EEH v NSW Self Insurance Corporation

Civil and Administrative Tribunal

New South Wales

Medium Neutral Citation:	EEH v NSW Self Insurance Corporation [2022] NSWCATAD 361
Hearing dates:	On the papers
Date of orders:	10 November 2022
Decision date:	10 November 2022
Jurisdiction:	Administrative and Equal Opportunity Division
Before:	A Christie, Senior Member
Decision:	(1)   Within 30 days of the date of these Reasons for Decision the Respondent must: (a)   permanently and securely redact or delete in accordance with IPP 5(b) all of the Applicant’s personal information which has been found in these Reasons for Decision to have been collected and/or is being held by the Respondent in breach of any of IPPs 1, 2 and/or 5 (i) contained in all copies of the Deed held by or under the control of the Respondent and (ii) which has otherwise been extracted or copied from the Deed and is held in any records of or under the control of the Respondent. This personal information includes, at a minimum, paragraphs D, E, F and G, the definitions of “Claims” and “[Name] Private Prosecution”, clauses 2 and 6 and Schedules 1, 2, 3, 4, 5 and 10 of the Deed; and (b)   provide to the Applicant an unreserved formal written apology addressing and apologising for the Respondent’s breaches of IPPs 1, 2 and 5 as identified in these Reasons for Decision and for all harm, distress, loss and embarrassment caused to the Applicant resulting from such. (2)   The Respondent must give the Applicant written notice of its compliance with Order (1)(a) above within 14 days of the date that the Respondent complied with that Order.
Catchwords:	ADMINISTRATIVE REVIEW - Privacy and Personal Protection Act – IPPs 1, 2 and 5 – ss 25(b) and 26 PPIP Act and exemption from compliance with IPP 2 – s 21 State Records Act and non‑compliance with IPP 5 – unsolicited information and when collected for the purposes of the PPIP Act – appropriate orders in the circumstances.
Legislation Cited:	Administrative Decisions Review Act 1997 Administrative Decisions Tribunal Act 1997 Civil and Administrative Tribunal Act 2013 NSW Self Insurance Corporation Act 2004 Privacy Act 1988 (Cth) Privacy and Personal Information Protection Act 1998 State Records Act 1998 Workers' Compensation Act 1987
Cases Cited:	AF v Healthquest & Another [2011] NSWADT 99 AIN v Medical Council of New South Wales [2017] NSWCATAP 23 ALZ v SafeWork NSW [2017] NSWCATAP 51 ALZ v WorkCover NSW [2015] NSWCATAP 138 CCM v Western Sydney University [2019] NSWCATAP 103 CEU v University of Technology Sydney [2018] NSWCATAD 13 CJU v HealthShare NSW [2021] NSWCATAD 372 DED v Randwick City Council [2017] NSWCATAD 327 Department of Education and Training v GA (No 3) [2004] NSWADTAP 50 Department of Education and Training v ZR (No 2) [2009] NSWADTAP 44 Drake v Minister for Immigration and Ethnic Affairs (1979) 46 FLR 409 EMF v Cessnock City Council [2021] NSWCATAD 219 GL v Director General, Department of Education & Training [2003] NSW ADT 166 GR v Department of Housing (GD) [2004] NSWADTAP 26 Insurance and Care NSW v EEH [2021] NSWCATAP 350 KT v Sydney Local Health Network [2011] NSWADT 171 OA v Department of Housing [2005] NSWADT 233 OA v Department of Housing (No. 2) [2006] NSWADT 94 PN v Department of Education and Training (GD) [2010] NSWADTAP 59 Privacy Commissioner v Telstra Corporation Limited [2017] FCAFC 4 Waters v Transport for NSW [2018] NSWCATAD 40
Texts Cited:	Nil
Category:	Principal judgment
Parties:	EEH (Applicant) NSW Self Insurance Corporation (Respondent)
Representation:	Solicitors: Applicant (Self Represented) Crown Solicitor (Respondent)
File Number(s):	2020/00215886
Publication restriction:	The publication or broadcast of the name of the Applicant is prohibited under s 64(1)(a) Civil and Administrative Tribunal Act 2013.

REASONS FOR DECISION

1. In these Reasons for Decision the name of the applicant has been anonymised so as to preserve the privacy of their personal affairs. The applicant is referred to as the “Applicant” or “EEH”. I have also limited my discussion of the evidence in order to avoid the possibility that the identity of the Applicant or other individuals might be revealed.

2. After correspondence between the Applicant and Insurance and Care NSW (icare) acting for and on behalf of the Respondent relating to the Applicant’s requests to access their personal information and the provision of such information, on 7 April 2020 the Applicant sent a privacy complaint to the Respondent seeking an internal review of certain conduct of the Respondent (IR Request) that the Applicant alleged breached certain Information Privacy Principles (IPPs).

3. On the basis that the Respondent had not responded to (i.e. notified a decision on) the IR Request within the prescribed time (i.e. a deemed refusal), on 23 July 2020 the Applicant applied to the Tribunal for administrative review (AR Application) under s 55 of the Privacy and Personal Information Protection Act 1998 (PPIP Act) of the conduct of concern detailed in the IR Request. However, the Applicant is now only pressing certain of the alleged breaches of IPPs arising from the "Conduct of Concern" (as detailed in paragraph [10] below).

4. Prior to the first scheduled case conference in this matter on 27 August 2020, on 26 August 2020 the Respondent issued its “Report of Internal Review" in response to the IR Request (IR Decision).

5. As noted by the Tribunal in its Orders dated 6 April 2022, these proceedings on the AR Application are to be dealt with by the Tribunal on the papers (i.e. without a hearing).

Background

6. On 22 November 2011 a meeting was attended by the Applicant and their legal representatives (November 2011 Meeting) to finalise prior negotiations and a deed to settle a number of allegations and claims including specific workers compensation claims (together Claims) made by the Applicant against the New South Wales Police Force (NSWPF). At the November 2011 Meeting on 22 November 2011 a deed of release was executed by the Applicant and the NSWPF to record the agreed settlement of all of the Claims (Deed or Deed of Release).

7. It is not in dispute that the Respondent is not a party to the Deed, a complete copy of the Deed covering all Claims was provided to/obtained by EML, as an agent of the Respondent on or around 24 November 2011, the Respondent (or EML on behalf of the Respondent) still holds a complete copy of the Deed covering all Claims and that the Deed or, more correctly, its contents are the Applicant's personal information.

8. An application for internal review of similar conduct of concern by icare was made by the Applicant on 10 January 2020. icare issued its internal review report on 10 March 2020 and the Applicant subsequently filed an application for administrative review of that conduct of concern with the Tribunal on 19 March 2020 (icare Review).

9. From late May 2020 until early July 2020 the legal representatives of icare and the Respondent corresponded with the Applicant in relation to, among other things, their concerns about the overlap between the icare Review and the IR Request. After a directions hearing in the icare Review and a confirmatory email from the Applicant dated 6 July 2020, this correspondence culminated in the Respondent informing the Applicant that icare, on behalf of the Respondent, would complete an internal review of the IR Request within 60 days of the Applicant’s 6 July 2020 email.

Internal review request

10. The Respondent's conduct of concern as set out in the IR Request is, in summary and most relevantly (noting that some of the alleged breaches of IPPs arising from the conduct of concern set out in the IR Request are now not being pressed by the Applicant), that (Conduct of Concern):

1. The collection of the Applicant's personal information (at least some of it) in the Deed was not reasonably necessary for any lawful purpose directly related to a function or activity of the Respondent in contravention of s 8(1) PIPA Act (IPP 1(1)).

2. The Respondent collected the Applicant's personal information (at least some of it) in the Deed by unlawful means in contravention of s 8(2) PPIP Act (IPP 1(2)).

