MyCRA Specialist Credit Repair Lawyers

Tag: Privacy Awareness Week 2013

Privacy Law Reform To-Do List: Privacy Awareness Week 2013

In our last post for Privacy Awareness Week 2013, we set out some actions you can take now for your family to get you up to speed and ready for important changes to the Privacy Act 1988 (Cth) which will impact you. We include the specific things you can to do to support your ability to obtain credit and have your credit file looking its best when changes come into effect on March 2014.

By Graham Doessel, Founder and CEO of MyCRA Credit Rating Repair and www.fixmybadcredit.com.au.

What can you do to support your credit file and ensure you look your best to Credit Providers? It will be essential from now and going forward to be mindful of what may constitute bad credit. Although as a consumer you are not privy to your credit ‘rating’ score, a Credit Provider will be provided with a number based on your credit habits – and this will be used to help calculate your credit worthiness. Whilst it is not disclosed by credit reporting agencies the specific items which lower your score and how much by, traditionally there are some things you can do to which will help keep your credit-worthiness in check. We look at good credit habits, and what things you need to do when our Privacy Laws change in March 2014:

1. Pay on time, every time.

Your repayment history information is being collected now. It is imperative you make repayments on accounts by their due date to avoid having late payment notations recorded on your credit file and shown after the March 2014 implementation.

If you can’t pay on time, seek alternative arrangements with your lender – but be advised these new arrangements will be recorded on your credit file. This would always be preferable to a default listing though – especially if you can show good repayment history at those new terms – so there is a new incentive to get in and work it out with your lender prior to letting your accounts go into arrears and copping a default listing.

2. Check your credit file regularly.

Make a habit of checking your credit file regularly. You can do this for free annually through the Australia’s credit reporting agencies. There will be five new data sets of information available to Credit Providers who request a copy of your credit report. These will be:

– repayment history information;

– the date on which a credit account was opened;

– the date on which a credit account was closed;

– the type of credit account opened; – and the current limit of each open credit account.

It is essential that you take responsibility for the accuracy of your credit file information and even more so when the above new sets of information becomes available to Credit Providers.

3. Correct credit information which you believe is inaccurate, inconsistent or unfair.

If there is anything on your credit report which you believe rings untrue, or shouldn’t be there, you have the right to request this information be rectified. You will need to contact your Credit Provider to alter this information. You should do this before the information has any bearing on a credit application you may make in the future. You may contact a credit repair company to assist you with this if the change is a significant one, or if you expect resistance to the request. After March 2014, if your Credit Provider disagrees with your request to correct your credit information, you can have your dispute noted on your credit file and this would be worthwhile requesting if you believe your listing shouldn’t be there.

4. Take precautions when applying for credit.

You may not realise, but the volume of credit you apply for and the type of credit you apply for can hinder any future credit application you may make. Whilst it is a great idea to research credit before applying – you should only ever make a credit application you have full intention of pursuing. Too many credit applications will mean you are refused credit. And from March 2014 this will be clearly displayed on your credit report. Likewise, if you apply for too many ‘high interest’ or ‘bad credit’ loans – you could be penalised with a lender if you apply for a mortgage – especially with a credit ‘scoring’ method which may shave points off your score through this type of credit application.

5. Seek cautions credit limits.

You may have a credit limit of $10,000 – but only have used a quarter of that. This may not be to your advantage. If you’re not using it, don’t have it is the general adage. If you take out a credit card or other line of credit, it’s probably not wise to opt for a lofty limit. You could try to get it closer to what you intend to use. A Credit Provider will only see the credit limit and not the actual amount you have utilised on that limit. As with credit applications, any credit ‘score’ may be reduced by credit limits which are too high.

6. Make information security paramount.

Understand how lucrative your personal information can be in the wrong hands, and take steps to keep abreast of how it can be at risk from things like identity theft. Identity theft can lead to the stealing of credit through the fraudsters accessing your credit file. Victims can end up with defaults on their credit file and a ban on obtaining credit for 5 years. The Office of the Information Commissioner (OAIC)’s factsheet Ten Steps To Protect Your Personal Information gives you some guidance on how to do that. New laws will allow you to place a ban period on your credit information if you believe you may be at risk of identity theft, which can prevent fraudsters from accessing credit in your name – so if you do feel you may be at risk – acting quickly may save your credit file from misuse.

