The IT Law Wiki


Privacy Amendment (Enhancing Privacy Protection) Act 2012.


The Act introduces a number of changes to the Privacy Act 1988. These changes include a single set of 13 new privacy principles for both the public and private sector, called the Australian Privacy Principles (APPs), which will replace the existing IPPs and the NPPs.

The security of personal information is dealt with in APP 11. The obligations in APP 11 are similar to those in NPP/IPP 4. However, APP 11 will require an entity to take reasonable steps to protect personal information from 'interference', as well as from misuse, loss, unauthorised access, modification or disclosure. The inclusion of 'interference' in APP 11 is intended to recognise that attacks on personal information may not be limited to misuse or loss, but may also interfere with the information in a way that does not amount to a modification of the content of the information (such as attacks on computer systems).

Under the Act, the definition of sensitive information in s 6(1) of the Privacy Act 1988 will be amended to include biometric information that is to be used for the purpose of automated biometric verification or biometric identification, and biometric templates.