Privacy and personal information

The Data Availability and Transparency Bill 2020 (DAT Bill) has been developed using a ‘privacy-by-design’ approach, which means that data privacy and security has been considered at every stage of the development of the legislation.

In line with feedback during our consultation period, organisations will not be able to use the Data Availability and Transparency scheme to request data for:

  • an enforcement-related purpose, such as law enforcement investigations; or
  • a purpose that relates to, or prejudices, national security.

If a data custodian, who must be a federal government agency, decides to share data that includes personal information, the data custodian must seek consent from those the personal information is about unless it is unreasonable or impracticable to do so.

The ‘unreasonable or impracticable’ language is drawn from the Privacy Act 1988 – it is about objectively considering what is reasonable and viable given the circumstances of the project.

If the data custodian decides to seek consent, the standard of consent is the same as applies under the Privacy Act 1988.

Privacy legislation and policies

The DAT Bill will operate alongside existing requirements for the collection, storage, integration and management of data, including the:

  • Privacy Act 1988, including the notifiable data breaches scheme for personal information and the Australian Government Agencies Privacy Code 2017 issued by the Information Commissioner
  • Freedom of Information Act 1982
  • Archives Act 1983 and National Archives of Australia information management standards
  • Protective Security Policy Framework requirements relating to the release of classified information.
Privacy regulators

The DAT Bill supports co-operation between the National Data Commissioner and privacy regulators.

Privacy Impact Assessments

We have commissioned 3 independent Privacy Impact Assessments (PIAs) during the design and development of the DAT Bill.

Copies of the 3 PIAs are available in the Resources section of our website:

The PIAs are essential to our ‘privacy-by-design’ philosophy as they allow for a balanced public conversation on the DAT Bill’s approach to privacy and security.