Image 1: Rawich/ www.FreeDigitalPhotos.net

Banner: Courtesy of OAIC

03/05/2013
Privacy Law reform – protecting your personal information and your credit file: Privacy Awareness Week 2013

Identity theft is an ever-growing threat to Australians and the commodity which is traded, sought after and misused for criminal or financial gain by fraudsters is your personal information. In amendments to the Privacy Act 1988 (Cth) which occurred late last year and which will be implemented in March 2014, there will be some improvements in Privacy Law to do with requirements on organisations to keep your personal information safe. As identity theft can also go so far as to impact on your credit file, there are also improvements suggested within the Draft Credit Reporting Code of Conduct, aimed at protecting you and your credit file against identity theft. We look at these changes and the impact they may have on you.

By Graham Doessel, Founder and CEO of MyCRA Credit Rating Repair and www.fixmybadcredit.com.au

Personal Information in the Australian Privacy Principles

We look at the differences in the areas of requirements by organisations in regards to personal information collection and security of personal information, as provided by the OAIC, which are set out in new Australian Privacy Principles, set to replace the current National Privacy Principles.

Security of Personal Information

APP 11 requires an organisation to take reasonable steps to protect the personal information it holds from interference, in addition to misuse and loss, and unauthorised access, modification and disclosure (as required by NPP 4.1).

APP 11.1 imposes the same obligation as [fusion_builder_container hundred_percent=”yes” overflow=”visible”][fusion_builder_row][fusion_builder_column type=”1_1″ background_position=”left top” background_color=”” border_size=”” border_color=”” border_style=”solid” spacing=”yes” background_image=”” background_repeat=”no-repeat” padding=”” margin_top=”0px” margin_bottom=”0px” class=”” id=”” animation_type=”” animation_speed=”0.3″ animation_direction=”left” hide_on_mobile=”no” center_content=”no” min_height=”none”][current] NPP 4 in relation to the protection of the personal information that an organisation holds. However, APP 11.1 now also requires organisations to protect personal information from interference.

APP 11.2 introduces new exceptions to the requirement that an organisation take reasonable steps to destroy or de-identify personal information, once it is no longer needed for any purpose for which it may be used or disclosed in accordance with the APPs: – if it is not contained in a Commonwealth record (APP 11.2(c))[6], and – if the organisation is not required by or under an Australian law, or a court/tribunal order, to retain the information (APP 11.2(d)).[7]

Sensitive information

Summary of [current] NPP 10 An organisation must not collect an individual’s sensitive information unless a listed exception applies (NPP 10.1). Sensitive information is defined in s 6.

NPP 10.2 and 10.3 set out specific exceptions regarding the collection of health information.

Relevant APPs

APP 3 – collection of solicited personal information

Key differences

APP 3 clarifies that an organisation must only collect sensitive information about an individual if the individual consents to the collection and the information is reasonably necessary for the organisation’s functions or activities, or an exception applies (APP 3.3).

The definition of sensitive information in s 6 has been extended to include: -biometric information that is to be used for the purpose of automated biometric verification or biometric identification or biometric templates.[14]

Sensitive information may also be collected about an individual: -if required or authorised by or under an Australian law or a court/tribunal order (APP 3.4(a))[15] when a permitted general situation or permitted health situation applies (APP 3.4(b)-(c), s 16A).

Permitted general situations include the collection of sensitive information where: -the entity reasonably believes that the collection is necessary to lessen or prevent a serious threat to the life, health or safety of any individual or to public health or safety, and it is unreasonable or impracticable to obtain the individual’s consent to the collection (APP 3.4(b), permitted general situation 1 (s 16A item 1)).

This exception reflects the wording of NPP 10.1(c), but removes the requirement that the threat must be imminent. This exception also replaces the specific circumstances set out in NPP 10.1(c) in which an individual may be unable to consent, with the more general ‘unreasonable or impracticable’.

