The number for the Australian economy is big, $20.3 billion, if farmers can transition from analogue business and production models to digital. That was the value calculated last year by the Accelerating Precision Agriculture to Decision Agriculture Project team, a study group which was supported by all 15 rural research development corporations. However, privacy considerations of those farmers and the requirements of privacy legislation (and also when it doesn’t apply) are a crucial part of the discussion about digitising agriculture and how it can be used against farmers. This is especially relevant as a result of the emergence of data co-operatives to protect data of farmers.
The difference between personal and non-personal information
The law treats personal information (such as name, address, telephone number) differently from non personal information (information that cannot be used to identify a person which often includes agricultural related data). However, the Privacy Act 1988 (Cth) only covers the manner in which personal information is collected, used and disclosed. This results in the common misconception that agricultural data is also covered as it comes from a farmer’s property, however that type of information will not generally be able to reasonably identify a person and means that contracts and licences will determine how that information is controlled. Where this occurs an issue can arise where the farmer hasn’t read the details of the contract or licence which gives the other party access and use of the farmer’s non-personal information. Another effect can be where the contract doesn’t restrict the use of the non-personal information which also means that information can be harvested and used to the detriment of farmers.
When agricultural data can be personal information
To gain the protections of the Privacy Act, the agricultural data must be able to identify an individual. This can be from one data source, such as farm co-ordinates, or from a variety of sources that allow the information to be put together, for example production data and general region information.
De-identifying personal information
While non-personal information can be aggregated to a point where is becomes personal information, if it is suitably ‘de-identified’ it will not trigger the obligations of the Privacy Act which means that it can then be shared with other parties. This can be done by either removing or altering information that could potentially be used to re-identify the personal and/or the use of controls and safeguards at the point of data access which would prevent re-identification.
Protections of legislation are only part of the privacy conversation
As the Privacy Act only protects personal information and agricultural data is often (but not always) non-personal information, attention needs to be paid to clauses in contracts and licences which determine how the non-personal information is to be used. However, as some contracts and licences contain fine-print that runs over numerous pages, transparency in such documents are vital to build trust between farmers and machinery and service providers. This also shows that accountability and transparency are vital if agriculture is to be truly digitised as envisaged, in many respects Australia is behind in this area but this comes with the benefit of being able to observe what has worked and what hasn’t in other countries.
Kingfisher Law are Australia's agribusiness legal specialists and will discuss any legal issue you may be experiencing, in a confidential and professional manner. Call 1300 529 424 to book a consultation.