As well as intellectual property and defamation, other issues related to online activities can affect legal rights.
Vilification and discrimination
Material that vilifies or discriminates against a particular group of people may be prohibited under the Racial Discrimination Act 1975 (Cth) (“RD Act”). The Australian Human Rights Commission (AHRC) (see “Contacts”) assesses this type of content. Publishers of online content have been found to have acted unlawfully where the content they publish is racially vilifying or discriminatory.
In Jones v Toben  FCA 1150, the Federal Court upheld the AHRC’s decision that the respondent had engaged in unlawful conduct by publishing material that vilified Jews on a website.
This decision has been applied in other cases, such as in Silberberg v The Builders Collective of Australia Inc  FCA 1512. At the heart of the Silverberg case were messages posted to an online discussion forum that contained material that racially discriminated against Jews. Although the court found that the person who posted the messages containing the offensive content did so in breach of the RD Act, the website host was found to have not breached that Act because the host’s failure to remove offensive content, despite having knowledge of it, was not necessarily connected to race.
In Eatock v Bolt (No 2)  FCA 1180, the Federal Court found that section 18C of the RD Act had been contravened by the publication of articles (print and online) that discussed the Aboriginal identity of identified individuals. The publication was assessed from the point of view and circumstances of the identified individuals, and not from that of the general community. The publications were found to contain inflammatory and provocative language; and the good faith exemptions for fair comment and genuine purpose in the public interest were not made out.
In Victoria, the Racial and Religious Tolerance Act 2001 (Vic) (“RRT Act”) specifically covers electronic communications, including email. The key section of the RRT Act is section 8(1), which provides that:
A person must not engage in conduct that incites hatred against, serious contempt for, or revulsion or severe ridicule of, that other person or class of persons.
Complaints can be made to the Victorian Equal Opportunity and Human Rights Commission (see “Contacts”).
For more information, see Discrimination and human rights.
Catch the Fire Ministries Inc v Islamic Council of Victoria Inc  VSCA 284
The Islamic Council of Victoria lodged a complaint under the RRT Act about statements made by a Christian pastor from the Catch the Fire Ministries (“Ministries”) at a seminar and in articles published online; the complainant claimed the pastor’s statements vilified Muslims.
The Victorian Civil and Administrative Tribunal (VCAT) upheld the complaint and ordered that corrective advertisements be published on the respondent’s website for a period of 12 months.
The Ministries appealed VCAT’s decision and the appeal was upheld on the basis that VCAT applied an incorrect test in determining whether the RRT Act had been breached.
However, the Court of Appeal confirmed that:
• the order to publish corrective advertising was not beyond VCAT’s power under section 136 of the Equal Opportunity Act 2010 (Vic); and
• section 8 was valid and did not burden the implied freedom of communication about government and political matters.
The Australian Government regulates internet gambling. Access by Australian-based customers to certain forms of interactive gambling is prohibited (e.g. online casino-style games and live sports wagering). It is also an offence to provide particular forms of Australian-based interactive gambling to customers in specific countries.
For more information about internet gambling, go to the Australian Communications Media Authority (ACMA) website (www.acma.gov.au).
Domain names (also called URLs) are unique web addresses. To establish a domain name, the name must be registered with the Internet Corporation of Assigned Names and Numbers (ICANN). In Australia, ICANN contracts out its registration function to other corporations.
“Cyber-squatting” is where a person registers a domain name in which they have no legitimate interest, with a view to obtaining a profit from those with a genuine interest in the domain name. There is no specific anti-cyber-squatting legislation in Australia, but such actions may constitute trade mark infringement, “passing off” (i.e. representing goods or services as your own, which are not) or may breach the Competition and Consumer Act 2010 (Cth). In Australia, cyber-squatting is usually dealt with under misleading or deceptive conduct, rather than trade mark infringement.
Under Australian law, domain names are a licence, held by the person who registered the name (the registrant), under a contract with the authority in charge of managing and registering domain names.
Because the registration of a domain name is an administrative action, the act of registration does not give the registrant any legal rights, other than the contractual right acquired by registration. This means that domain names are not owned, but are contractual rights that are subject to terms and conditions as stipulated in the agreement for registration. The policy of the Australian Domain Name Administrator (auDA) (the regulator of the .au domain administration) states that:
2.1 There are no proprietary rights in a domain name. A registrant does not “own” their domain name, instead they hold a licence to use the domain name for a specified period of time and subject to the licence terms and conditions.
