Freelancer.com looks to have been be caught up in another privacy breach debacle, after one of its European account holders filed a $60,000 complaint with the Office of Australian Information Commissioner (OAIC) alleging breaches of privacy.
The complainant alleges the Privacy Act and Anti-Money Laundering and Counter-Terrorism Financing Act have been breached in several ways, including requesting personally identifiable information after the service was provided instead of before, and for allowing the account holder to continue providing a service using an unidentified account.
The complainant also alleges Freelancer.com does not provide information of how account holders can make a complaint about an Australian Privacy Policy Breach.
The complainant told InnovationAus.com the motivation for filing the company is not to “cause harm or make money” but rather “to help tens and thousands of people from the EU who have all faced the same problems.”
Freelancer.com founder and chief executive Matt Barrie has declined to comment.
But Dr Roger Clarke, a long-time privacy consultant and board member of the Australian Privacy Foundation, said, however, principles such as the Australian Privacy Policy are designed “primarily to facilitate business and government, and provide very limited actual privacy protections. APPs 3-5 apply to data collection, and are highly permissive.”
“There could be lots of OAIC ‘advice’ about how to be nice to consumers, but advice is not law, and is routinely ignored by many companies,” he said.
Based on history, these allegations against Freelancer.com could be empty. Freelancer.com was caught up in a separate privacy breach case with another European former account holder, Karol Szczepanski, who also operated under several pseudonyms including Chaim Szczepanski, Charles Szczepanski, and Chaim Kovalsky.
At the time, Mr Szczepanski alleged that Freelancer.com had also breached the Privacy Act in a number of ways, including unnecessarily collecting his IP address and using it to link his active account with dummy accounts and disclosing his identity after he made negative comments about the company on their website and blog.
The OAIC originally ordered Freelancer.com to pay $20,000 in damages for the alleged privacy breach. However, after appealing the case, it was found that Mr Szczepanski’s motive and grievances was to cause “war” against Freelancer.com.
He did this through a series of public online posts that were considered defamatory and often race-related tirades.
As a result, the Administrative Appeals Tribunal concluded Mr Szczepanski’s reliability as a witness was questionable, and that the only potential basis for any compensation was for the August 2012 disclosures – when the complainant’s identity was disclosed on Freelancer’s Wikipedia page – which the Tribunal found did not cause any “significant distress”.
Ultimately, the OAIC’s decision was overturned and Mr Szczepanski was awarded nothing.
Cases like these point to the complexities and tribulations that business operating internationally often face – and are not uncommon.
It’s also likely to become more complex as legislative changes continue to be made in different jurisdictions. Nothing is ever black and white.
Do you know more? Contact James Riley via Email.