Street Scene

THIS PAGE IS SUBJECT TO REVIEW AND RE-ISSUE


Rules to Protect the Privacy of Australians

I, Robert John Carr, Minister for Foreign Affairs, being the Minister responsible for the Australian Secret Intelligence Service (ASIS), revoke the Rules to Protect the Privacy of the Australians made by Stephen Francis Smith, the then Minister for Foreign Affairs, on 17 September 2008 and make the attached rules, in accordance with section 15 of the Intelligence Service Act 2001 (“the Act”), regulating the communication and retention by ASIS of intelligence information concerning Australian persons.

Before making the attached rules, I have:

  1. provided a copy of the rules I am proposing to make to the Inspector-General of Intelligence and Security (IGIS) and Attorney-General; and
  2. consulted the Director-General of ASIS, the IGIS and the Attorney-General.

Expressions used in the attached rules have the same meaning as in the Act.

Rule 1: Protecting the privacy of Australian persons – presumptions

1.1 These rules regulate the communication and retention of intelligence information concerning Australian persons. Where it is not clear whether a person is an Australian person:

  1. a person within Australia is to be presumed to be an Australian person; and
  2. a person outside Australia is to be presumed not to be an Australian person;

unless there is evidence to the contrary, including from the context in which the information was collected or the content of the information.

Rule 2: Retention of intelligence information concerning Australian persons

2.1 ASIS may retain intelligence information concerning an Australian person only where it is necessary to do so for the proper performance of ASIS’s functions or the retention is authorised or required by or under another Act.

2.2 Where ASIS does retain intelligence information concerning an Australian person, ASIS is to ensure that:

  1. the information is protected, by such security safeguards as it is reasonable in the circumstances to take, against loss, against unauthorised access, use, modification or disclosure, and against other misuse; and
  2. access to that information is only to be provided to persons who require such access for the proper performance of an ASIS function.

Rule 3: Communication of intelligence information concerning Australian persons

3.1 ASIS may communicate intelligence information concerning Australian persons only where it is necessary to do so for the proper performance of ASIS’s functions or where such communication is authorised or required by or under another Act. In addition, the following specific rules apply.

Information that is important for specified purpose

3.2 Intelligence information concerning an Australian person may be communicated where:

  1. the information is publicly available; or
  2. the information concerns activities in respect of which the Australian person is a representative of the Commonwealth or a State or Territory in the normal course of official duties; or
  3. deletion of that part of the information concerning the Australian person would significantly diminish the utility of the information for the purposes of:
    1. maintaining Australia’s national security;
    2. maintaining Australia’s national economic well-being;
    3. promoting Australia’s foreign relations;
    4. preventing or investigating the commission of a serious crime; or
    5. responding to an apparent threat to the safety of a person; or
  4. the information concerns an Australian person who is, or was at the time the information was collected, the subject of an authorisation given by the Minister under section 9 of the Act.

Communication to ASIO, DIGO or ASD for their purposes

3.3 Intelligence information concerning an Australian person may be communicated to ASIO, DIGO or ASD (as the case requires) where it relates, or appears to relate, to the performance of the functions of the relevant agency.

Rule 4: Communication of information not deliberately collected

4.1 ASIS may communicate intelligence information concerning an Australian person that was not deliberately collected to an authority that ASIS is permitted to cooperate with, provided the authority has been approved by the Minister for the purpose of this rule.

4.2 Before approving an authority for the purpose of rule 4.1, the Minister is to be satisfied that there are satisfactory arrangements in place to ensure that the authority will abide by the ASIS privacy rules.

Rule 5: Accuracy of information

5.1 ASIS is to take reasonable steps to ensure that intelligence information that ASIS retains or communicates concerning Australian persons is recorded or reported in a fair and reasonable manner.

Rule 6: Oversight by the IGIS

6.1 To facilitate the oversight role of the IGIS, ASIS is to take the following measures:

  1. the IGIS is to have access to all intelligence information held by ASIS concerning Australian persons;
  2. the IGIS is to be consulted about the processes and procedures applied by ASIS to the communication and retention of information concerning Australian persons; and
  3. where a presumption under rule 1.1(b) has been found to be incorrect ASIS is to advise the IGIS of the incident and measures taken by ASIS to protect the privacy of the individual; and
  4. in any case where a breach of these rules is identified, ASIS is to advise the IGIS of the incident and the measures taken by ASIS to protect the privacy of the Australian person or of Australian persons generally.

Rule 7: Public access to the rules

7.1 ASIS is to ensure that a copy of these rules is publicly available on the ASIS website.

Print Logo

© Copyright Commonwealth of Australia 2014