3. The collection of the Applicant's personal information (at least some of it) in the Deed indirectly from the NSWPF (i.e. not directly from the Applicant) was in contravention of s 9 PPIP Act (IPP 2).

4. The continued retention of the Applicant's personal information (at least some of it) in the Deed by the Respondent is in contravention of s 12(a) PPIP Act (IPP 5).

Internal review decision

11. The IR Decision, which was provided a month after the AR Application, recorded the results of the internal review which found that the Respondent had not breached any of the relevant sections of the PPIP Act/IPPs as alleged in the IR Request and, most relevantly (i.e. only in relation to those alleged breaches of the IPPs being pressed), noted as follows:

[3.12]   The [IR Request] primarily addresses the manner in which [the Respondent] came into possession of a copy of the Deed and its retention of the same. The [Applicant] considers that [the Respondent] should not have access to a copy of the Deed and that it has obtained and retained that document unlawfully or inappropriately to the detriment of [their] privacy and personal life.

…

[4.14]   [As regards the breach of ss 8(1)(b) and (2) PPIP Act] In November 2011, EML instructed solicitors of the law firm DLA Piper to attend a mediation with the applicant and his representatives to resolve the applicant's open workers compensation claims regarding which EML administered coverage under the TMF on behalf of the NSWPF, including the relevant claim…

…

[4.18]   A copy of the final Deed of Release was provided by the representatives of NSWPF to representatives for EML on 23 November 2011. EML obtained a copy of the Deed from its legal representatives on 24 November 2011.

…

[4.20]   … I found that the Deed was collected for a lawful purpose directly related to a function of SICorp [the Respondent] being the resolution of the applicant's workers compensation claims for which SICorp had responsibility pursuant to its function of operating the TMF. EML and SICorp were responsible for management and payment of the applicant's claims covered by the TMF. The collection of the Deed, detailing the mechanisms and prerequisites for the payment and finalisation of those claims, is directly related to that purpose.

[4.21]   I further find that it was reasonably necessary for EML on behalf of SICorp, as the agency responsible for payment of the applicant's claims, to collect a copy of the document which sets the terms and conditions of any agreed payment by way of resolution of those claims. It is anomalous to suggest that the agency should not possess a copy of a document by the terms of which it is obliged to make substantial payments in resolution of specific claims, particularly in circumstances where it was involved, via its agent, in negotiation and finalisation of that document.

…

[4.23] [Speaking of the matters raised in the IR Request relating to alleged breaches by the NSWPF including the contraventions of s 75(2)(b) of the ADR Act in respect of the applicant's identity in relevant proceedings] Each of those matters addressed alleged obligations on the NSWPF in relation to disclosure of the Deed, as opposed to prohibitions on EML or SICorp in relation to its collection. I therefore make no findings in relation to those matters.

[4.24]   I find that the collection of the Deed was not unlawful. The applicant has advanced no positive legal prohibition which would lead to that conclusion. There is no evidence of any collection of the Deed by unlawful means in the nature of covert listening or filming. By contrast, the representatives from EML on behalf of SICorp were actively involved in the negotiation of the Deed to the knowledge or constructive knowledge of the applicant.

…

[4.29]   [As regards the breach of s 9 PPIP Act] I further find that the applicant can be regarded as having constructively authorised collection of the Deed by EML indirectly, by reason of the joint negotiation of its terms in November 2011 between representatives for the applicant, EML and the NSWPF. It can be inferred from those negotiations that the applicant was aware or constructively aware that a copy of the Deed, once finalised, would be shared with EML, and authorised [their] representatives to share a copy with its representatives.

…

[4.30]   I note that Schedule 9 to the Deed, being a document signed by the Applicant on 22 November 2011 containing express admissions in relation to the relevant claim, includes the admission that the applicant acknowledges that the NSWPF and "its workers compensation insurer" consent to the Deed by way of compromise and in relation upon [their] admissions. It can therefore be inferred that the applicant was aware of and consented to the Deed being shared with the entity providing coverage in relation to [their] workers compensation claims against NSWPF.

[4.31]   In the alternative, I find that non‑compliance with s 9 of the PPIP Act was necessarily implied or reasonably contemplated under the legislative scheme for workers compensation for the purposes of the exemption in s 25(b) of the PPIP Act. …

…

[4.33]   [After quoting from PN vDepartment of Education and Training (GD) [2010] NSWADTAP 59 (at [54] – [57])] With reference to the findings of the Tribunal set out above, I find that the indirect collection of the Deed by SICorp was undertaken for the purpose of resolving the Applicant's workers compensation claims in accordance with the obligations imposed by the workers compensation regime. It is reasonably contemplated or necessarily implied by that regime that an insurer (SICorp) will have access to relevant documentation held by the employer (NSWPF) in relation to claims against the employer. See, for example, s 264(2) of the Workplace Injury Management and Workers Compensation Act1998.

[4.34]   Further or in the alternative, I find that non‑compliance with s 9 was necessarily implied or reasonably contemplated under the provisions of the SICorp Act. The statutory functions of SICorp expressly include the operation of the TMF (s 8(1)(a)) and acting for an authority of the State (including NSWPF) in dealing with claims under the TMF (s 8(1)(d)). The capacity of SICorp to operate the TMF and "deal with" claims arising under it necessarily contemplates the collection of information relevant to the management and resolution of those claims from agencies who are covered by the scheme.

…

[4.53]   [Considering whether there was a breach of s 12(a) PPIP Act/IPP 5(a)] The application alleges that SICorp has retained the Deed for longer than is necessary for the purposes for which it may lawfully be used.

[4.54]   I consider that long‑term retention of the Deed by SICorp is necessary for SICorp to perform the function of operating the TMF, including to determine whether a claim has been appropriately finalised and the context in which that claim was finalised.

…

[4.57]   It appears to be inconsistent for the applicant to seek information held by EML about the relevant claim in the expectation that it will have been retained, and request amendment to that information on the basis that it inaccurately describes the resolution of that claim, while also alleging that the long‑term retention of the Deed by which that claim was finalised is unnecessary and inappropriate. The applicant's various enquiries and requests in relation to the resolution of the relevant claim themselves illustrate the necessity of long‑term retention of the Deed.

Scope of administrative review proceedings under the PPIP Act

12. It is not in dispute that the Tribunal has jurisdiction to determine these matters pursuant to ss 53(6) and 55 PPIP Act, s 30 Civil and Administrative Tribunal Act 2013 (CAT Act) and s 63 Administrative Decisions Review Act 1997 (ADR Act).

13. The scope of the request for internal review (i.e. the IR Request in this case) sets the scope of the AR Application (in this case) and thus frames the extent of the external administrative review before the Tribunal in these proceedings. The 'conduct of concern' to be considered is a matter of fact to be determined by objectively and reasonably construing the IR Request.

14. Several decisions of the Appeal Panel have set out of some fundamental principles that govern the scope of a review of an agency's conduct under the PPIP Act by this Tribunal. In an application for administrative review of an agency's (i.e. the Respondent's) conduct under s 55 PPIP Act (i.e. the AR Application in this case) the Tribunal is limited to reviewing the conduct of concern the subject of the original application for the internal review (in this case the IR Request) and any potential breaches of any IPPs resulting from that conduct.

15. The Tribunal does not have jurisdiction to review conduct of the Respondent that is not the subject of the application for internal review (i.e. the IR Request in this case): Department of Education and Training v GA (No 3) [2004] NSWADTAP 50 at [7]; Department of Education and Training v ZR (No 2) [2009] NSWADTAP 44 at [17]; and CEU v University of Technology Sydney [2018] NSWCATAD 13 at [77]. Nor does the Tribunal have jurisdiction under ss 52, 53 and 55 PPIP Act to consider alleged breaches by the agency of other than of the IPPs and/or a relevant privacy code of practice.

