Privacy Law Comprehensive Review

vocabulary flashcards covering definitions, legal tests, case law ratios, and statutory principles from the Privacy Law lecture notes across New Zealand, Australia, UK, and North American jurisdictions.

REOP

An abbreviation for Reasonable Expectation of Privacy, a core concept used to determine if a privacy interest is legally protected.

Warren & Brandeis (1890) Conception

An argument from the Harvard Law Review that privacy is a 'personality right' focused on human dignity and mental anguish rather than a 'property right.'

Alan Westin's Definition of Privacy

Defined as the claim of individuals, groups, or institutions to determine for themselves when, how, and to what extent information about them is communicated to others.

Ruth Gavison's Three Components of Privacy

Limited accessibility comprised of Secrecy (limited info known), Anonymity (limited attention paid), and Solitude (limited physical access).

Reductionists

Legal theorists who deny privacy is a unique theme, arguing that privacy claims are derivative of other rights like property or personhood.

Coherentists

Legal theorists who believe privacy is a distinct and coherent social and legal concept that requires separate causes of action to protect specifically privacy interests.

Intrusion into Seclusion (NZ Elements)

As established in C v Holland: 1. Intentional and unauthorised intrusion; 2. Into seclusion (intimate personal activity, space, or affairs); 3. Infringing on a reasonable expectation of privacy; 4. Highly offensive to a reasonable person.

Public Disclosure of Private Facts (NZ Elements)

As confirmed in Bradley v Wingnut Films: 1. Public disclosure; 2. Of private facts; 3. The matter made public is highly offensive to the objective, reasonable person of ordinary sensibility.

Reluctant Debutante

A term used in Tucker v News Media to describe an individual who seeks publicity out of necessity rather than choice, impacting their expectation of privacy.

Misuse of Private Information (UK)

The legal label for the UK tort that evolved from 'Breach of Confidence' to focus on protecting human autonomy and dignity under Article 8 of the ECHR.

Coco v A.N. Clark Elements

The traditional requirements for Breach of Confidence: 1. Information must have the necessary quality of confidence; 2. Information imparted in circumstances importing an obligation of confidence; 3. Unauthorised use of the information to the detriment of the party.

Article 8 ECHR

The right to respect for private and family life, home, and correspondence, used as a primary stage in the UK balancing test for privacy.

Article 10 ECHR

The right to freedom of expression, which the courts must balance against Article 8 privacy rights in the UK and European contexts.

Public Interest Defence (NZ)

Adopted in Hosking v Runting and P v D as a factor or defense where the nature and extent of legitimate public interest in information outweighs the privacy interest.

L v G (NZ) Ratio

Established that identify is not required for a privacy breach; a non-consensual publication of intimate photos is a breach even if the subject is not identifiable.

Henderson v Walker Publicity Rule

Clarified that for Public Disclosure of Private Facts, publicity does not need to be widespread and can include disclosure to only one person.

Grosse v Purvis (Australia)

A lower court case that recognized a common law cause of action for invasion of privacy in Australia, requiring a willed act, intrusion, high offensiveness, and detriment.

Victoria Park Racing v Taylor Ratio

The 1937 High Court of Australia authority stating that no general common law right to privacy exists in Australia.

Clean Slate Act 2004

Legislation allowing individuals to conceal criminal convictions if they meet specific criteria (e.g., >7 years since conviction, not a sexual crime, no prison time).

IPP 6 (Privacy Act 2020)

The Information Privacy Principle granting individuals the right to access personal information held about them by an agency.

IPP 11 (Privacy Act 2020)

The Information Privacy Principle setting limits on the disclosure of personal information outside the purpose for which it was collected.

Notifiable Privacy Breach

Under the Privacy Act 2020, a breach that results in, or is likely to result in, serious harm to an affected individual and must be reported to the Privacy Commissioner.

Agency (Privacy Act 2020)

Broadly defined as any person or body of persons, whether corporate or unincorporate, but excludes the news entity exemption for news activities.

Griswald v Connecticut (USA)

A landmark US Supreme Court case finding a right of privacy implied in the 'penumbras' of the Third, Fourth, Fifth, and Ninth Amendments.

False Light Tort

A privacy tort (recognized in the US and Canada/VMY v SHG) where one gives publicity to a matter that places another in a false light that is highly offensive and done with reckless disregard for the truth.

R v Tessling (Canada) Totality of Circumstances

A test used to determine reasonable expectation of privacy, evaluating subjective expectations and objective reasonableness regarding the nature of the information and how it was obtained.

Biometric Processing

Defined under the 2025 Privacy Code as using biometric technology (like facial recognition) to verify, identify, or categorise individuals based on biometric samples or templates.

Shadow AI

The practice of employees using AI tools without the permission or knowledge of their employers, often leading to data leakage of sensitive information.

Prompt Injection Attack

A security risk where an attacker uses specific prompts to manipulate or change an AI system's intended function or exfiltrate data.

Data Sovereignty (Māori Perspective)

The inherent rights and interests Māori have in relation to Māori data, viewing personal information as taonga where collective rights may prevail over individual privacy.