2.2 Because the registrant does not have a proprietary right in the domain name, it is not legally possible for the registrant to “sell” the domain name. By offering to sell their domain name to another party, the registrant is in breach of the Registrant Agreement.
Domain names were originally licensed on a “first-come, first-served basis”. The current policy provides for .com.au domain names to:
exactly match, or be an acronym or abbreviation of the registrant’s company or trading name, organisation or association name or trademark; or be otherwise closely and substantially connected to the registrant. The applicant must also warrant that it intends to use the name.
For more information about registering domain names, visit auDA’s website (www.auda.org.au).
Under common law, holding the registration of a domain name may not constitute having control over the website’s content. This is relevant, for example, when determining whether a party has power to publish corrective notices on a website. (See Australian Competition and Consumer Commission v Dynacast (Int) Pty Ltd (formerly Phoneflasher.com Pty Ltd) ACN 061 234 642  FCA 429.)
Domain name disputes are commonly dealt with through dispute resolution, which is cheaper and simpler than court litigation. Australian domain name disputes are dealt with according to auDA’s dispute resolution policy. Disputes are dealt with by independent arbitration services that have been accredited by ICANN (the World Intellectual Property Organisation (WIPO), the National Arbitration Forum, the Asian Domain Name Dispute Resolution Centre, and the CPR Institute for Dispute Resolution).
The dispute resolution process for situations in which the company challenging the domain name owns a business name or trade mark identical to the domain name is if the challenger owned the name prior to the domain name owner registering the name, the domain name is taken and disabled until the dispute is settled. This prevents the domain name owner from using their possession of the name to bargain with the challenger.
Melbourne 2006 Commonwealth Games Co v B & M Group of Co Pty Ltd (2005) WIPO
WIPO’s administrative panel heard and ruled on a complaint brought by the Melbourne 2006 Commonwealth Games Corporation about an attempted sale to the state of Victoria of a collection of registered domain names. These domain names included melbourne-2006.com, melbourne2006.com, melbourne2006.info, melb2006.com and melb2006.info, which were identical or confusingly similar to at least one of the trade marks in which the complainant had rights.
WIPO found that the respondent had no rights and no legitimate interest in the domain names. The respondent’s offer to “rent” the various domain names to the complainant for a fee of $50,000 per month was found to be sufficient evidence that the respondent registered and used the disputed domain names in bad faith. WIPO ordered the domain names be transferred to the complainant.
The domain name “staples.com.au” was registered by an IT services company that paid the registration and renewal fees for that domain name without seeking reimbursement.
The business for which the domain name was registered, Staples, never used the domain name.
A USA company – also called Staples – sought to purchase the domain name. A representative of the IT services company transferred the domain name to himself, then sold the domain name for $82,500, and retained the proceeds. The judge characterised the transfer and sale as a dishonest and fraudulent design to defeat Staples’ right to the domain name.
The Privacy Act 1988 (Cth) (“Privacy Act”) imposes Australian Privacy Principles (APPs) on the federal public sector and on private sector organisations.
The APPs set the minimum standards for collecting and handling personal information by businesses and other private sector organisations.The APPs are relevant, for example, when collecting personal information from contributors to an online forum.
There are exemptions for small businesses and media organisations acting “in the course of journalism”.
For more information on privacy laws, see Privacy and your rights.
Changes to the Privacy Act came into effect on 12 March 2014. The Privacy Amendment (Enhancing Privacy Protection) Act 2012 (Cth) amended sections of the Privacy Act and included a set of new, harmonised privacy principles that regulate the collection, use, storage and disclosure of personal information by Australian Government agencies and some businesses. These new principles apply to the collection and use of personal information, including the online storage of personal information.
Certain online communication practices, including giving a person unwanted attention or sending a person offensive material, may constitute harassment.
Cyber-bullying is offensive, menacing or harassing behaviour that is conducted using technology.
Examples of cyber-bullying include:
• posting hurtful messages, images or videos online;
• repeatedly sending unwanted messages online;
• sending abusive texts and emails;
• excluding or intimidating others online;
• creating fake social networking profiles or websites that are hurtful;
• participating in nasty online gossip and chat; and
• any other form of digital communication that is discriminatory, intimidating, intended to cause hurt or make someone fear for their safety.
Under the Criminal Code Act 1995 (Cth) (“Criminal Code”), it is a criminal offence to use the internet, social media or a telephone to menace, harass or cause offence. The maximum penalty for this offence is three years imprisonment or a fine of more than $30,000.
