New legislation to punish serious privacy breaches must recognise insurers’ legitimate need to investigate fraud, the Insurance Council of Australia (ICA) has told an Australian Law Reform Commission inquiry.

The inquiry – launched under the previous government – aims to consider a “statutory course of action” for victims to take legal action in a court or tribunal.

ICA is concerned about proposals that could stop insurers undertaking surveillance to assess personal injury claims under compulsory third party or workers’ compensation.

It says insurers need to investigate suspected fraud or misrepresentation.

The inquiry will consider what tests and defences will apply, and whether a court or a tribunal should hear cases.

“It is crucial that workable defences are provided in order to avoid unwarranted interference with legitimate commercial interests, such as those of insurers,” ICA said.

It calls for a list of examples of privacy invasion, to give businesses certainty. The council says a plaintiff should be required to demonstrate a reasonable expectation of privacy and that the invasion would be highly offensive to a person of “ordinary sensibilities”.

They should also need to demonstrate the invasion was intentional or reckless.

ICA says insurers need to collect, use and disclose personal information to provide cover and pay claims, and the industry has invested in systems, training and policies to promote a culture that respects and protects privacy.

It has no objection to remedies such as damages, orders requiring an apology and correction orders.