Federal Register of Legislation - Australian Government

Primary content

Privacy Amendment Act 2004

Act No. 49 of 2004 as amended, taking into account amendments up to Act No. 9 of 2006
An Act to amend the Privacy Act 1988, and for related purposes
Administered by: Attorney-General's
Registered 11 Apr 2006
Start Date 21 Apr 2004

Privacy Amendment Act 2004

Act No. 49 of 2004 as amended

This compilation was prepared on 5 April 2006

[This Act was amended by Act No. 9 of 2006]

Amendment from Act No. 9 of 2006

[Schedule 2 (item 21) amended item 11 of Schedule 1

Schedule 2 (item 21) commenced immediately after 21 April 2004]

Prepared by the Office of Legislative Drafting and Publishing,
Attorney-General’s Department,
Canberra

 

  

  


Contents

1............ Short title............................................................................................ 1

2............ Commencement.................................................................................. 1

3............ Schedule(s).......................................................................................... 1

Schedule 1—Amendment of the Privacy Act 1988                                               2

Part 1—Extra-territorial application of National Privacy Principle 9            2

Part 2—Extension of correction rights to non-Australians                                3

Part 3—Approved privacy codes                                                                               4

Part 4—Use of government payroll identifiers                                                       5

Part 5—Additional audit function for Privacy Commissioner                           6

 


An Act to amend the Privacy Act 1988, and for related purposes

[Assented to 21 April 2004]

The Parliament of Australia enacts:

1  Short title

                   This Act may be cited as the Privacy Amendment Act 2004.

2  Commencement

                   This Act commences on the day on which it receives the Royal Assent.

3  Schedule(s)

                   Each Act that is specified in a Schedule to this Act is amended or repealed as set out in the applicable items in the Schedule concerned, and any other item in a Schedule to this Act has effect according to its terms.


 

Schedule 1Amendment of the Privacy Act 1988

Part 1Extra-territorial application of National Privacy Principle 9

1  Paragraph 5B(1)(a)

Omit “the act”, substitute “subject to subsection (1A), the act”.

2  After subsection 5B(1)

Insert:

          (1A)  Paragraph (1)(a) does not apply in relation to National Privacy Principle 9.

Note:          Because of subsection (1A), the extra-territorial application of National Privacy Principle 9 is not limited by the citizenship etc. requirement of paragraph (1)(a).

3  Application of amendments

The amendments made by items 1 and 2 apply to acts done, or practices engaged in, after the commencement of this Part.


 

Part 2Extension of correction rights to non-Australians

4  Subsection 41(4)

Repeal the subsection.

5  Application of amendment

The amendment made by item 4 applies to acts done, or practices engaged in, after the commencement of this Part.


 

Part 3Approved privacy codes

6  After section 18BA

Insert:

18BAA  Privacy codes may cover exempt acts or practices

             (1)  Despite paragraph 7(1)(ee), a privacy code may be approved even if it covers exempt acts or practices.

             (2)  If an approved privacy code covers exempt acts or practices, this Act applies in relation to the code as if those acts or practices were not exempt acts or practices.

Note:          Because of subsection (2), if an approved privacy code covers an act or practice that would usually be exempt:

(a)           the act or practice, if done or engaged in by an organisation bound by the code, may constitute an interference with the privacy of an individual as defined in section 13A; and

(b)           section 16A obliges an organisation bound by the code not to breach the code by doing or engaging in the act or practice; and

(c)           the act or practice, if done or engaged in by an organisation bound by the code, may be the subject of a complaint and investigation under Part V.


 

Part 4Use of government payroll identifiers

7  Subsection 100(2)

Omit “Before the Governor-General”, substitute “Subject to subsection (3), before the Governor-General”.

8  At the end of section 100

Add:

             (3)  Subsection (2) does not apply to the making of regulations for the purposes of paragraph 7.2(c) of the National Privacy Principles if:

                     (a)  the regulations prescribe an organisation, or class of organisations; and

                     (b)  the regulations prescribe an identifier, or class of identifiers, of a kind commonly used in the processing of pay, or deductions from pay, of Commonwealth officers, or a class of Commonwealth officers; and

                     (c)  the circumstances prescribed by the regulations for the use or disclosure by the organisation, or an organisation in the class, of the identifier, or an identifier in the class, relate to the provision by the organisation of superannuation services for the benefit of Commonwealth officers; and

                     (d)  before the regulations are made, the Minister consults the Commissioner about the proposed regulations.

             (4)  In subsection (3):

superannuation services includes the management, processing, allocation and transfer of superannuation contributions.

9  Subclause 7.2 of Schedule 3 (note)

Omit “subsection 100(2)”, substitute “subsections 100(2) and (3)”.


 

Part 5Additional audit function for Privacy Commissioner

10  After paragraph 27(1)(h)

Insert:

                    (ha)  to conduct audits of particular acts done, and particular practices engaged in, by agencies in relation to personal information, if those acts and practices, and those agencies, are prescribed by regulations made for the purposes of this paragraph;

11  Subsection 32(1)

After “(h),” (first occurring), insert “(ha),”.