16. The Tribunal's role is to review the conduct of concern in issue (in this case the Conduct of Concern) and, based on the material before the Tribunal, to consider whether such contravenes any IPP and, if so, what action(s), if any, should be taken by the agency (i.e. the Respondent in this case). That is, in order to make the correct and preferable decision in the circumstances based on the material before the Tribunal. The Tribunal's role is not to review the findings of the internal review report (i.e. the IR Decision in this case): DED v Randwick City Council [2017] NSWCATAD 327 at [51]. However, often, the internal review decision of an agency can assist the Tribunal's considerations but the Tribunal must consider the conduct of concern afresh based on the evidence and material before it at the time of the hearing: Drake v Minister for Immigration and Ethnic Affairs (1979) 46 FLR 409 and KT v Sydney Local Health Network [2011] NSWADT 171.

17. As regards the evidence and material before the Tribunal to be considered in order to make the correct and preferable decision, the Appeal Panel noted in Insurance and Care NSW v EEH [2021] NSWCATAP 350:

"[22] … The Tribunal at first instance was conducting an administration review. It was entitled to assume that the agency, which was under an obligation to cooperate with the Tribunal to give effect to the guiding principle of the Civil and Administrative Tribunal Act 2013 that the just, quick and cheap resolution of real issues in the proceedings be facilitated, had placed all relevant material before it …

[61] …Parties, particularly agencies, should come to the hearing of a matter prepared to adduce all of their evidence and make all of their submissions in relation to the matters in issue in the proceedings."

18. Section 30(2)(b) CAT Act confirms that the Tribunal may exercise the functions that are conferred or imposed on it by the CAT Act, the ADR Act and the enabling legislation in connection with the conduct or resolution of these proceedings (i.e. in order for the Tribunal to make the correct and preferrable decision in the circumstances). By s 63(2) ADR Act, in an administrative review the Tribunal may exercise all of the functions that are conferred or imposed by any relevant legislation on the administrator who made the relevant decision. In this case the relevant administrator is the person undertaking the internal review and making the IR Decision, even though the IR Decision itself is not the subject of the review by the Tribunal.

Applicable legislation

19. 'Personal information' is defined by s 4(1) PPIP Act as:

"personal information" means information or an opinion (including information or an opinion forming part of a database and whether or not recorded in a material form) about an individual whose identity is apparent or can reasonably be ascertained from the information or opinion.

20. Section 4 PPIP Act provides a clarification as regards the collection and holding of personal information by agencies as follows:

⋯

(4)   For the purposes of this Act, personal information is held by a public sector agency if:

(a)   the agency is in possession or control of the information, or

(b)   the information is in the possession or control of a person employed … by the agency in the course of such employment …

(5)   For the purposes of this Act, personal information is not collected by a public sector agency if the receipt of the information by the agency is unsolicited.

21. As noted in AIN v Medical Council of New South Wales [2017] NSWCATAP 23 at [112], the definition of 'personal information' in the PPIP Act is broad and is to be interpreted broadly. The Full Federal Court in Privacy Commissioner v Telstra Corporation Limited [2017] FCAFC 4 found at [64], in applying the then very similar definition of 'personal information' in the Privacy Act 1988 (Cth), that:

The words 'about an individual' direct attention to the need for the individual to be a subject matter of the information or opinion. This requirement might not be difficult to satisfy. Information and opinions can have multiple subject matters. Further, on the assumption that the information refers to the totality of the information requested, then even if a single piece of information is not 'about an individual' it might be about the individual when combined with other information. However, in every case it is necessary to consider whether each item of personal information requested, individually or in combination with other items, is about an individual. This will require an evaluative conclusion, depending upon the facts of any individual case, just as a determination of whether the identity can reasonably be ascertained will require an evaluative conclusion.

22. “Collect” is not defined in the PPIP Act but the Tribunal has quoted, with approval in GL v Director General, Department of Education & Training [2003] NSWADT 166 at [31], the Macquarie Dictionary's definition of 'collect' "as to gather together; assemble". The Tribunal also suggested in OA v Department of Housing [2005] NSWADT 233 and OA v Department of Housing (No. 2) [2006] NSWADT 94 that agencies must comply with at least IPPs 1 and 2 at the point when a decision is made to use or take action in relation to any unsolicited information.

23. This approach has been followed in a number of recent cases including CJU v HealthShare NSW [2021] NSWCATAD 372 at [63] where the Tribunal stated:

… once the Applicant's inquiry and related personal information was accepted, actioned and/or processed by the Respondent … then the Applicant's personal information … was collected by the Respondent.

24. The various IPPs are set out in Part 2 of the PPIP Act (ss 8‑19) which, most relevantly in this case, include IPPs 1, 2 and 5 (ss 8, 9 and 12 PIPA Act) in relation to the collection and retention of the Applicant's personal information relevant to the Conduct of Concern:

1. Section 8 PPIP Act/IPP 1 provides:

Collection of personal information for lawful purposes

(1)   A public sector agency must not collect personal information unless:

(a)   the information is collected for a lawful purpose that is directly related to a function or activity of the agency, and

(b)   the collection of the information is reasonably necessary for that purpose.

(2)   A public sector agency must not collect personal information by any unlawful means.

2. Section 9 PPIP Act/IPP 2 most relevantly provides:

Collection of personal information directly from individual

A public sector agency must, in collecting personal information, collect the information directly from the individual to whom the information relates unless:

(a)   the individual has authorised collection of the information from someone else, or …

3. Section 12 PPIP Act/IPP 5 most relevantly provides:

Retention and security of personal information

A public sector agency that holds personal information must ensure:

(a)   that the information is kept for no longer than is necessary for the purposes for which the information may lawfully be used, and …

25. Section 25 PPIP Act provides as follows:

Exemptions where non-compliance is lawfully authorised or required

A public sector agency is not required to comply with sections 9 [IPP 2], 10, 13, 14, 15, 17, 18 or 19 if:

(a)   the agency is lawfully authorised or required not to comply with the principle concerned, or

(b)   non-compliance is otherwise permitted (or is necessarily implied or reasonably contemplated) under an Act or any other law (including the State Records Act 1998).

26. The exemption in s 25(a) PPIP Act requires the express authorisation or requirement not to comply with the relevant section of the PPIP Act, an IPP or IPPs to be set out in the relevant Act or law. The exemption in s 25(b) PPIP Act, however, only requires that non-compliance is otherwise (i.e. while not expressly stated in an Act or law as permitted or required it is) "necessarily implied or reasonably contemplated" under an Act or any other law.

27. Section 26 PPIP Act provides, most relevantly:

Other exemptions where non-compliance would benefit the individual concerned

(1)   A public sector agency is not required to comply with section 9 [IPP 2] or 10 if compliance by the agency would, in the circumstances, prejudice the interests of the individual to whom the information relates. …

28. Section 50 CAT Act provides, in summary and most relevantly, that:

⋯

(2)   The Tribunal may make an order dispensing with a hearing if it is satisfied that the issues for determination can be adequately determined in the absence of the parties by considering any written submissions or any other documents or material lodged with or provided to the Tribunal.

(3)   The Tribunal may not make an order dispensing with a hearing unless the Tribunal has first:

(a)   afforded the parties an opportunity to make submissions about the proposed order, and

(b)   taken any such submissions into account …

29. Section 75(2)(b) of the then Administrative Decisions Tribunal Act 1997 (as it was at the time of the collection of the Deed in 2011) relevantly provided that the predecessor of the Tribunal (the ADT) may make (ADT Restriction):

⋯

(b)   an order prohibiting or restricting:

(i)   the disclosure of the name, address, picture or any other material that identifies, or may lead to the identification of, any person (whether or not a party to proceedings before the Tribunal or a witness summoned by, or appearing before, the Tribunal), or

(ii)   the doing of any other thing that identifies, or may lead to the identification of, any such person. …

30. The relevant provisions of the State Records Act 1998 (SR Act) are:

1. In s 3 SR Act, the definition of “State record” is:

State record means any record made and kept, or received and kept, by any person in the course of the exercise of official functions in a public office, or for any purpose of a public office, or for the use of a public office, whether before or after the commencement of this section.

