences and Medicare cards being the most likely credentials used for this purpose. Most identity crime victims lost relatively small amounts of money (up to $1,000) but there were also intangible effects such as wasted time and adverse health impacts. Identity crime tended to be under-reported, with 38% of survey respondents indicating they did not report the incident, and only 16% reporting an incident to the police.

National Transport Commission (NTC) releases report and updated commentary regarding automated vehicle regulation in Australia

In the course of November 2016, the National Transport Commission released a report, a policy paper and a discussion paper relating to automated vehicles.

Key findings

The NTC's report considers the case for amending the Privacy Act 1988 to better regulate the handling of personal information generated from automated vehicles. The report found the need for such action will depend on the nature of the technologies ultimately adopted. For the most part, the NTC anticipates that while automated vehicles will not generate personal information, it is not clear whether Global Navigation Satellite Systems will generate data that could map the location history of vehicles and therefore raise privacy concerns. The report also considers that consumer concerns concerning the extent of government access (particularly by law enforcement) to vehicle data will need to be addressed.

The NTC's policy paper outlines a number of regulatory reform recommendations. Although no regulatory barriers to automated rail have been identified in Australia, the NTC has found there is no regulatory regime in place to ensure the safe operation of highly or fully automated vehicles. In the case of conditionally automated vehicles (which require a human driver to monitor the vehicle when the automation system is active) the paper recommends clarifying the issue of who has "control" of the vehicle in those circumstances. One recommendation is the development of national guidelines for on-road testing and trials of automated vehicles.

That issue is further considered in the NTC's discussion paper, which explains that because trialling organisations will need exemptions from existing legislative and regulatory obligations, nationally-consistent guidelines are needed to ensure the framework under which such exemptions are granted (and the nature of the conditions likely be imposed on them) are consistent across the States and Territories in order to:

– Reduce costs,

– Facilitate cross-border trials,

– Promote certainty and clarity, and

– Establish minimum standards of safety and raise awareness and acceptance of automated vehicles within the community.

The NTC will receive input in relation to the guidelines until 4pm on Monday, 16 January 2017 via its website.

ACCC reports on problematic terms in standard form telecommunications, and other, contracts.

On 10 November 2016, the Australian Competition and Consumer Commission (ACCC) released a report into potentially unfair terms commonly used in standard form contracts within the telecommunications industry and other industries: Unfair Terms in Small Business Contracts. Key shortcomings related to unilateral variation rights, early termination charges and liability exclusions. The report was released ahead of amendments to section 23 of the Australian Consumer Law, which came into effect on 12 November 2016, which extended protection against unfair terms in standard form contracts so as to embrace small businesses (see discussion above)