The right to personal privacy is limited. Information privacy was first protected by Commonwealth legislation, but it has expanded and now also includes state legislation. The Australian Privacy Principles set out broad principles that are binding on government agencies and large companies. Specific laws cover credit reporting and some other Commonwealth legislation. Complaints can be made to the Australian Information Commissioner. Victorian privacy legislation includes the Health Records Act 2001 (Vic) and the Human Rights and Responsibilities Charter.


Melanie Casley

Senior Privacy Consultant, Salinger Privacy

The right to privacy

Last updated

1 July 2021

The right to privacy is enshrined in Article 12 of The Universal Declaration of Human Rights (1948):

No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. Everyone has the right to protection of the law against such interferences or attacks.

The right to privacy has not been clearly defined. It can be divided into separate, but related concepts:

  • bodily privacy: restriction of invasive physical activity, such as DNA collection and strip searches;
  • communications privacy: restriction of interference with mail, telephone and electronic communications;
  • territorial privacy: restrictions on unwarranted intrusion into the home, workplace and streets through, for example, surveillance and the use of geolocational technologies;
  • information privacy: regulation of the collection and handling of an individual’s personal information; this is also called ‘data protection’.

For discussion of the meaning of the right to privacy, see ‘Chapter 1: Introduction to the inquiry – the meaning of privacy’, in the Australian Law Reform Commission’s report, For your information: Australian privacy law and practice (ALRC report 108).

The four different concepts outlined above can overlap. For example, the physical collection of DNA relates to bodily privacy, but the information extracted from the sample relates to information privacy. Similarly, interference with information recorded as a result of telephone interception relates to communications privacy, while the personal information about an individual recorded as a result of this interception relates to information privacy.

Privacy is not the same as a duty of confidence, although it is a related concept and has been invoked to redress what is essentially a breach of privacy. The recipient of confidential information generally owes an obligation of confidence to the provider of the information regardless of whether the information is personal information about the provider. Privacy is the right of the subject of the information, no matter who provides or receives it.

For more information about the duty of confidence, see Chapter 9.1: Health and the law.

Back to
Government and the individual