2. Section 21 SR Act provides, most relevantly:

Protection measures

(1)   A person must not—

(a)   abandon or dispose of a State record, or

…

(d)   damage or alter a State record, or …

(2)   None of the following is a contravention of this section—

(a)   anything done in accordance with normal administrative practice in a public office (as provided by section 22),

(b)   anything that is authorised or required to be done by or under this Act, or by or under a provision of any other Act that is prescribed by the regulations as being an exception to this Part,

…

(d)   anything done pursuant to an order or determination of a court or tribunal,

…

(6)   This section prevails over a provision of any other Act enacted before the commencement of this section.

(7)   An Act enacted after the commencement of this section is not to be interpreted as prevailing over or otherwise altering the effect or operation of this section except in so far as that Act provides expressly for that Act to have effect despite this section.

31. The published decision of at least one of the matters of the Administrative Decisions Tribunal (ADT) specifically referred to in (and subject to the terms of release of) the Deed includes the following:

Section 75(2)(b) of the Administrative Decisions Tribunal Act 1997 applies in relation to the identity of the Applicant.

Preliminary issues for determination and consideration

32. From the IR Request, the AR Application and the submissions of the parties, the preliminary issues that arise to be determined by the Tribunal are:

1. the scope of the Tribunal's review in these proceedings; and

2. if the AR Application can be dealt with on the papers in the absence of the parties.

33. In addition to containing the personal information of the Applicant, the Deed also contains the health information of the Applicant in relation to the workers compensation claims settled by the Deed. However, the IR Request did not seek an internal review in respect of the Applicant's health information included in the Deed. This is consistent with the later submissions of the Applicant in these proceedings which solely focus on the Applicant's personal information in the Deed collected by the Respondent which is not related to their workers compensation claims. In any event, as noted above at paragraph [15], the Tribunal is limited to considering the Conduct of Concern and the alleged resulting breaches of the IPPs (being pressed) where such have been expressly specified in the IR Request.

34. From the consideration of the Conduct of Concern, the IR Request and the Applicant's submissions, the potential alleged breaches of the IPPs arising from the Conduct of Concern to be considered in these proceedings relate to the collection (IPPs 1 & 2) and retention (IPP 5) of the Applicant's personal information (or at least some of it) included in the Deed and collected by the Respondent in November 2011.

35. The Applicant also alleges in the IR Request that obligations of confidentiality owed to the Applicant under the Deed (i.e. by the NSWPF) were breached, there was inducement of the NSWPF to breach the contract (i.e. the Deed), NSWPF's statutory obligations to protect the Deed against disclosure and other misuse were contravened, a statutory obligation on NSWPF not to disclose the Deed to any other person or body was contravened, there was a breach of relevant police regulations in respect of the Applicant's confidential complaints and there was a contravention of the ADT Restriction in respect of the disclosure of the Applicant's identity in relation to various proceedings decided by and/or before the ADT in late 2011 (collectively Other Alleged Breaches). However, as noted in paragraph [15] above, only the alleged breaches of the IPPs (i.e. those being pressed) resulting from the Conduct of Concern and specified in the IR Request are within the Tribunal's jurisdiction in relation to an application under s 55 PPIP Act for administrative review by the Tribunal (i.e. the AR Application in this case). Although matters such as the Other Alleged Breaches, if established, where relevant and if applicable may be taken into account in the Tribunal's consideration of the alleged breaches of the relevant IPPs by the Respondent arising from the Conduct of Concern in order to assist the Tribunal's determination of the correct and preferable decision on the basis of the material before the Tribunal.

36. Therefore, the scope of these AR Proceedings before the Tribunal (i.e. the Tribunal's administrative review) is limited to the Conduct of Concern (see paragraph [10] above) and the alleged potential breaches of IPPs 1, 2 and 5 by the Respondent arising out of the Conduct of Concern.

37. The Tribunal therefore has not specifically considered in and of themselves and does not address in these Reasons for Decision the Other Alleged Breaches raised in the IR Request and the submissions and evidence of the parties on such which are outside of the scope of the Tribunal's administrative review, unless and except (and then only to the extent that) they directly relate to or impact the matters that are within the scope of the Tribunal's review.

38. Given the lack of objection of the parties to the determination of the AR Application on the papers, the Tribunal having heard the parties at an earlier Directions Hearing on this, the material before the Tribunal and based on the "guiding principle" set out in s 36(1) CAT Act, I am satisfied that there is nothing that could be added by having a hearing in respect of the AR Application. That is, I am satisfied that the issues for determination in relation to the AR Application (in order to make the correct and preferable decision) can be adequately dealt with by the Tribunal in the absence of the parties on the papers by considering the material that is before me in these proceedings.

Issues for determination

39. Based on the conclusions above as regards the preliminary issues, the real and substantive issues to be determined by the Tribunal in these proceedings, in order for the Tribunal to make the correct and preferable decision on the material before the Tribunal, are:

1. Whether the Conduct of Concern breached IPPs 1(1) and/or 1(2) (respectively ss 8(1) and 8(2) PPIP Act).

2. Whether IPP 1 is not relevant in the circumstances as the personal information related to the aspects of the Deed not relevant to the workers compensation claims was not asked for (or solicited) by the Respondent and thus was unsolicited information not subject to IPP 1.

3. Whether the Conduct of Concern breached IPP 2(a) (s 9(a) PPIP Act).

4. In the case of a finding of the Respondent's breach of or non‑compliance with IPP 2(a) (s 9(a) PPIP Act), whether s 25 PPIP Act allows the Respondent, in the circumstances of this case, not to comply with IPP 2(a).

5. In the case of a finding of the Respondent's breach of or non‑compliance with IPP 2(a) (s 9(a) PPIP Act) which is not exempted by s 25 PPIP Act, whether s 26 PPIP Act allows the Respondent, in the circumstances of this case, not to comply with IPP 2(a).

6. Whether the Conduct of Concern breached IPP 5(a) (s 12(a) PPIP Act).

7. In the case of a finding of the Respondent's breach of or non‑compliance with IPP 5(a) (s 12(a) PPIP Act), whether the Respondent's obligations under the SR Act (as specifically raised by the Respondent) require the Respondent to keep all of the personal information included in the Deed unaltered and in perpetuity.

8. What the correct and preferable decision is and, if relevant, what orders that should be made by the Tribunal following on from the correct and preferable decision.

The Applicant’s submissions

40. On 11 April 2022 the Applicant filed with the Tribunal and served on the Respondent the "Applicant's Submissions" (Applicant Submissions).

41. In summary and most relevantly the Applicant submitted in the Applicant Submissions, in relation to the alleged breach of IPP 1 arising from the Conduct of Concern, that:

1. Although the IR Request generally refers to the Deed as subject to the Applicant's complaint, IPP 1 (s 8 PPIP Act) is concerned with the collection of "personal information" as opposed to a particular document or documents. "Thus, section 8 needs to be assessed against the different categories of personal information contained in the Deed".

2. The Applicant's personal information contained in Schedules 1, 2, 3, 4, 5 and 10 of the Deed (Other Personal Information) has no relevance to the resolution of the Applicant's workers compensation claims. The Respondent has described that Other Personal Information as "other matters arising between the Applicant and the NSWPF". This information could have been redacted, even if the other information contained in the Deed was reasonably necessary for the management of the settled workers compensation claims. Therefore, the Respondent's collection of the Applicant's personal information contained in Schedules 1, 2, 3, 4, 5 and 10 of the Deed (i.e. the Other Personal Information) was in contravention of IPP 1(1)/s 8(1) PPIP Act.

