PRIVACY ACT 1988

SCHEDULE 1 - AUSTRALIAN PRIVACY PRINCIPLES  

Note: See section 14 .


Overview of the Australian Privacy Principles
Overview

This Schedule sets out the Australian Privacy Principles.

Part 1 sets out principles that require APP entities to consider the privacy of personal information, including ensuring that APP entities manage personal information in an open and transparent way.

Part 2 sets out principles that deal with the collection of personal information including unsolicited personal information.

Part 3 sets out principles about how APP entities deal with personal information and government related identifiers. The Part includes principles about the use and disclosure of personal information and those identifiers.

Part 4 sets out principles about the integrity of personal information. The Part includes principles about the quality and security of personal information.

Part 5 sets out principles that deal with requests for access to, and the correction of, personal information.

Australian Privacy Principles

The Australian Privacy Principles are:

  • · Australian Privacy Principle 1 - open and transparent management of personal information
  • · Australian Privacy Principle 2 - anonymity and pseudonymity
  • · Australian Privacy Principle 3 - collection of solicited personal information
  • · Australian Privacy Principle 4 - dealing with unsolicited personal information
  • · Australian Privacy Principle 5 - notification of the collection of personal information
  • · Australian Privacy Principle 6 - use or disclosure of personal information
  • · Australian Privacy Principle 7 - direct marketing
  • · Australian Privacy Principle 8 - cross-border disclosure of personal information
  • · Australian Privacy Principle 9 - adoption, use or disclosure of government related identifiers
  • · Australian Privacy Principle 10 - quality of personal information
  • · Australian Privacy Principle 11 - security of personal information
  • · Australian Privacy Principle 12 - access to personal information
  • · Australian Privacy Principle 13 - correction of personal information
  • PART 3 - DEALING WITH PERSONAL INFORMATION  

    9   Australian Privacy Principle 9 - adoption, use or disclosure of government related identifiers  

    Adoption of government related identifiers

    9.1  
    An organisation must not adopt a government related identifier of an individual as its own identifier of the individual unless:


    (a) the adoption of the government related identifier is required or authorised by or under an Australian law or a court/tribunal order; or


    (b) subclause 9.3 applies in relation to the adoption.

    Note:

    An act or practice of an agency may be treated as an act or practice of an organisation, see section 7A .

    Use or disclosure of government related identifiers

    9.2  
    An organisation must not use or disclose a government related identifier of an individual unless:


    (a) the use or disclosure of the identifier is reasonably necessary for the organisation to verify the identity of the individual for the purposes of the organisation ' s activities or functions; or


    (b) the use or disclosure of the identifier is reasonably necessary for the organisation to fulfil its obligations to an agency or a State or Territory authority; or


    (c) the use or disclosure of the identifier is required or authorised by or under an Australian law or a court/tribunal order; or


    (d) a permitted general situation (other than the situation referred to in item 4 or 5 of the table in subsection 16A(1) ) exists in relation to the use or disclosure of the identifier; or


    (e) the organisation reasonably believes that the use or disclosure of the identifier is reasonably necessary for one or more enforcement related activities conducted by, or on behalf of, an enforcement body; or


    (f) subclause 9.3 applies in relation to the use or disclosure.

    Note 1:

    An act or practice of an agency may be treated as an act or practice of an organisation, see section 7A .

    Note 2:

    For permitted general situation , see section 16A .

    Regulations about adoption, use or disclosure

    9.3  
    This subclause applies in relation to the adoption, use or disclosure by an organisation of a government related identifier of an individual if:


    (a) the identifier is prescribed by the regulations; and


    (b) the organisation is prescribed by the regulations, or is included in a class of organisations prescribed by the regulations; and


    (c) the adoption, use or disclosure occurs in the circumstances prescribed by the regulations.

    Note:

    There are prerequisites that must be satisfied before the matters mentioned in this subclause are prescribed, see subsections 100(2) and (3) .




    This information is provided by CCH Australia Limited Link opens in new window. View the disclaimer and notice of copyright.