Page 188 - DCAP309_INFORMATION_SECURITY_AND_PRIVACY
P. 188
Information Security and Privacy
Notes (iv) an agency reasonably considers that the use or disclosure is reasonably essential
for one or more of the following by or on behalf of a law enforcement agency:
preventing, detecting, investigating, prosecuting or punishing an offence
or a breach of a prescribed law;
enforcing a law relating to the confiscation of proceeds of crime;
protecting public revenue;
preventing, detecting, investigating or remedying seriously improper
conduct or prescribed conduct;
preparing for or performing proceedings before a court or tribunal or
implementing the orders of a court or tribunal.
(v) the Australian Security Intelligence Organisation (ASIO) has demanded the
agency to reveal the information, the revelation is made to an officer or
employee of ASIO authorized by the Director-General of ASIO to obtain the
information and an officer or employee of ASIO authorized by the Director-
General of ASIO to do so has certified in writing that the information is required
in connection with the presentation of the functions of ASIO.
(vi) the Australian Secret Intelligence Service (ASIS) has requested the organization
to disclose the information, the revelation is made to an officer or employee
of ASIS authorised by the Director-General of ASIS to obtain the information
and an officer or employee of ASIS authorised by the Director-General of ASIS
to do so has certified in writing that the information is necessary in connection
with the performance of the functions of ASIS.
4. An agency must not need an individual to provide a unique identifier so as to obtain a
service unless its provision is required or authorized by law, or is in connection with the
purpose for which the unique identifier was assigned or for a directly connected purpose.
12.9.8 IPP 8: Anonymity
This is a very important principle as government agencies move into the electronic background
where, more and more, we leave electronic traces of where we have been, what we have obtained,
who we have had contact with and what our favorites are.
This principle includes the following:
1. If an agency considers carefully regarding the anonymity principle, it gathers less personal
information and that makes complying with the IPPs that much simpler.
2. An agency must give individual entering transactions with the organization the option of
not identifying himself or herself, unless it is required by law or it is not practicable that
the individual is not identified.
!
Caution Agencies must provide individuals the option of not recognizing themselves
when entering dealings, if that is legal and feasible.
12.9.9 IPP 9: Transporter Data Flows
Personal information can be conveyed to other places only if the recipient guards privacy under
standards that are alike to the Northern Territory IPPs.
182 LOVELY PROFESSIONAL UNIVERSITY