3. As regards IPP 1(2)/s 8(2) PPIP Act, the ADT Restriction applies in relation to the non‑disclosure of the identity of the Applicant in a number of the ADT cases and matters referred to in the Deed.

4. Paragraph D of the Background and Schedules 1 and 5 to the Deed identify the Applicant as the applicant in the ADT cases/matters subject to the ADT Restriction, the collection and holding of which information by the Respondent is in breach of the ADT Restriction.

5. The collection of the Applicant's personal information identifying them as the individual in the relevant cases in breach of the ADT Restriction is "illegal conduct". In other words, the collection of that personal information is by unlawful means in contravention of IPP 1(2)/s 8(2) PPIP Act.

42. In relation to the alleged breach of IPP 2 arising from the Conduct of Concern the Applicant submitted in the Applicant Submissions, in summary and most relevantly, that:

1. The Respondent is obliged to collect all relevant personal information directly from the Applicant (in this case) unless the Applicant has authorised collection of that information from someone else.

2. The Respondent did not collect the Applicant's personal information contained in the Deed directly from the Applicant but rather collected it from the NSWPF and this was not authorised by the Applicant. While the Respondent contends that the Applicant can be regarded as having "constructively authorised collection of the Deed by EML" by reason of the joint negotiations of its terms in November 2011, that is directly contrary to clause 12 of the Deed which provides that "the Deed records the entire agreement between the parties and supersedes all previous negotiations, understandings, representations and agreements in relation to the subject matter of the Deed".

3. Further, clause 15 of the Deed provides that the Deed and the contents of the Deed are "strictly confidential and not to be disclosed by the parties, other than to their legal and financial advisers on receiving an undertaking from that person to keep the terms of the Deed confidential, for the purpose of enforcement of the Deed or as may be required by law".

4. Based on the above (subparagraphs (1), (2) and (3) above) the collection of the Applicant's personal information contained in the Deed from NSWPF (and not directly from the Applicant) was in contravention of IPP 2 (s 9 PPIP Act).

43. In relation to the alleged breach of IPP 5 arising from the Conduct of Concern the Applicant submitted in the Applicant Submissions, in summary and most relevantly, that:

1. The Respondent is obliged to ensure that the personal information it collects is kept for no longer than is necessary for the purpose for which that personal information may lawfully be used.

2. While the Respondent contends that the long‑term retention of the Deed by the Respondent is necessary for it to perform the function of operating the TMF, including to determine whether a workers compensation claim has been appropriately finalised and the context in which that claim was finalised, the Applicant's personal information contained in Schedules 1, 2, 3, 4, 5 and 10 of the Deed (i.e. the Other Personal Information) has no relevance to the resolution of the Applicant's workers compensation claims. That personal information, of no relevance to the workers compensation claims, should have been destroyed as soon as practicable after collection, even if the other information contained in the Deed was reasonably necessary for the management of the settled workers compensation claims.

1. The Respondent had no lawful purpose for which the Applicant's personal information contained in Schedules 1, 2, 3, 4, 5 and 10 of the Deed (i.e. the Other Personal Information) was necessary and might lawfully be used by the Respondent.

44. The Applicant notes that they are not pressing their complaints in respect to alleged contraventions of s 10, 11 and 16 PPIP Act (IPPs 3, 4 and 9).

45. In summary and most relevantly, the Applicant seeks the following orders:

1. Within 30 days of the date of the Reasons for Decision the Respondent is to:

1. destroy the whole of the Deed or parts of the Deed found to have been collected and/or retained in breach of the IPPs in its custody or control;

2. provide an unreserved apology to the Applicant addressing each of the Respondent's breaches of the IPPs; and

3. publish notices (not identifying the Applicant) in the 'News' section of icare's website and via icare's Instagram, Twitter and Facebook social media accounts with the proposed heading and areas of content to be addressed being detailed by the Applicant.

2. Within 14 days of the date of the Respondent's compliance with the above orders the Respondent is to give written notice of its compliance with the Tribunal's orders to the Applicant.

The Respondent's submissions

46. On 3 May 2022 the Respondent filed with the Tribunal and served on the Applicant its "Submissions of Respondent – 2 May 2022" (Respondent Submissions).

47. In summary and most relevantly the Respondent submitted in the Respondent Submissions, as regards the functions of the Respondent and the alleged breaches of IPP 1, that:

1. The Respondent has the functions conferred on it under the NSW Self Insurance Corporation Act 2004 (SICorp Act) and the Workers' Compensation Act 1987 (WC Act). Under those Acts the Respondent's functions include to operate the Government's managed fund schemes (e.g. TMF), enter into agreements or arrangements with other persons in relation to the operation of such schemes, enter into insurance or other agreements or arrangements to cover liabilities to which the scheme applies and to act for the State in dealing with claims under the scheme. Under the WC Act the Respondent may enter into any arrangement with employers covered by the Government managed fund scheme as self‑insurers to act on behalf of those Government employers for the purpose of paying contributions under the WC Act and for other purposes of the WC Act. That is, the Respondent's relevant functions and activities are the management and implementation of the relevant self‑insurance scheme (e.g. TMF) and self‑insurer liabilities (i.e. assessing, settling, paying out and defending insurance claims against the relevant Government employers covered by the scheme).

2. "The phrase "reasonably necessary" in s 8(1)(b) of the PPIP Act does not mean "necessary", simpliciter, or "absolutely necessary". Indeed, the Applicant correctly submits that this phrase "falls towards the higher end of a continuum that might be seen as having 'of some relevance' at one end and 'essential' at the other end": ALZ v WorkCover NSW [2015] NSWCATAP 138 at [51]."

3. The nature of the Deed is such that it must be read in its entirety. The Deed records the entire agreement between the parties and a partial copy would record only part of the agreement between the parties. "If it was reasonably necessary to collect any part of the Deed (as the Applicant appears to concede), it was reasonably necessary to collect the entirety of it."

4. In the alternative, if it was the case that some of the information in the Deed was not necessary for the Respondent's functions and/or activities it would have been a matter for the NSWPF not to provide that information to the Respondent. Once the NSWPF provided that information, the Respondent was in receipt of the Deed in its entirety. "As a matter of practical reality, the respondent could not have collected only some of the information in the Deed." It would follow that any information in the Deed that was unnecessary to the Respondent's functions and/or activities would have been unsolicited. That is, it was not asked for by the Respondent and therefore not collected. "The Respondent cannot therefore be in breach of s 8(1) PPIP Act (IPP 1(1)) if the Tribunal were to accept the premise of the Applicant's contention."

5. As regards IPP 1(2)/s 8(2) PPIP Act, the Tribunal cannot be satisfied that the Respondent breached s 8(2) PPIP Act/IPP 1(2) by collecting the information in the Deed by unlawful means for three reasons:

1. "The applicant has not adduced evidence of any such order by the ADT" [i.e. as to a non‑publication order under s 75(2)(b) ADR Act];

2. even if it is accepted that the ADT made orders that generally prohibited any disclosure of the Applicant's identity in the proceedings between the Applicant and the NSWPF, it would not follow that the Respondent acted unlawfully in collecting that information from the NSWPF. Such an order of the ADT would not and could not impose any "positive legal prohibition" on collecting information by the Respondent or on any means of doing so; and

3. as a matter of practical reality, the Respondent received the Deed in its entirety and could not have collected only parts of the Deed with which the Applicant does not take issue.

48. In relation to the alleged breach of IPP 2 arising from the Conduct of Concern the Respondent submitted in the Respondent Submissions, in summary and most relevantly, that:

1. The Applicant constructively authorised collection of the Deed by EML on behalf of the Respondent by reason of the joint negotiation of its terms between representatives for the Applicant, EML and the NSWPF. The Respondent now submits that the Applicant expressly authorised collection of the Deed by EML by an "Authority to Receive" addressed to DLA Piper Solicitors for the NSW Police Force and Employers Mutual Ltd signed by the Applicant on 22 November 2011. The Authority states "I hereby authorise, instruct and direct you to deal with my settlement/verdict/award/costs monies in the following way …". The Authority expressly refers to EML, the Respondent's agent.

