Australian tenancy database giant guilty of bad data management by the Information Watchdog

The Real Estate Institute of Australia stressed the importance of tenant privacy. The complainant alleged that TICA disclosed their personal details to the first estate agent and retained their information longer than required.
13 June 2024
Image by CyberBeat

Australian tenancy database giant, Tenancy Information Centre Australasia or TICA, has been found guilty of breaching a renter's privacy. The company's "virtual manager" service, which notifies property managers when their logged tenants are searched in TICA's main database, tracked a tenant's movement over a seven year period. The service bypassed conventional privacy restrictions that mandate removal of listings after three years. 

TICA defended their service, claiming it as an "internal database", thus exempt from normal blacklist laws. However, the Australian Information Commissioner ruled against TICA in February, aligning the service with regular databases. The Commissioner ordered the removal of the complainant's details from the database. 

The unwelcome incident raised concerns over the number of tenants who may have been unknowingly tracked for longer than legally permitted. Tenancy databases are crucial for landlords as they provide information on tenants with previous rental contract violations. Several private firms, including TICA, manage these databases. 

Leo Patterson Ross, representing National Association of Tenants, criticised TICA's virtual manager service for encouraging non-transparent, unaccountable discussions about tenants. 

The Real Estate Institute of Australia stressed the importance of tenant privacy. The complainant alleged that TICA disclosed their personal details to the first estate agent and retained their information longer than required. TICA rejected both claims. 

The Information Commissioner found TICA guilty of keeping data too long, but not of disclosing it. TICA was ordered to eliminate any personal data held past three years. 

TICA informed the OAIC that they no longer hold personal details of the complainant in their database and are taking steps to upgrade systems for future Privacy Act compliance.

- CyberBeat

 

About CyberBeat

CyberBeat is a grassroots initiative from a team of producers and subject matter experts, driven out of frustration at the lack of media coverage, responding to an urgent need to provide a clear, concise, informative and educational approach to the growing fields of Cybersecurity and Digital Privacy.

Contact CyberBeat

If you have a story of interest, a comment, a concern or if you'd just like to say Hi, please contact us

Terms & Policies >>

Sponsors

We couldn't do this without the support of our sponsors and contributors.