New Privacy Regulations Exempt Commercial Credit Providers from EDR

advertisement
7 March 2014
Practice Groups:
Consumer Financial
Services
New Privacy Regulations Exempt Commercial
Credit Providers from EDR
By Andrea Beatty, Cameron Abbott and Jason Vongratsavai
Commercial
Transactions and
Outsourcing
Commercial credit providers and utilities are not required to join a recognised external
dispute resolution scheme to participate in credit reporting until 12 March 2015.
Privacy
The Attorney-General has released regulations - Privacy Amendment (External Dispute
Resolution Scheme - Transitional) Regulation 2014 (Privacy Amendment (EDR)
Regulation) suspending the requirement for commercial credit providers and utilities to be
members of an external dispute resolution (EDR) scheme for 12 months.
Background
Amendments to the Privacy Act 1988 (Cth) (Privacy Act) by the Privacy Amendment
(Enhancing Privacy Protection) Act 2012 (Cth), coming into force on 12 March 2014,
require credit providers to be a member of an EDR scheme to be able to disclose credit
information about individuals to a credit reporting body. From 12 March 2014, the Privacy
Act will include a broad definition of credit providers that includes both consumer and
commercial credit providers. This means that commercial credit providers and utilities will
be caught within the new credit reporting regime. Prior to the new regulations, those
commercial credit providers would have needed to be a member of an EDR scheme
recognised by the Australian Information Commissioner (Commissioner).
In effect, commercial credit providers and utilities would need to be a member of a
recognised EDR scheme in order to:
 disclose credit information about an individual (which includes identification
information) to a credit reporting body
or
 collect credit reporting information about an individual.
The Privacy Amendment (EDR) Regulation exempts commercial credit providers and
utilities from this requirement until 12 March 2015.
Rationale
For utilities, all states and territories have EDR schemes in place that apply to utilities
operating in their jurisdiction. However, not all utility EDR schemes are able to be
recognised by the Commissioner. For example, a utility EDR scheme's jurisdiction might
be limited to exercising powers in performance of its state or territory based function. The
Attorney-General anticipates that, given the additional time, these hurdles for schemes to
obtain EDR recognition from the Commissioner will be removed.
In relation to commercial credit providers, the Explanatory Statement to the Privacy
Amendment (EDR) Regulation provides that:

it is the clear policy intention to bring commercial credit providers within the scope
of EDR obligations to the extent that they access consumer credit reporting
information
New Privacy Regulations Exempt Commercial Credit Providers from EDR

some stakeholders have argued that commercial credit providers should be
exempt from EDR obligations as, aside from obtaining credit reporting
information, they do not otherwise participate in the credit reporting environment

some commercial credit providers may instead choose not to access credit
reporting information when making their lending decision which in turn may also
reduce the overall availability of credit.
In view of this, the Attorney-General has provided another 12 months for a solution to be
found.
Issues for Commercial Credit Providers
Commercial credit providers should watch this space as it appears the Attorney-General
contemplates that a solution in which commercial credit providers will be required to be
members of EDR schemes is the way forward. In the meantime, commercial credit
providers and utilities should continue to assess their initial and ongoing compliance with
other obligations under Part IIIA (relating to credit reporting), the Credit Reporting Privacy
Code and the Australian Privacy Principles.
Authors:
Andrea Beatty
andrea.beatty@klgates.com
+61.2.9513.2333
Cam eron Abbott
cameron.abbott@klgates.com
+61.3.9640.4261
Jason Vongratsavai
jason.vongratsavai@klgates.com
+61.2.9513.2363
Anchorage Austin Beijing Berlin Boston Brisbane Brussels Charleston Charlotte Chicago Dall as Doha Dubai Fort Worth Frankfurt
Harrisburg Hong Kong Houston London Los Angeles Melbourne Miami Milan Moscow Newark New York Orange Cou nty Palo Alto
Paris Perth
Pittsburgh Portland Raleigh Research Triangle Park San Diego San Francisco São Paulo Seattle Seoul Shanghai
Singapore Spokane Sydney Taipei Tokyo Warsaw Washington, D.C. Wilmington
K&L Gates practices out of 48 fully integrated offices located in the United States, Asia, Australia, Europe, the Middle East and
South America and represents leading global corporations, growth and middle-market companies, capital markets participants and
entrepreneurs in ev ery major industry group as well as public sector entities, educational institutions, philanthropic organizations
and indiv iduals. For more information about K&L Gates or its locations, practices and registrations, visit www.klgates.com.
This publication is for informational purposes and does not contain or convey legal advice. The information herein should not be used or relied upon
in regard to any particular facts or circumstances without first consulting a lawyer.
©2014 K&L Gates LLP. All Rights Reserved.
2
Download