2. Schedule 9 of the Deed also includes the admissions of the Applicant – "the Employee acknowledges that the Employer and its workers compensation insurer consents to the deed of release herein by way of compromise and in reliance upon the admissions the Employee has made".

3. In the alternative, the Respondent submits that non‑compliance with s 9 PPIP Act (IPP 2) was otherwise permitted under s 25(b) PPIP Act. Where a statutory scheme provides for Agency A to act for Agency B, it is necessarily implied or, at least, reasonably contemplated, that Agency B will disclose information to Agency A and that Agency A will collect that information – see generally CCM v Western Sydney University [2019] NSWCATAP 103 at [63] – [64]. The workers compensation regime and s 25(b) (PPIP Act) have previously been considered in PN v Department of Education and Training (GD) [2010] NSWADTAP 59.

4. "In the further alternative, the respondent submits that it was not required to comply with s 9 of the PPIP Act, by reason of s 26(1)". That is, the Respondent collected a copy of the Deed for the purposes of paying money to the Applicant in accordance with its terms. The amount of money payable to the Applicant was clearly favourable to the Applicant's interest. Requiring the Respondent to collect the Deed directly from the Applicant could conceivably have caused delay in the payment of that money. That potential for delay would prejudice the interests of the Applicant in receiving the money".

49. In relation to the alleged breach of IPP 5 arising from the Conduct of Concern the Respondent submitted in the Respondent Submissions, in summary and most relevantly, that:

1. "It is in the nature of a deed of release that it may be retained indefinitely. The deed prevents the Applicant from bringing further claims in relation to the matters which it covers. It could not serve that purpose if the Respondent were required to destroy it, in whole or in part (as the deed must be read in its entirety to be properly construed). It would not be correct to say that s 12(a) of the PPIP Act requires that a deed of release be destroyed once limitation periods for claims elapse – there are exceptions to limitation periods. A party which has finalised a claim by way of a deed of release should not be limited to relying on a limitation period as a bar to proceedings. The Applicant's own conduct underlines the need for ongoing retention of the Deed. … the Applicant asked EML in 2016 whether [they were] entitled to workers compensation in relation to two claims which were covered by the Deed, some four a half years after it was agreed. It is difficult to see why the Applicant would ask that question, if not because [they] wish to obtain further compensation on top of the compensation [they] had already received under the Deed."

2. The application to have parts of the deed destroyed must fail because the nature of the Deed is such that it must be read in its entirety. It may be doubted whether an incomplete version of the Deed would be sufficient for the purposes of barring the Applicant from remaking the relevant claims, the reason that it is necessary for the Deed to still be retained by the Respondent.

3. The noted obligations of the Respondent under the SR Act require the Respondent to keep all personal information in the Deed and the Deed itself in its entirety and unredacted.

50. In the Respondent Submissions the Respondent submits, in summary and most relevantly, that:

1. There is no basis to order the destruction of the Deed, in whole or in part.

2. If the Tribunal finds that the Respondent has breached a provision of the PPIP Act (i.e. the IPPs) the Respondent accepts that it would be appropriate to provide the Applicant with an apology.

3. The Tribunal should not make an order with respect to publication in an anonymous manner on the Respondent's website and social media referred to by the Applicant because such is punitive rather than remedial in the circumstances of this case. The Tribunal's powers in s 55(2)(e) PPIP Act are confined to ordering a public sector agency "to take steps to remedy any loss or damage suffered by the Applicant". Also, as the Applicant has expressly requested that these website and social media notices not identify them, it is difficult to see how the publication of those notices could be of any remedy to them.

4. If the Tribunal finds that the Respondent has not breached any provision of the PPIP Act (i.e. IPPs) the Tribunal should determine to take no further action in relation to the matter.

Consideration and findings

51. In order to avoid any unnecessary consideration of the issues raised in [39(2), (4), (5) and (7)] above if there is no breach of IPPs 1, 2 and/or 5 arising from the Conduct of Concern, I will first consider and determine the issues raised in [39(1), (3) and (6)] above.

52. Based on the submissions of the parties and the material before me I am satisfied that, for the Respondent as a non-party to the Deed: (a) the information contained in the Deed, not the Deed itself, is the subject of the relevant IPPs (including IPP 1); and (b) a significant part of the Applicant’s personal information in the Deed, particularly the Other Personal Information, has no direct or apparent relevance to the resolution, settlement, subsequent payment or management of the Applicant's workers compensation claims.

IPP 1(1)

53. As noted by the Appeal Panel in ALZ v SafeWork NSW [2017] NSWCATAP 51 at [82] as regards meeting the requirements of IPP 1 to avoid the prohibition on collection in IPP 1:

The purpose will be permissible if it has three elements: it must be lawful; it must be directly related to a function or activity of the organisation; and it must be reasonably necessary for that purpose.

54. Based on the submissions of the parties, although not to be determined by this Tribunal, there appears that there may be a lawful purpose related to a function or activity of the Respondent as regards the collection of relevant personal and/or health information of the Applicant by the Respondent to manage and pay the Applicant's workers compensation claims settled as part of the Deed of Release (WC Function). The settlement of the relevant workers compensation claims included, in this case, discussions with and the approval of EML (on behalf of the Respondent) as noted in the Deed. Even though neither the Respondent nor EML on its behalf was a party to the Deed, the Deed recognises the Respondent's role in assisting with the settlement of the workers compensation claims as the "workers compensation insurer" and to perform the WC Function.

55. The Other Personal Information (relating to the allegations and claims settled in the Deed of Release other than the workers compensation claims) were separately dealt with in discrete sections and standalone schedules of the Deed.

56. I prefer the submissions of the Applicant that none of that Other Personal Information was reasonably necessary for the Respondent's claimed purpose for which the Deed (and the information in it) was collected by the Respondent, being the WC Function (i.e. the management and payment of the relevant settled workers compensation claims as per the terms and conditions of the Deed).

57. I also prefer the Applicant's submissions and evidence that, even if there was a lawful purpose for collecting the information in the Deed relevant to the WC Function, there is no lawful purpose for the Respondent to collect the Other Personal Information in the Deed and such has not been established by the Respondent as directly related to the WC Function or another function or activity of the Respondent.

58. Even if it could be argued that there was a lawful purpose for collecting the Other Personal Information (i.e. it was directly related to the WC Function), I am satisfied that the Respondent fails in respect of IPP 1(1)(b) because I find (in the absence of any compelling submissions or evidence of the Respondent to the contrary) that the Other Personal Information was not reasonably necessary for the Respondent’s performance of the WC Function.

59. While not expressly submitted by the Respondent in relation to IPP 1, given the Respondent’s numerous references to the ‘constructive consent’ or knowledge of the Applicant to the Respondent’s obtaining of the Deed arising out of the circumstances of the November 2011 Meeting, I feel I must address the impact of any consent (however obtained) of the Applicant, if any, on the Respondent’s obligations under IPP 1. The obligations of the Respondent under IPP 1 in respect of the collection of the Applicant’s personal information cannot be avoided by the Respondent (or waived by the Applicant) by the Respondent obtaining the consent of the Applicant (in this case) to the collection of their personal information if such collection otherwise does not meet the requirements of IPP 1: Waters v Transport for NSW [2018] NSWCATAD 40 at [130].