-the entity has reason to suspect that unlawful activity, or misconduct of a serious nature, that relates to the entity’s functions or activities has been, is being or may be engaged in, and the entity reasonably believes that the collection is necessary for the entity to take appropriate action in relation to the matter (APP 3.4(b), permitted general situation 2 (s 16A item 2)).

This is a new exception in relation to the collection of sensitive information.

the entity reasonably believes that the collection is reasonably necessary to assist any APP entity, body or person to locate a person who has been reported as missing (APP 3.4(b), permitted general situation 3 (s 16A item 3)).

This is a new provision in relation to the collection of sensitive information.

The permitted health situations replicate the wording of NPP 10.2 and NPP 10.3, in relation to the collection of health information for the provision of a health service and for research.

APP 3.4(e) relates to non-profit organisations and replaces NPP 10.1(d). APP 3.4(e) permits the collection of an individual’s sensitive information by non-profit organisations where the information:

relates to the activities of the organisation, and relates solely to the members of the organisation, or to individuals who have regular contact with the organisation in connection with its activities.

The definition of ‘non-profit organisation’ is now included in s 6.[16] It states that a ‘non-profit organisation’ means an organisation that is a non-profit organisation, and engages in activities for cultural, recreational, political, religious, philosophical, professional, trade or trade union purposes. This definition replaces the terms ‘racial’ and ‘ethnic’ in the NPP 10.5 definition with the term ‘cultural’. In addition, it also includes in the definition organisations with a ‘recreational’ purpose.

Identity theft and credit file protection

The proposed new Credit Reporting Code of Conduct – currently in draft stage, has some significant new protections for victims of fraud.

The draft code sets out the opportunity for individuals who believe they may be likely to be or have been a victim of fraud, to request a ban be placed on the use or disclosure of their credit reporting information without the individual’s consent. This is intended to combat identity theft which involves the stealing of credit through impersonating the victim and taking credit out in their name.

Where a Credit Reporting Bureau (CRB) receives a request from a Credit Provider (CP) for credit reporting information about an individual in relation to whose credit reporting information a ban period is in effect, the CRB must inform the CP of the ban period and its effect.

The Code also intends to give a CRB powers in these cases to seek information relevant to the individual’s fraud allegations from a CP who may have also been affected by the alleged fraud in order to both determine whether the individual has been a victim of fraud, and to decide the length of the ban period.

Enhanced powers for the Privacy Commissioner

Whilst we are yet to have mandatory data breach notification laws, which would require individuals to be notified by an entity which holds their information of a data breach (currently it is just encouraged that this occurs), there are some areas where the Privacy Commissioner’s powers will be strengthened.

The Privacy Commissioner will have enhanced powers, in the areas of:

• Ability to accept enforceable undertakings

• Ability to seek civil penalties in the case of serious or repeated breaches of privacy

• Ability to conduct assessments of privacy performance for both Australian government agencies and businesses.

On 28 December 2012, section 4AA of the Crimes Act 1914 was amended to increase the amount of a penalty unit from $110 to $170.

This means that, under the reforms to the Privacy Act due to commence on 12 March 2014, the maximum penalty amount for a serious or repeated interference with the privacy of an individual will be $340,000 for individuals and $1.7 million for entities.

Identity theft test.

As part of Privacy Awareness Week, you can take an online identity theft test, via the OAIC website to see how vulnerable you may be to identity theft. It examines 11 ways you could become a victim of identity theft and offers advice on ways to reduce your risk.

Image: Salvatore Vuono/ www.FreeDigitalPhotos.net[/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]

02/05/2013
Information Security – Is Your Business Ready for Privacy Law Reform? Privacy Awareness Week 2013

Do you have a plan to walk your business through privacy law reforms? The Office of the Information Commissioner (OAIC) recommends businesses and government agencies who have obligations under the Privacy Act 1988 (Cth) should start planning now for the implementation of privacy law reform in March 2014. We provide you with guidance and links to the many significant aspects governing new obligations and responsibilities as a business which handles the personal information of individuals to assist you with the changes coming your way next year.

