The Information Privacy Principles
of the Australian Privacy Act 1988
Unofficial Short Form

Roger Clarke

Australian National University

© Australian National University, 1989

Companion Pages are:

a short personal summary of the Act

an interpretation and annotations (abstract only)

an assessment against the OECD Guidelines

The Information Privacy Principles occupy 1500 words of careful legalese. This version conveys their essential content, not their detailed meaning, nor the manifold exceptions and qualifications. Their applicability is only to organisations subject to the Act, which is to say the majority of Commonwealth Government agencies, in respect of most of their personal data holdings, plus additional organisations in particular circumstances.

1. Collection [applies only after 1 Jan 1989]

A collector shall only collect personal information for inclusion in a record or generally available publication where it is necessary for a lawful purpose. A collector shall not collect personal information by unlawful or unfair means.

2. Solicitation from the Individual [applies only after 1 Jan 1989]

Where personal information is solicited from the individual concerned, the collector shall ensure that person is aware of the purpose for which it is being collected, of any legal obligation to comply with the request, and of disclosure practices relating to it.

3. Solicitation of Information Generally [applies only after 1 Jan 1989]

When personal information is solicited, the collector shall ensure that it is relevant to the purpose of collection, up to date and complete, and that the collection is not unduly intrusive.

4. Storage and Security [applies generally]

A record-keeper shall ensure that records are secure against loss, unauthorised access, use, modification or disclosure, and against other misuse.

5. Public Access Rights [applies generally]

A record-keeper shall enable any individual to ascertain the nature, main purposes and subject access procedures relating to any personal information held, and shall maintain a record of such details.

6. Subject Access Rights [applies generally]

The individual concerned shall be entitled to have access to a record that contains personal information, except to the extent that the record-keeper is required or authorised to refuse.

7. Subject Alteration Rights [applies generally]

A record-keeper shall make reasonable alterations to ensure that records of personal information are accurate, relevant, up to date, complete and not misleading, and where unwilling to make an alteration, shall allow the individual concerned to attach to a record a statement of the alteration sought.

8. Quality of Information Used [applies generally]

A record-keeper shall not use personal information without taking reasonable steps to ensure that it is accurate, up to date and complete.

9. Relevance of Information Used [applies generally]

A record-keeper shall not use personal information unless it is relevant.

10. Use Limitations [applies only to data collected after 1 Jan 1989]

A record-keeper shall only use personal information for the purpose for which it was obtained, and for such additional purposes as are consented to by the individual, are authorised by law, are necessary in an emergency, and are reasonably necessary for the enforcement of the criminal law or of a law imposing a pecuniary penalty, or for the protection of the public revenue.

11. Disclosure Limitations [applies only to data collected after 1 Jan 1989]

A record-keeper shall only disclose personal information if the individual to whom it relates should have been aware that it was subject to disclosure, or the disclosure has been consented to by the individual, authorised by law, or is necessary in an emergency, or is reasonably necessary for the enforcement of the criminal law or of a law imposing a pecuniary penalty, or for the protection of the public revenue. In the last three cases a note to that effect shall be included in the record. The recipient of the information shall not use or disclose the information except for the purpose for which it was given it.

Navigation

Go to Roger's Home Page.

Go to the contents-page for this segment.

Send an email to Roger

Last Amended: 5 May 1996

These community service pages are a joint offering of the Australian National University (which provides the infrastructure), and Roger Clarke (who provides the content).

The Australian National University
Visiting Fellow, Faculty of
Engineering and Information Technology,

Information Sciences Building Room 211

Xamax Consultancy Pty Ltd, ACN: 002 360 456

78 Sidaway St
Chapman ACT 2611 AUSTRALIA

Tel: +61 6 288 6916 Fax: +61 6 288 1472