IPP 1(2)

60. The restrictions on disclosure of the information in the Deed (which is, at the time of the Respondent collecting the Other Personal Information, in the possession of the Respondent) under the ADT Restriction, which could be assumed from the anonymised/pseudonymised references to the Applicant used in the Deed as regards the ADT cases/matters and which is reproduced in at least one of the published decisions of those cases referred to in the Deed (see [41(4) and (5)] above) may factor in the Tribunal's consideration of "lawful purpose" in IPP 1(1). Although, in this case (based on the reasoning above and the Tribunal’s conclusion that the Other Personal Information was not "reasonably necessary" for a purpose directly related to a function or activity of the Respondent), it was not necessary for the Tribunal to consider or decide this.

61. However, I agree with the Respondent's argument that any unlawful disclosure by NSWPF to the Respondent does not of itself (or necessarily) make the Respondent's action in receiving the Deed (and the relevant information contained in it) from NSWPF an unlawful act of the Respondent, see AF v Healthquest & Another [2011] NSWADT 99 at [51]. However neither does this excuse or exempt the Respondent from its obligations under IPP 1 (and IPP 2), once the Deed is received/obtained by the Respondent, to consider the information contained in the Deed to determine whether or not it could ‘collect’ all (or any) of the Applicant’s personal and/or health information contained in the Deed pursuant to the requirements of IPP 1 (and IPP 2).

62. I prefer the submissions of the Respondent that the meaning of "unlawful means" in IPP 1(2) requires that the actual means or method of the collection of the Applicant’s personal information in question is unlawful, not simply where it subsequently turns out that the collection of the information was in breach of IPP 1(1), for example. Examples of ‘unlawful means’ in breach of IPP 1(2) are often noted as those means or methods of collection which are expressly contrary to law, prohibited by law or illegal such as illegal telephone intercepts or unapproved hidden cameras and the like. None of the Applicant Submissions with respect to the collection of the Other Personal Information being contrary to IPP 1(1), the terms of the Deed and/or, for some of that information, the ADT Restriction are (even all of them together are) sufficient to breach the requirements of IPP 1(2).

IPP 2(a)

63. Pursuant to IPP 2 (see [24(2)] above) personal information must only be collected by the agency directly from the individual whose information it is unless the Applicant (in this case) has authorised collection of the information from someone else (i.e. from the NSWPF in this case).

64. In the 1999 "A Guide to the Information Protection Principles" (Guide), the Privacy Commissioner noted that IPP 2 "is designed to limit the collection of personal information where the individual concerned is not aware that this is occurring. Secret or undisclosed collections … prevent individuals exercising their rights". (page 8)

65. For reasons similar to those noted above in respect of IPP 1 I am satisfied that, as regards the information relating to the workers compensation claims settled in the Deed, the evidence shows that both the context and attendance of EML (on behalf of the Respondent) at the November 2011 Meeting and the reference to the workers compensation insurer approving the workers compensation settlement that it is possible (although not being decided in these proceedings) that the Applicant may have authorised (or constructively authorised) the collection of relevant workers compensation claims related information from the NSWPF but not necessarily the Deed or any other personal information of the Applicant contained in the Deed.

66. Given the terms of the Deed raised in the Applicant Submissions with respect to confidentiality and exclusion of prior negotiations and representations of the parties to the Deed and my analysis above in respect of IPP 1 and the Other Personal Information, I am satisfied that the Applicant did not authorise (constructively or otherwise) the collection of the Other Personal Information by the Respondent from the NSWPF (or anyone else). The Respondent was therefore required to collect (if it could do so pursuant to IPP 1) the Other Personal Information directly from the Applicant in accordance with IPP 2.

IPP 5(a)

67. In the Guide the Privacy Commissioner advises agencies to look to the retention period established under the SR Act but also to "consider matters such as legal or administrative accountability when deciding whether to dispose of personal information" (page 16). In GR v Department of Housing (GD) [2004] NSWADTAP 26 (GR) at [57] the Tribunal's predecessor Appeal Panel stated:

The obligation in s.12 [IPP 5] is addressed to the keeping of personal information by the public sector agency. It should not 'keep' information for longer than it may lawfully be used. It follows that it then should be disposed of, possibly in accordance with State Records Act disposal procedures. It may be that the records could then be archived with the State Records Act in a way that does not offend the principle contained in s.12.

68. The Respondent made a number of submissions with respect to the 'integrity of the Deed' and the need to hold the entirety of the Deed for future defence/management of the settled workers compensation claims purposes. However, while the Respondent may be entitled to certain of the information in the Deed (i.e. the information relevant to the settled workers compensation claims) it is not, pursuant to the PPIP Act and IPPs, generally "entitled" to the entirety of the Applicant's personal information in the Deed, in particular the Other Personal Information contained in it, per se. As noted by the Applicant, the relevant IPPs relate to the Applicant’s personal information in the Deed, not the Deed itself as a document. This is especially the case given that the Respondent is not a party to the Deed. The Respondent has no separate entitlement (as do the parties to the Deed) to hold a copy of the Deed in its entirety (i.e. as opposed to certain information in it necessary for the Respondent to perform the WC Function). This is confirmed by the strict confidentiality terms of the Deed and the fact that, presumably because of the other confidential non‑workers compensation allegations and claims settled between the two parties to the Deed (i.e. the NSWPF and the Applicant), the Respondent (or EML on its behalf) was not made a party to the Deed even though EML (on behalf of the Respondent) participated in the settlement of the workers compensation claims.

69. In this case I prefer the submissions of the Applicant that, essentially, even if the settled workers compensation claims related personal information was legitimately collected by the Respondent under IPP 1 (i.e. for the WC Function) and may be kept indefinitely (although the Tribunal makes no decision as to that), it has not been established by the Respondent that it is necessary for the Respondent to keep the Other Personal Information for the WC Function or any other established lawful purpose of the Respondent. Therefore, under IPP 1 the Respondent had no right to collect and/or under IPP 5 keep the Other Personal Information once it obtained such when it obtained a copy of the Deed as part of the process of collecting the settled workers compensation claims related personal information. That is, in this case, immediately on receipt of the Deed the Respondent should have reviewed the Deed and determined whether it contained other than the information relevant to the settled workers compensation claims and, if so, if it could collect such and, if it had collected or then held such Other Personal Information whether, under IPP 5, that Other Personal Information was 'no longer necessary for the purpose for which the information could be lawfully used' and should be securely deleted or redacted (Initial Deed Review Period), especially in the circumstances where the Other Personal Information had been collected by the Respondent in breach of IPPs 1 and/or 2.

70. In line with the Tribunal’s findings above that the Respondent was not entitled to collect (i.e. put into its records, hold or use for its purposes) the Other Personal Information from the Deed under IPP 1 in the first place, I am satisfied that the Other Personal Information should not be held by the Respondent for longer than the Initial Deed Review Period. In any event, the Other Personal Information should not be held any longer by the Respondent, some 11 years after receipt of the Deed and the expiry of the Initial Deed Review Period. Thus, the continued holding of the Other Personal Information by the Respondent is in breach of IPP 5.

71. Also, despite the Respondent’s submissions that the ADT Restriction of the Tribunal’s predecessor (the ADT) does not bind anyone other than the specific parties to those cases, the collection and holding of information that identifies the Applicant under the ADT Restriction is generally prohibited and ADT Restriction applies to non‑parties to the relevant proceedings. That is, assuming the Deed and relevant information from it identifying the Applicant as the applicant in those cases is in the Respondent’s IT systems/records and is available to be accessed by (i.e. ‘disclosed’ or made known to, for the purposes of the ADR Restriction) any relevant staff of the Respondent (or of EML on behalf of the Respondent). Where the ADR Restriction (in this case) exists the Respondent, whether or not a party to the proceedings, is restricted from identifying or doing anything that may lead to the identification of the applicant in those cases. Therefore, the collecting and holding of such identification information by the Respondent is in breach of the ADT Restriction which is now taken to be an order of this Tribunal (see para 14 of Schedule 1 CAT Act).

