What is data?
‘Data’ can be broadly defined as any information that has been reduced to characters, words, numbers, images, sound or video. Data can be collected to form ‘datasets’, a collection or record of data organised according to a common context or criteria.
Data can be categorised according to the nature of the information it contains: for example, health data, personal data, research data, business data and consumer data.
The amount of data created globally is growing at an exponential rate. Data can be a major source of value for businesses in an economic sense, and valuable to individuals on privacy grounds.
Is data “property”?
Data is not, by its nature, property within the ordinary legal sense of the term.
Data may constitute property if it otherwise meets the requirements to be protected as copyright or as confidential information.
Copyright may apply to data if it meets the requirements of being a literary work. A literary work requires independent intellectual effort by an author. Datasets may qualify for copyright protection on this basis. However, it should be noted that any copyright in a dataset only protects the form of the dataset’s presentation and not the underlying facts or data.
Australia has not yet followed the lead of other jurisdictions in recognising a separate “database right” which protects the content of a database.
If copyright does subsist in a dataset, a party can take action against a third party for infringement of the copyright. A claim for copyright infringement must involve the copying of a substantial part of the relevant work, and depending on the nature of the data and its copying, this may be difficult to prove.
Confidentiality may subsist in data if a party treats the data as confidential. When sharing that data with third parties, the “owner” should ensure that the third party similarly treats that data as confidential – in order that it maintains it status as confidential information. This may not always be practical or possible, depending on the nature of the data and how it is intended to be used.
What is the intersection of data with Privacy law?
If data contains information or an opinion about an identified individual or an individual who is reasonably identifiable, then such data will be personal information for the purposes of the Privacy Act. Accordingly, organisations handling such data must do so in accordance with the Privacy Act.
Under the Privacy Act, individuals have the right to know why their personal information is being collected, how it will be used and who it will be disclosed to. Individuals also have the right to remain anonymous, access their personal information being collected, stop receiving unwanted direct marketing, ask for their personal information to be corrected if incorrect and to make a complaint about an entity covered by the Privacy Act if they have mishandled their personal data. For more information on Privacy, see the Privacy section.
Consumer data right
The Australian government is in the process of implementing the Productivity Commission’s Data Availability and Use Report and the Treasury’s Review into Open Banking in Australia, with the introduction of Consumer Data Rights.
The Consumer Data Right will provide consumers with a new right to access certain data about them held by businesses in a readily usable form and in a timely manner. Customers will be able to direct businesses to transfer their data to a trusted third party of their choice. The Consumer Data Right will first be rolled out in the banking sector, and it is then expected to be rolled out to the energy and telecommunications sectors. The right will subsequently be applied economy-wide on a sector-by-sector basis.
More information on data
For more information on data, contact: