Mr BARTON (Eastern Metropolitan) (18:05): My adjournment tonight is for the Minister for Government Services, Minister Danny Pearson. I have deep concerns regarding Commercial Passenger Vehicles Victoria’s (CPVV) data collection requirements for booking service providers in the commercial passenger vehicle industry. Under the current regulations all booking service providers are required to keep and submit records of trip data that include things such as kilometres travelled and the fee charged as well as the date, time and GPS coordinates of where the trip started and ended. One may think that this data would only be called for when it is relevant to specified incidents or complaints. Instead the CPVV is demanding all of this data be submitted.

There exists little clarity about why this data is being collected, who will protect it and how it will be used. While the names of passengers are not required, given the demand for GPS coordinates or addresses, as well as other data, it is very easy to see how this data could be linked to an individual, their address and their movements. As you can imagine, this has led to booking service providers experiencing anxiety over their clients’ consent and privacy and who is accountable. The CPVV has an obligation to inform the industry and the passengers of what it plans to do with that personal information it collects. I am also concerned about the strict and specified format of the reporting data requirements. Smaller industry operators do not have the technological know-how or the capacity to record, maintain and submit this information. This is especially true when operators are expected to report within a short time frame.

Adjournment 16th Feb 2021

Rod called for the Minister for Government Business to instruct the CPVV to halt its threat of fines of up to $99 000, while we further investigate the priva…

It is clear that the taxi industry is suffering. Where can we draw the line between immense data requests and threatening to cripple operators who simply cannot afford the technology required to meet these data demands? What makes these concerns all the more serious is the threat of the fines if they do not report the data within the due date and in the required format. These fines are up to $99 000 for body corporates and $19 000 for individuals.

I have recently met with the Victorian information commissioner and the privacy and data protection deputy commissioner, who advised me that these data requirements have some clear red flags that will require further investigation. Therefore the action I am asking the minister to take is: will the government instruct the CPVV to cease its threats to operators of fines for non-compliance until there is further clarity on this matter?