The exemption for purely commercial credit providers from being a member of a recognised external dispute resolution scheme (EDR scheme) has been extended indefinitely.
Pursuant to section 21D(2)(a)(i) of the Privacy Act, a credit provider is not permitted to disclose to a credit reporting body (CRB) credit information about an individual unless that credit provider is a member of a recognised EDR scheme. However, pursuant to a regulation made on 12 March 2014, a temporary exemption in respect of this obligation was granted to credit providers who only provide commercial credit. That exemption was due to expire on 11 March 2015.
However, on 25 February 2015, the Department of the Attorney General announced that the exemption would be extended indefinitely. That exemption was carried into effect by the Privacy Amendment (2015 Measures No. 1) Regulation 2015 (Regulation) made on 26 February 2015.
The reasons set out in the Explanatory Statement accompanying the Regulation, (which reflect consultation with stakeholders, including industry representatives, privacy and consumer advocates and an EDR scheme provider), may be summarised as follows:
- potential costs to industry;
- lack of any clear evidence of consumer detriment;
- current industry practices; and
- consumers already have the ability to seek redress in relation to commercial credit reporting by means of CRBs who are required, in any event, to be members of recognised EDR schemes.
This represents a victory for common sense, especially for small to medium commercial credit providers for whom the requirement to be a member of an EDR scheme would have simply represented another layer of cost and administrative burden with no discernible benefit to anyone.