Australia, insurance, car, home, live, holidays

Renters say they have to provide more and more information to help secure a property in the competitive rental market.Credit:Ben Rushton

Real estate agents have almost free rein on what they can ask to collect – beyond protection against basic discrimination based on background or disability – and some ask for applications just to view a property. In a tight rental market,prospective tenants feel obliged to provide as much information as they’re asked for,said Leo Patterson Ross,chief executive of Tenants Union NSW.

“The purpose of what it is collected for is very problematic. People are being asked for even their social media profiles ... this has no real bearing of maintaining your tenancy,” Patterson Ross said.

“This competitive process is driving all this information being held. We’re concerned about where it is being held and why it is being held at all.”

He said tenants were even being asked to provide pet resumes,which detail the animal’s breed and behaviours;the make,model and registration of a tenant’s vehicle;and self-funded background checks from tenancy databases. Other tenants told this masthead they were required to provide a passport or birth certificate,payslips,drivers licence and credit scores.

Experts have raised their concerns about the real estate industry’s increasing collection of sensitive data.Credit:Peter Rae

“We would be really keen for the government to very closely investigate what is needed in terms of regulation and infrastructure around the data people are being asked to provide to keep a roof over their heads,” Patterson Ross said.

“The risks of data breaches,and knowing that it can happen to any company,means this needs to be really carefully considered.[It’s also worth weighing up whether] the data being collected is even useful or appropriate to judge whether a person should have a home or not.

“We’ve sleepwalked into the situation we are in now. This hasn’t been considered properly for many,many years.”

Digital Rights Watch program lead Samantha Floreani said a data breach in the real estate industry would be devastating for renters and businesses alike.

“It’s a huge amount of personal and sensitive information that gets collected that puts renters at a significant amount of risk. It does feel like a data breach waiting to happen,” Floreani said.

In Victoria,there are some limitations on what agents can ask for,including whether prospective tenants have taken legal action with previous landlords,their rental bond history and a credit or bank statement containing daily transactions.

“In an attempt to assess the risk of potential renters,agents are asking for more and more information to determine whether that renter is the lowest risk possible and often that goes far beyond what is necessary,” Floreani said.

“Renters don’t feel like they have a meaningful choice but to hand over whatever information that is being asked of them because of the fear of not getting the rental.”

She said it was difficult for the average renter to know where their information would be stored,how long it would be retained and who it would be shared with.

Floreani pointed out that businesses with an annual turnover of less than $3 million were exempt from the Privacy Act.

“Some of these companies are pretty small and are not experts in privacy law,or digital security practises,or have the budget for security testing. What that does is create a pretty concerning risk for not just the renters but for the companies themselves.

“A fallout like that would be devastating for not only the tenants,but also for the companies. If it can happen to Optus,a huge company with a huge budget and presumably a huge security team,it can happen to anyone.”

The Real Estate Institute of Australia’s president Hayden Groves said renter privacy and the risk of a data breach were of deep concern to the Institute.

“It is on our radar,and we’ll be looking to ensure our state institute members who are dealing with this sort of sensitive data have the correct tools that they’re following due process and best practice principles,” Groves said.

He said while the Institute would be supportive of better guidelines on what should be collected,it did not want regulations,and urged real estate agents to be reasonable in what they requested from prospective tenants.

“We would encourage practitioners to not push the boundaries. The Optus breach has shone a light on it. It’s a wake-up call. We do handle a lot of data,if Optus can be hit then smaller businesses are at particular risk.”

The Morning Edition newsletter is our guide to the day’s most important and interesting stories,analysis and insights.Sign up here.

License this article