‘Accountability’ principle
Background32.3 Accountability principles provide a framework through which requirements for the handling of personal information can be enforced. Most commonly, accountability principles require a regulated entity to identify a person or persons who will take responsibility for that entity’s compliance. For example, the Organisation for Economic Co-operation and Development’s Guidelines on the Protection of Privacy …
Publications
Read more‘Prevention of Harm’ principle
Background32.17 There is a question about whether the model UPPs should contain a ‘Prevention of Harm’ principle. Such a provision would require agencies and organisations ‘to prevent tangible harms to individuals and to provide for appropriate recovery for those harms if they occur’.[20]32.18 The Asia-Pacific Economic Cooperation Privacy Framework,[21] for example, states:Recognizing the interests of …
Publications
Read more‘No Disadvantage’ principle
Background32.23 During the course of the Inquiry, stakeholders suggested that a ‘No Disadvantage’ principle or provision should be included in the Privacy Act. That is, a provision prohibiting agencies and organisations from unfairly disadvantaging an individual on the basis that he or she is seeking to assert his or her privacy rights. In the context …
Publications
Read moreInteraction with the ‘Use and Disclosure’ principle
31.177 Under the NPPs, an organisation that wants to transfer personal information outside Australia needs to determine whether the disclosure of that information to someone outside Australia will comply with NPP 2 (the Use and Disclosure principle). The organisation then needs to determine whether the transfer will satisfy at least one of the conditions set …
Publications
Read moreDefinition of ‘transfer’
31.182 The ALRC also examined whether it would be useful to distinguish the term ‘transfer’ from the terms ‘use’ and ‘disclosure’. One option for dealing with this issue is to define ‘transfer’ in the Privacy Act to include the situation where personal information is stored in Australia in such a way that allows it to …
Publications
Read moreList of overseas jurisdictions
31.206 The Privacy Act does not provide a definition of what constitutes a ‘substantially similar’ set of principles for the purposes of NPP 9(a).[314] The OPC Review noted that stakeholders had expressed frustration at the lack of guidance regarding the countries whose laws provide adequate protection equivalent to the NPPs. In this situation the onus …
Publications
Read moreInternational privacy protection
31.11 In order to ensure that Australian organisations are not disadvantaged in the international market, Australia must be able to meet the international community’s expectations of privacy protection while not impeding the free flow of information across borders. In this section, international models of data protection are outlined. European Union Data Protection Directive31.12 The EU …
Publications
Read moreCurrent coverage of cross-border data flows
Extraterritorial operation of the Privacy Act31.71 Section 5B of the Privacy Act applies the Act (and approved privacy codes) to acts done, or practices engaged in, outside Australia by an organisation, if the act or practice relates to personal information about an Australian citizen or permanent resident and either the organisation:is linked to Australia by …
Publications
Read moreContent of the model ‘Cross-border Data Flows’ principle
Accountability31.93 Professor Greenleaf, Nigel Waters and Associate Professor Lee Bygrave submitted that the six conditions under NPP 9 will generally be sufficient to allow any legitimate transfer overseas of personal information, even when those transfers may harm the interests of the data subjects concerned. They argued that data exporters should remain liable for breaches of …
Publications
Read moreRegulation of Tax File Numbers
Background to the enhanced TFN scheme30.130 In May 1988, following the demise of the Australia Card scheme, the then Treasurer, the Hon Paul Keating MP, announced that the Australian Government intended to introduce an enhanced TFN scheme.[194] In 1988, legislation establishing such a scheme was passed.[195] 30.131 Before 1988, TFNs were simply numbers used by …
Publications
Read more