By Graham Doessel, Founder and CEO of MyCRA Credit Rating Repair and www.fixmybadcredit.com.au.

Currently, businesses covered by the Privacy Act are subject to the 10 National Privacy Principles (NPPs), while most Australian, ACT and Norfolk Island government agencies must comply with 11 Information Privacy Principles (IPPs). Under the new privacy law the IPPs and NPPs will be replaced by the new, unified, Australian Privacy Principles (APPs). This is just one of the many significant changes to the Privacy Act.

The OAIC has outlined some questions you can ask yourself to see what your requirements may be within the new privacy laws:

• Does your business or agency handle personal information? There are some changes to what constitutes personal information under the Privacy Act

• Do you need to review your business or agency’s privacy policy? You should have an up-to-date policy that is reviewed regularly. The new laws set out some requirements for privacy policies

• Do you need to review your business or agency’s outsourcing arrangements? You will need to do this particularly if you are sending personal information overseas.

• Do you use direct marketing to reach your customers? If you do, you will need to provide an easy way for people to opt-out of receiving these communications. There are some new rules in the area of direct marketing.

• Does your business or agency receive unsolicited personal information. There are some new rules on how to handle this information.

• Do your information security systems need to be reviewed and updated?

We recommend you download the OAIC’s Guide to Information Security (PDF) – an essential document for any business or agency which establishes a requirement to protect the personal information of individuals.

If you are directly handling personal information, see also below the OAIC’S privacy factsheet 7 on ‘Ten Steps to protect other people’s personal information’ below:

Ten steps to protect other people’s personal information.

The aim of this 10 step guide is to help your organisation or agency protect other people’s personal information.

Personal information is defined in s 6 of the Privacy Act 1988 (Cth) (Privacy Act) and means information that identifies or could reasonably identify an individual. There are some obvious examples of personal information, such as a person’s name and address. Personal information can also include medical records, bank account details, photos, videos, and even information about what an individual likes, their opinions and where they work.

The 10 step guide gives a snapshot of some of the privacy rights for individuals, and obligations that organisations and Australian, ACT and Norfolk Island Government agencies have under the Privacy Act.

The OAIC website has more information for organisations and agencies. You can also call our Enquiries Line on 1300 363 992.

1. Only collect information you need

Make sure individuals know what personal information your organisation or agency collects and why. Also ensure that: each piece of information is necessary for any of the functions or activities of the organisation or agency, and the information is required in the circumstances. Sometimes, activities can be carried out without collecting personal information. This allows individuals to interact anonymously with your organisation or agency.

2. Don’t collect personal information about an individual just because you think that information may come in handy later.

Only collect information that is necessary at the time of collection, not because it may become necessary or useful at a later date. If you need it later, collect the information then.

3. Tell people how you are going to handle the personal information you collect about them.

Have a publicly available policy that tells people how you handle personal information. Also, when you collect personal information, always let people know why you need to collect the information, how you plan to use it, who you are going to give it to. Make sure they know your contact details and, if they want to, how they can get access to their personal information.

4. Think about using personal information for a particular purpose.

Generally, organisations should not use personal information for a secondary purpose unrelated to the main purpose for which they collected the information. Unless your organisation has consent from the individual concerned or authorisation under law, it should generally only use personal information if it is: related to the purpose your organisation collected it for, and within the reasonable expectations of the individual.

Similarly, agencies must: only use personal information for a relevant purpose, and take reasonable steps to ensure that personal information is accurate, up to date and complete before using it.

The OAIC website has more information on the obligations organisations and agencies have under the Privacy Act.

5. Think before disclosing personal information

The Privacy Act allows organisations and agencies to disclose personal information in some circumstances. Sometimes, organisations and agencies disclose personal information when they don’t need to, or without considering whether the disclosure is authorised under the Privacy Act. Always think about whether a purpose can be achieved without disclosing personal information. Good practice: Get consent from the individual if you want to disclose their personal information for a reason that is different from the reason you collected it.

