The Office of the Australian Information Commissioner has just released the third and final tranche of the Australian Privacy Principle Guidelines for consultation. Consultations will close Monday 16 December 2013.

Background

In November 2012 the Australian Parliament passed the Privacy Amendment (Enhancing Privacy Protection) Act 2012 to amend the Privacy Act 1988. The amendments are due to commence on 12 March 2014.

Under section 28(1) of the Amendment Act, the Australian Information Commissioner has the power to make "guidelines for the avoidance of acts or practices that may or might be interferences with the privacy of individuals, or which may otherwise have any adverse effects on the privacy of individuals" (APP Guidelines). The Information Commissioner is developing the guidelines prior to 12 March 2014 so that APP entities have an opportunity to consider the APP Guidelines and prepare accordingly.

As part of this process, the Information Commissioner is currently in consultation with Australian Government agencies, private sector organisations and individuals about the APP Guidelines. This consultation process is occurring in three stages:

  1. The first stage, on the General matters (Chapters A to D) and APPs 1 to 5 (Chapters 1 to 5) ran from 23 August 2013 until 20 September 2013.
  2. The second stage, on APPs 6 to 11 (Chapters 6 to 11) ran from 20 September until 21 October 2013.
  3. The third and final stage, on APPs 12 and 13 (Chapters 12-13) commenced yesterday and will end on 16 December 2013.

While the APP Guidelines are not a legislative instrument, they serve an important role in outlining how the Information Commissioner interprets and applies the APPs when exercising functions and powers under the Privacy Act relating to the APPs. The draft guidelines on APP 12 and APP 13, released yesterday, will surely be closely analysed by Australian Government Agencies, private sector organisations and individuals as they internally review their privacy procedures to ensure they comply with the new obligations under the Amendment Act.

Guidelines to APP 12 – Access to Personal Information – Key points

APP 12 requires an APP entity that holds personal information about an individual to give the individual access to that information on request.

APP 12 also sets out other requirements in relation to giving access, including how access is to be given and when access can be refused. There are separate grounds on which agencies and organisations may refuse to give access.

APP 12 operates alongside and does not replace other informal or legal procedures by which an individual can be provided with access to information, including the Freedom of Information Act that provides a right of access to information held by agencies.

Guidelines to APP 13 – Correction of Personal Information – Key points

APP 13 requires an APP entity to take reasonable steps to correct personal information to ensure that, having regard to the purpose for which it is held, it is accurate, up-to-date, complete, relevant and not misleading.

APP 13 sets out minimum procedural requirements in relation to correcting personal information.

APP 13 operates alongside and does not replace other informal or legal procedures by which an individual can seek correction of their personal information, including informal arrangements and, for agencies, the Freedom of Information Act.

Closing time for submissions

Consultations will close Monday 16 December 2013.