Unsolicited information and IPP 1

72. In addition to the comments at paragraphs [22] and [23] above, as regards the Respondent's submission that IPP 1 does not apply because the Other Personal Information was unsolicited, I note the Tribunal's findings in EMF v Cessnock City Council [2021] NSWCATAD 219 (EMF) which, most relevantly, are:

45 As regards [32(2)], I have followed the reasoning in the Appeal Panel decision in ZR v Department of Education and Training (GD) [2010] NSWADTAP 75 (ZR) which held, in particular at [58]:

"As to the text authored by the complainant in relation to the matter of concern, we are inclined to the view that, insofar as the information provided is relevant to the purposes of the agency, it ought be regarded as collected, and not treated as unsolicited. It is not, as we see it, a mere instance of passive receipt. This is a situation where the practice of the agency is to get the complaint in writing and create a record. It is requesting the information to that extent."

…

48 … in accordance with the Appeal Panel decision in ZR at [71] "once taken under the control of the agency for one of its administrative purposes" the personal information is taken as collected. That is, the moment the Respondent keeps, assesses, deals with and/or processes the Complaint (in this case) then, even if it is originally considered unsolicited personal information, it will then become personal information collected and held by the Respondent. As such (as is the case for all solicited personal information) it is then subject to all the IPPs as amended by the Privacy Code of Practice for Local Government published in the Government Gazette Number 179 on 20 December 2019 (LG Privacy Code).

73. I am satisfied that once the Other Personal Information was accepted by, taken into the Respondent's possession and records under the control of and/or used by the Respondent for its administrative purposes and/or, purportedly, for the WC Function (e.g. to manage the settled workers compensation claims) then the Respondent has (or will be taken to have) collected the Other Personal Information for the purposes of the PPIP Act.

74. Given my findings above that the Other Personal Information was collected by the Respondent, IPP 1 is applicable and the Conduct of Concern must be considered against the requirements of IPP 1 to determine if the Conduct of Concern and thus the Respondent have breached IPP 1 (as to which, see paragraphs [53] to [59] above).

s 25(b) PPIP Act and IPP 2

75. Section 25(b) PPIP Act provides an exemption from the Respondent's compliance with IPP 2 (i.e. s 9 PPIP Act) where the Respondent’s non-compliance is "necessarily implied or reasonably contemplated" by another law. The Respondent argued, in summary, that its non-compliance with IPP 2 is, in these circumstances, permitted. That is, collection of the Applicant's personal information other than directly from the Applicant is necessarily implied or reasonably contemplated by the SICorp Act and WC Act (see paragraphs [47(1) and (3)] above).

76. The Respondent’s collection of the Applicant's personal information (and health information, as the case may be) from other than the Applicant may be necessarily implied or reasonably contemplated by the SICorp Act or WC Act for the WC Function (although this is not a question to be determined in these proceedings). However, the issue under the s 25(b) PPIP Act exemption in this case is whether collection of all of the Applicant's personal information actually contained in the Deed (in particular the Other Personal Information), whether or not relevant to or required for WC Function, from other than the Applicant is 'necessarily implied or reasonably contemplated' by the SICorp Act or WC Act. If so, non-compliance of the Respondent with IPP 2 under s 25(b) PPIP Act is permitted. If not, the Respondent is not excused from compliance with IPP 2 as regards, at least, the Other Personal Information.

77. On the material before the Tribunal I am not satisfied that, as regards the Other Personal Information, the Respondent's non-compliance with IPP 2 (i.e. collecting that personal information from other than the Applicant) is "necessarily implied or reasonably contemplated" by the SICorp Act or WC Act. Therefore, at least in respect of the Other Personal Information, the Respondent must comply with the requirement of IPP 2 (s 9 PPIP Act). As such the findings in paragraphs [63] to [66] above are undisturbed as non-compliance with IPP 2 is not permitted or excused by s 25 PPIP Act in this case as regards the Other Personal Information.

s 26 PPIP Act and IPP 2

78. The exemption from compliance with IPP 2 pursuant to s 26 PPIP Act is a high bar to establish, which the Respondent's submissions and evidence did not meet. It is not enough for the Respondent to simply assert that asking the Applicant for the relevant information needed (e.g. a copy of the relevant sections of the Deed including the information relevant to the settlement of the workers compensation claims) may have conceivably delayed payment of the relevant settlement amount to the Applicant and that the Respondent feels that, in its view, this would have prejudiced the Applicant.

79. It must be remembered that it is also prejudicial to an individual if any of the IPPs (i.e. their privacy rights) are not complied with by an agency as regards their personal information. That is, the rights of individuals under the PPIP Act/IPPs (i.e. the Applicant in this case) need to be navigated carefully before simply claiming that an individual’s insistence on their rights under the IPPs would delay a payment process, for example, and therefore prejudice them under s 26 PPIP Act such that an agency is entitled to ignore the relevant IPPs (and/or wishes of the individual in respect of their privacy) and, in this case, simply obtain the information from someone else without even asking the Applicant for the relevant information in the first place.

80. Failure of the Applicant to comply with a request for the relevant information from the Respondent (if such had been made) may well have delayed the payment to the Applicant. However that decision is for the Applicant to make, as would be the decision whether or not to seek legal advice or otherwise to determine what of their personal information they should provide and how their privacy/personal information could be best protected in doing so. I am satisfied that the exemption in s 26 PPIP Act is not made out and, as such, the findings in paragraphs [63] to [66] are undisturbed.

Section 21 SR Act and IPP 5

81. In addition to the comments noted from GR above at paragraph [67] as regards the interaction between the PPIP Act and the SR Act, the Appeal Panel in GR at [57] also noted, following an argument by the respondent in that case seeking to justify its retention practices by general references to the SR Act and to escape the application of the PPIP Act, that:

In our view every attempt should be made to read the provisions of the Privacy Act and the State Records Act harmoniously.

82. That is, the Deed might be kept by the Respondent in accordance with s 21 SR Act by redacting the Other Personal Information from the Deed, information which the Respondent was not entitled to collect in the first place.

83. In addition, I note that s 21(2)(d) SR Act expressly permits (i.e. excludes as a contravention of s 21 SR Act) "anything done pursuant to an order or determination of a court or tribunal".

Conclusion

84. In conclusion, based on the materials before the Tribunal and my findings above, I am satisfied that the correct and preferrable decision is that the Respondent’s Conduct of Concern as regards the Other Personal Information infringed IPPs 1, 2 and 5 and, in relation to certain of that personal information, infringed the ADT Restriction not to identify the Applicant. However, these infringements of the Respondent were not of such a public or a publicised nature as to warrant the order requested by the Applicant to widely publish an anonymised version of the apology on the Respondent’s website and social media.

Orders

1. Within 30 days of the date of these Reasons for Decision the Respondent must:

1. permanently and securely redact or delete in accordance with IPP 5(b) all of the Applicant’s personal information which has been found in these Reasons for Decision to have been collected and/or is being held by the Respondent in breach of any of IPPs 1, 2 and/or 5 (i) contained in all copies of the Deed held by or under the control of the Respondent and (ii) which has otherwise been extracted or copied from the Deed and is held in any records of or under the control of the Respondent. This personal information includes, at a minimum, paragraphs D, E, F and G, the definitions of “Claims” and “[Name] Private Prosecution”, clauses 2 and 6 and Schedules 1, 2, 3, 4, 5 and 10 of the Deed; and

2. provide to the Applicant an unreserved formal written apology addressing and apologising for the Respondent’s breaches of IPPs 1, 2 and 5 as identified in these Reasons for Decision and for all harm, distress, loss and embarrassment caused to the Applicant resulting from such.

2. The Respondent must give the Applicant written notice of its compliance with Order (1)(a) above within 14 days of the date that the Respondent complied with that Order.

**********

I hereby certify that this is a true and accurate record of the reasons for decision of the Civil and Administrative Tribunal of New South Wales.

Registrar

Decision last updated: 10 November 2022