After two years of campaigning, Fairfax journalist, Ben Grubb, finally got the decision he was seeking: 元数据 could be considered “personal information” under the 隐私Act 1988 (“隐私权法案”)。的 具有里程碑意义的决定 是由澳大利亚隐私专员(Australian 隐私Commissioner)提出的,此举是在Grubb被拒绝访问执法机构和委员会可以访问的元数据之后,而不是个人使用的。在这种情况下,数据控制者Telstra拒绝访问某些描述为“metadata”(即IP地址信息,URL信息和手机信号塔位置信息超出为计费目的而保留的信息),理由是根据《隐私法》获得豁免。

澳大利亚隐私专员另有决定。专员发现,“个人信息”包括个人可以通过以下方式获得的信息:“合理确定”从这些信息。他得出的结论是,在组织能够通过跨系统交叉匹配的信息将个人链接到它收集的元数据的情况下,元数据属于“个人信息”的定义。该决定基于国家隐私原则(‘NPP’),而不是《澳大利亚隐私权原则》(‘APP’) which came into force in 2014. However, given the 应用程式 did not significantly change the definition of personal information, it is predicted that more types of data could be considered personal information, and the decision is expected to carry substantial weight in future cases considered under the new regime.

This decision is likely to have a significant impact on large telecommunications companies holding substantial amounts of 元数据; they will have to consider how data are stored, how it may be cross-referenced, and their capacity to perform such cross-referencing.  As a result, they could face increased costs in complying with the 隐私Act, as well as a possible rise in personal information requests requiring wider disclosure.

该决定的含义超出了电信行业。正如新南威尔士州前副隐私事务专员安娜·约翰斯顿(Anna Johnston)所说的那样,“任何保存单位记录级别数据的数据集都可以与其他来源的数据链接,从而可以确定某人的身份”。通过以这种方式对元数据进行分类,澳大利亚的数据控制者将必须评估其持有的元数据是否属于《隐私法》规定的个人信息定义之内。

人们已经开始担心元数据的个人性不确定性可能扼杀创新。如果组织使用可以归类为个人信息的数据,则组织将不希望受到罚款(财务或其他方面)的风险。例如,对于“serious” or “repeated”干预后,专员可向联邦法院或联邦巡回法院申请命令,要求该组织对个人最高罚款340,000美元,对公司最高罚款170万美元。 Telstra已宣布其上诉意向,并得到了通信联盟的支持;该电信行业机构代表了通信行业,并将决定烙印了“regulatory overreach”.