6. If people ask, give them access to the personal information you hold about them

Organisations and agencies have a general duty to give individuals access to their personal information. Here are some things to consider: Be as open as possible by giving individuals access to their personal information in the form they request. If you deny access to personal information, give the reason — consistent with the Privacy Act — to the individual as soon as you can. An individual also has an alternative path when seeking information from an agency. If an individual seeks access under the Freedom of Information Act 1982 ((Cth)) (FOI Act), the agency is obliged to consider the request under the FOI Act rather than the Privacy Act. Access under the FOI Act may be subject to specific exemptions. This alternative applies only to agencies, not organisations. The OAIC website has more information for agencies regarding the FOI Act.

7. Keep personal information secure

It is important that you keep personal information safe and secure from unauthorised access, modification or disclosure and also against misuse and loss. How you do this depends on the sensitivity of the information you hold, and the circumstances of your organisation or agency. Methods could include: considering the adequacy of existing security measures and procedures, including whether any relevant standards are met training staff in privacy procedures ensuring adequate IT security, such as installing firewalls, cookie removers and anti-virus scanners on work IT systems checking that all personal information has been removed from electronic devices before you sell or destroy them keeping hard copy files in properly secured cabinets allowing staff to access personal information on a ‘need to know’ basis only regularly monitoring your information handling practices to ensure they are secure. Depending on the size of your organisation and the information it collects, it may be prudent to have an external privacy audit done.

8. Don’t keep information you no longer need or that you no longer have to retain

If you no longer need personal information and there is no law that says you have to retain the information, then destroy it. Shred, pulp or destroy the personal information paper records. Dispose of files in security bins. Delete electronic records or files securely so that they can’t be retrieved.

9. Keep personal information accurate and up to date

The accuracy and currency of personal information you hold can change. Your organisation or agency needs to take reasonable steps to keep the personal information it holds current. Amend your records to reflect changes and make sure both hard copy and electronic files are updated. If you know that some personal information is likely to change regularly, go through the files periodically to ensure that your records are accurate and up to date.

10. Consider making someone in your organisation or agency responsible for privacy

This could be a designated person (often called a Privacy Contact Officer or Chief Privacy Officer) who: knows your organisation or agency’s responsibilities under the Privacy Act, and is willing and able to handle complaints and enquiries about the personal information handling practices of your organisation or agency. This person could also be responsible for implementing a complaint handling process, staff training programs and promoting Privacy Act compliance.

Don’t leave privacy to chance.

In tomorrow’s Privacy Awareness Week 2013 post – we look at the Privacy Reforms aimed at protecting individuals, and their credit file from identity theft.

01/05/2013
New laws to aid in correcting your credit report: Privacy Awareness Week 2013

There are a number of significant changes which will impact the correction of credit reports coming through once Privacy Act 1988 (Cth) amendments are implemented in March 2014. As part of Privacy Awareness Week 2013 and this week’s theme Privacy Law Reform, we thought it would be fitting as credit repairers to stipulate those changes that may benefit consumers in the area of disputing unfair or inconsistent credit listings. There is a whole host of new information available to Credit Providers, and with this there will be an increased obligation for Credit Providers to provide accurate, up-to-date and fair information. When correcting their credit report, obviously each consumer will need to draw on different aspects of Privacy Legislation when making their case to dispute their credit listing, and this is why full knowledge of all available privacy legislation both current and new is the key to disputing credit listings. But we look at the new Australian Privacy Principles, and how they are currently interpreted in the draft Credit Reporting Code of Conduct when it comes to access and correction of credit information.

By Graham Doessel, Founder and CEO of MyCRA Credit Rating Repair and www.fixmybadcredit.com.au.

Australian Privacy Principles

The National Privacy Principles (NPP) has up till now been the legislation which underpins the access and correction of Australian credit reports. Come March 2014, this legislation will become the Australian Privacy Principles (APP). There have been some long awaited changes in the area of access and correction. Currently, NPP 6 covers both access and correction, and this will be split into two separate principles APP’s 12 (access) and 13 (correction) come March 2014.