There are also stalking offences in each state and territory. Stalking involves a persistent course of conduct that is intended to make the victim feel fearful, uncomfortable, offended or harassed. When the conduct occurs online (e.g. by email or on social networking sites) or via text message, it is still a criminal offence. Stalking offences carry heavy maximum penalties.
More information is available from the Australian Cybercrime Online Reporting Network (ACORN) (www.acorn.gov.au/learn-about-cybercrime/cyber-bullying).
Victims of stalking can seek an intervention order against the stalker; see “Personal safety intervention orders for stalking” in Family violence.
Revenge porn (also called “image-based abuse”) is the exploitative sharing of intimate or sexual material of a person without their consent, with the intention of causing that person harm.
“Image-based abuse” is the term preferred by academics and government agencies as not all perpetrators are motivated by revenge, and not all images are pornography (see R v Silva  ACTSC 108 for discussion on what is “sexual material”).
There are specific laws in Victoria and South Australia that criminalise the distribution of an intimate or “invasive” image without consent. In both Victoria and South Australia, it is also a criminal offence to threaten to distribute an intimate or invasive image (see “Sexting”).
The Criminal Code Amendment (Private Sexual Material) Bill 2016 (Cth) was introduced to the House of Representatives on 17 October 2016. At the time of writing (30 June 2018), we await the further passage of this Bill.
Currently, the Criminal Code (s 474.17) – “using a carriage service to menace, harass or cause offence” – has been used to respond to image-based abuse.
However, if the perpetrator does not demonstrate a clear intention to menace, harass or cause offence, the law is vague.
While criminal and civil laws exist in some states and territories to provide compensation to victims of image-based abuse, there is no national consistency.
the creating, sharing, sending or posting of sexually explicit messages or images via the internet, mobile phones or other electronic devices (Law Reform Committee 2013, Inquiry into Sexting, Victorian Parliament, Parliamentary Paper No. 230, p. ix).
The Crimes Amendment (Sexual Offences and Other Matters) Bill 2014 (Vic) (which passed on 15 October 2014) amended the Summary Offences Act 1966 (Vic) (“SO Act”) and the Crimes Act 1958 (Vic) (“Crimes Act (Vic)”). The Bill created the offences of distributing an intimate image (s 41DA) and threating to distribute an intimate image (s 41DB) under the SO Act.
However, young people who engage in consensual peer-to-peer sexting are protected from being treated as child pornographers (s 70AAA Crimes Act (Vic)). Young people who engage in this behaviour are not placed on the sex offenders register.
Social networking sites, such as Facebook and LinkedIn, enable members to use a personal profile to interact with other people online.
Social networking sites can give rise to privacy and safety concerns, as it can be difficult to confirm the identity of other social networking site members.
A common problem on social networking sites is the establishment of false profiles, designed to mislead users as to the identity of the person posting the information. An online reporting facility exists on Facebook and Twitter where requests can be made to remove or modify the false page or user.
All publication laws (including defamation, copyright, vilification and contempt) apply to social networking sites. Other publication restrictions apply (e.g. not identifying victims of sexual offences, or discussing Children’s Court and Family Court matters).
If you use a profile that identifies you as an employee or associate of a particular organisation, you are usually subject to the social media and professional conduct guidelines of that organisation.
Internet dumping (also known as “modem jacking”) is the practice of switching a user from their current ISP to a premium-rate telephone number without their knowledge or consent. Internet dumping can occur when certain websites are accessed.
Internet dumping is likely to breach the Competition and Consumer Act 2010 (Cth), and various state Fair Trading Acts, and may also be a breach of the customer’s ISP contract.
If the ISP cannot resolve a complaint concerning internet dumping or an aspect of the ISP’s service, complaints can be made to the Telecommunications Industry Ombudsman (see “Contacts”).
Spam is unsolicited commercial electronic messages (i.e. electronic junk mail) that is generally delivered by SMS or email.
Under the Spam Act 2003 (Cth), spam can only be sent with the consent of the person receiving the message. However, consent can be reasonably inferred if there is a business relationship between the sender and the receiver of the message.
Commercial messages must include an unsubscribe facility.
Phishing is a form of identity theft where fake emails and websites – that are designed to look like legitimate businesses, financial institutions and government agencies – are used to deceive internet users into disclosing financial account information or other personal details.
For more information, including how to complain about spam and phishing, contact ACMA (see “Contacts”).