Business

Freelancer contests $20,000 privacy breach fine from OAIC

Matt Barrie's Freelancer has been ordered to pay $20,000 in damages to a European former account holder for alleged privacy breaches by the Office of the Australian Information Commissioner.

The complainant alleged that Freelancer had breached the Privacy Act in a number of ways, including by using his IP address to link his active account with dummy accounts and to uncover his identity after he made a negative post about the company on a personal website and business blog.

Privacy Commissioner Timothy Pilgrim ruled that Freelancer had breached part of the Privacy Act by not providing the complainant with sufficient notice of the collection of his IP address and that the tech company had further contravened the act by disclosing personal information about the complainant on publicly accessible websites.

But, the Freelancer intends to contest the fine, telling The Australian Financial Review that it disagreed with some of the information presented as fact.

"Freelancer disagrees with the outcome of this determination and in particular some of the facts that have been accepted as part of it," deputy financial officer Chris Koch said.

"We are in the process of exercising our rights to appeal. As this matter is currently before the courts, it would not be appropriate to comment further at this time."

Advertisement

The stoush with the former account holder began in December 2014 when he lodged the complaint with the OAIC but the complainants problems with the website began back in 2010.

In December 2010 Freelancer suspended the user's account for security reasons, after his IP address had been linked to dummy accounts, which blocked his access to his funds.

The account was later reopened, and the user subjected to an array of identity checks, which he labelled as "humiliating".

After his experience, the user posted the negative blog posts, which were the catalyst for a string of events that culminated in the complaint to the OAIC.

The former account holder alleged that Freelancer had attempted to disclose on his blog site in August 2012 his name and pseudonyms, telling readers that he had posted inaccurate articles about Freelancer.

At the same time Freelancer is alleged to have removed the complainants edits on the company's Wikipedia page and in doing so published the former account holder's full name in the revision history.

The European-based complainant also said Freelancer had threatened him if he didn't remove the negative blog post but Mr Pilgrim did not agree with this.

"Though Freelancer's notice to the complainant on 13 August, 2012, appears less than courteous, I am not satisfied that the assertions made by the complainant of intimidation and blackmail are applicable in the circumstances of this matter," Mr Pilgrim said in his decision.

The former Freelancer user also raised concerns about the job marketplace's metadata collection policies, third party disclosure activities and offshore data holdings.

As well as the $20,000 fine ($15,000 for non-economic losses and $5000 in aggravated damages), Freelancer has also been ordered to apologise in writing to the former Freelancer user and undertake additional staff training on information handling procedures within six months.

Advertisement