Access

Access involves the request for individuals to access information a company holds about them, and it is an important part of Privacy legislation for credit repair. Having full access to your personal information allows you, for instance, to be privy to all the information a Credit Provider may hold about you and your account, including their client notes and their copies of documentation. To have this information is essential in order to go through and make your case for disputing a credit listing which you believe is inconsistent.

APP 12.4 introduces a new requirement for organisations to respond to a request for access within a reasonable period, and in the manner requested by the individual, if it is reasonable and practicable to do so. This will be of great benefit to consumers, as it stipulates the requirement for timeliness when requesting information from Credit Providers. Many of our clients, and indeed individuals have experienced a significant delay in receiving, if not outright refusal to provide such information. To have a Credit Provider not provide this information can stop a case for dispute in its tracks.

Correction

Currently, if an individual is able to establish that their personal information is not accurate, complete and up-to-date, an organisation must take reasonable steps to correct the information (NPP 6.5). If the organisation and the individual disagree about the accuracy, completeness and currency of the information, the organisation must attach a statement to the information noting this, if the individual requests it to do so (NPP 6.6).

Up till now, it has in many cases been difficult for individuals to establish that information is inaccurate, particularly when the Credit Provider disagrees with this claim. It has been up to the individual (or credit repairer) to go about proving the information is inconsistent. Many individuals have no skill set for establishing proof of inaccuracy, as it requires extensive knowledge of legislation, as well the legal knowledge to negotiate with a very experienced Credit Provider.

The Privacy Commissioner explains the finer points of new legislation to help consumers with correction in its reference material on the new Australian Privacy Principles (PDF):

APP 13 amends the requirement in NPP 6.5 for an individual to establish that their personal information is not accurate, complete and up-to-date.

Instead, if:

an organisation is satisfied that, having regard to a purpose for which the information is held, the information is inaccurate, out-of-date, incomplete or irrelevant or misleading, or

the individual to whom the personal information relates requests the organisation to correct the information

the organisation must take reasonable steps to correct the personal information to ensure that, having regard to the purpose for which it is held, it is accurate, up-to-date, complete, relevant and not misleading.

If an organisation corrects personal information about an individual that it has previously disclosed to another APP entity, the organisation must take reasonable steps to notify the other APP entity of the correction, where that notification is requested by the individual (APP 13.2).

APP 13.3 requires an organisation to provide an individual with written notice if it refuses to correct the personal information as requested by the individual. The written notice must set out:

the reason for refusal (unless this would be unreasonable)

the mechanisms available to complain about the refusal, and

any other matter prescribed by regulation.

If an organisation refuses to make a correction, and an individual requests that a statement be attached to the record stating that the information is inaccurate, out-of-date, incomplete, irrelevant or misleading, the organisation generally needs to attach this statement in a way that will make the statement apparent to users of the information (APP 13.4).

APP 13.5 introduces a new requirement for an organisation to respond to a correction request within a reasonable period. The organisation must not charge the individual for making the request, for correcting the information or for associating the statement with the personal information (APP 13.5).

So in lay-man’s terms, it will be up to the Credit Provider, if it refuses to correct the personal information requested by an individual, to provide reasons as to why it has refused to correct the credit report, and to provide direction to the consumer about how to complain if necessary. On top of this, if the Credit Provider refuses to correct a credit report, individuals may be able to request that a statement be attached to their record showing that the information is considered by them to be inconsistent.

Credit Reporting Code of Conduct

Interpretation of APP’s will be set out in a new Credit Reporting Code of Conduct. Currently this document is in draft stage. There are many significant points for correcting credit reports right through this document, but in the particular area of access, correction and complaint we have these changes:

Access

Access to information will be

-free every 12 months

-free if it relates to a CP’s decision to refuse credit The CRB’s free credit report must be as easy to find as the paid report CRB is required to give a basic explanation to the info it provides to individual on their credit report.

Correction

Can occur whether a CRB or CP is satisfied information is inconsistent, inaccurate out of date etc. Must make correction within 30 days or longer as agreed in writing by individual CRB’s or CP’s consulted by another CRB or CP about a correction requests must be responded to promptly (recommended 10 days).

Complaint

Must be acknowledged within 7 days and investigated and where necessary consultation with CP’s or CRB’s may occur. A decision must be made in 30 days or longer as agreed by individual in writing.

Integrity of Credit Reporting Information

The other significant change is in the area of auditing Credit Providers. We believe this could bring about significant positive changes within the credit reporting system. Credit reporting agencies (CRB’s) will now have the task of providing reports to the public and also to the Privacy Commissioner (who will have final say on complaints and even new powers to penalise breaches) on complaints and corrections numbers.

CRB’s will need to publish information on the number of correction requests received, the number of corrections successful and the number of complaints by each CP. This is with the aim to maintain the integrity of credit reporting information, and to promote accountability through providing transparency in relation to corrections requests and complaints. It will tip the scales in what has often been a case of David and Goliath. Audits will we hope identify those companies who experience problems with credit reporting that could disadvantage consumers, and force some companies to undertake reasonable steps to rectify identified issues.

In Privacy Awareness Week tomorrow, we look at the area of Data Security and how that may impact your business…

image: digitalart/ www.FreeDigitalPhotos.net

30/04/2013
Your credit check is soon to reveal all your bad habits: Privacy Awareness Week 2013.

Press Release

Your credit check is soon to reveal all your bad habits: Privacy Awareness Week 2013.

29 April 2013

Australians are urged to be more diligent with paying all of their bills on time, every time or face a black mark against their name as part of privacy law reforms on their way in March 2014 – and a consumer advocate for accurate credit reporting warns consumers that late payment information is being collected now.

CEO of MyCRA Credit Rating Repair, Graham Doessel says it is important for all credit active individuals to rethink their repayment habits, or potentially face a series of late payment notations which could mean they are banned from credit in the future.

“The time to change is now. Ensure that every bill is being paid on time – not two days late, or a week late – as come March next year – our history of paying bills late from December 2012 onward will show up when we apply for credit,” Mr Doessel warns.

His warning comes as part of Australia’s Privacy Awareness Week 2013 which is run from 29 April to 4 May, aimed at educating individuals and businesses on matters of privacy. 2013’s theme is Privacy Law Reform – a campaign to educate Australians about changes to the Privacy Act (1988) passed on November 29 2012, which will be implemented on March 12, 2014.

Repayment history information (RHI) is part of five new data sets which will appear on Australian credit reports, from March next year – meant to afford a more accurate picture of someone’s suitability to service a loan.

The other four data sets are: the date on which a credit account was opened; the date on which a credit account was closed; the type of credit account opened; and the current limit of each open credit account.

“I think late payments will be looked on pretty unfavourably when this information becomes available to lenders, along with other factors such as applying for too much credit; applying for credit too often; or applying for the ‘wrong’ type of credit,” Mr Doessel says.

He says it is not known how much weight repayment history will be afforded on its own, but predicts lenders will be reluctant to lend to someone who presents with too many late payments – even if there are no defaults present.

“If lenders are deciding between an application which has no late payments and one with a few scattered here and there, they’d probably choose the clear one,” he says.

Mr Doessel says when the legislation was passed in late November, many – including himself were up in arms that RHI could be included after an account was one day late.

“This didn’t allow for any wiggle room, and put those using systems like direct debits and BPay at risk if payments didn’t go through right on time,” he says.

But a draft Credit Reporting Code of Conduct which will underpin the changes to the Privacy Act now allows for a 5 day grace period before RHI is recorded.

“I am thankful that those drafting the CR Code have taken these concerns into consideration and adopted the 5 day rule for individuals – making it fairer for all,” he says.

Mr Doessel says come March 2014, it will be more important than ever for individuals to be vigilant with checking their credit file.

“With all the new information about people available to lenders, it is pretty crucial that it reads accurately. You can check your credit file at no charge annually by applying with Australia’s credit reporting agencies,” he says.

Go to http://bit.ly/My-Free-Credit-File for more help to obtain your credit report.

“Thankfully, if there are issues of inaccuracy on credit reports from March – there will be more support within the Privacy Act amendments to allow for ease of correction,” Mr Doessel says.

/ENDS.

Please contact:

Graham Doessel – CEO Ph 3124 7133

Lisa Brewster – Media Relations media@mycra.com.au

Ph 07 3124 7133 www.mycra.com.au www.mycra.com.au/blog

MyCRA Credit Repair 246 Stafford Rd, STAFFORD Qld

MyCRA is Australia’s number one in credit rating repairs. We permanently remove defaults from credit files. CEO of MyCRA Graham Doessel is a frequent consumer spokesperson for credit reporting issues and is a founding member of the Credit Repair Industry Association of Australasia.

Top image: FrameAngel/ www.FreeDigitalPhotos.net

29/04/2013
Privacy Awareness Week 2013 Privacy Law Reform
29 April to 4 May 2013 is Privacy Awareness Week 2013 across Australia. MyCRA Credit Rating Repair are once again proud partners of PAW, and 2013’s theme “Privacy Law Reform” is especially relevant to us as credit repairers and consumer advocates for accurate credit reporting. We are taking this week to discuss the huge changes coming our way since Australia’s Privacy Act (1988) was amended in late November 2012. We look at how individuals and businesses will be impacted by new Privacy Laws, particularly in our area of focus – credit reporting and credit law, looking towards the implementation of those laws on March 12, 2014.

By Graham Doessel, Founder and CEO of MyCRA Credit Rating Repair and www.fixmybadcredit.com.au.

What is Privacy Awareness Week?

Privacy Awareness Week (PAW) is an initiative of the Asia Pacific Privacy Authorities forum (APPA) held every year to promote awareness of privacy issues and the importance of the protection of personal information. Activities are held across the Asia Pacific region by APPA members.

Why is MyCRA involved?

Credit reporting is governed by the Privacy Act (1988) – so privacy issues are regulated and protected by this legislation. Credit repairers must be fluent in Privacy legislation in order to help consumers with their credit disputes.

2013’s theme – Privacy Law Reform is a pertinent one for consumers. MyCRA believes that every consumer should be educated on the changes coming in for them, and they affect every credit-active individual. We want to raise awareness of how an individual’s ability to obtain credit may be impacted (for better or worse) by these laws. We also want to demonstrate the changes that are coming in the way credit reporting information is handled, and how that will also impact the individual.

What will change?

The new laws will bring about changes in three main areas. (Courtesy of OAIC).

The introduction of a unified set of Australian Privacy Principles (APPs). These principles will be introduced to replace the current National Privacy Principles for those private sector organisations covered by the Privacy Act and the Information Privacy Principles for Australian government agencies. There are a number of important changes with the introduction of the APPs, including in the areas of direct marketing, overseas disclosure of personal information and the handling of unsolicited information.

The introduction of comprehensive credit reporting. These changes are designed to provide consumer credit providers with sufficient information to adequately assess credit risk while ensuring the protection of personal information, and to support responsible lending. The system will be underpinned by a new industry-agreed Credit Reporting Code of Conduct approved by the Commissioner.

Enhanced powers for the Commissioner. These powers include enhanced powers to resolve investigations and promote privacy compliance with access to new remedy powers including enforceable undertakings and civil penalties. Also, for the first time, the Commissioner will be able to conduct Performance Assessments of private sector organisations to determine whether they are handling personal information in accordance with the new APPs, credit reporting provisions and other rules and codes. The Commissioner will be able to conduct these assessments at any time — an added incentive for organisations to ensure they are handling personal information in accordance with the Privacy Act.

Credit reporting and Privacy

Some of the areas of credit reporting which will undergo significant change will be:
- New data on Australian credit reports – including repayment history information
- Quality, security, accuracy and integrity of credit reporting information as set out in APP’s.
- Improved ability to dispute credit listings
- Ability to secure a credit file against identity crime
- Penalties for breach of Privacy Act
- A new Credit Reporting Code of Conduct – currently at Draft stage.
Stay tuned every day this week to find out more about how Australia’s credit reporting law changes may affect you, your credit file and your ability to obtain credit.

Image: Salvatore Vuono/ www.FreeDigitalPhotos.net
29/04/2013