Principal, Xamax Consultancy Pty Ltd, Canberra
Visiting Professor, Baker & McKenzie Cyberspace Law & Policy Centre, University of N.S.W.
Visiting Professor, E-Commerce Programme, University of Hong Kong
Visiting Fellow, Department of Computer Science, Australian National University
Version of 7 February 2004
© The Crown in the Right of the State of New South Wales, 1997
This document is at http://www.anu.edu.au/people/Roger.Clarke/DV/NSWPCGs.html
The N.S.W. Privacy Committee was established by Act of Parliament in 1975. It operated for 23 years, until it was succeeded by the N.S.W. Privacy Commissioner and his Office, as a result of the passage of the Privacy And Personal Information Protection Act 1998.
In April 1977, it published a set of 'Guidelines for the Operation of Personal Data Systems'. At that stage, there was a small number of bodies of Privacy Principles in existence, notably those of the legislation of Hesse (1970), Sweden (1973) and the U.S. (1974), and in the HEW report (1973). The OECD Expert Group that produced its Guidelines in 1980 had not yet been formed.
The NSWPC Principles were prepared by a team comprising Bill Orme (Executive Member), and Roger Clarke, Penny Goode and Graham Greenleaf (Research Officers). The various research domains (e.g. credit, media, health) were split among the Research Officers, and the primary responsibility for the personal data systems domain and for these Guidelines fell to me.
The document was 28 pages long, 18 pages of which explained the 7 Principles. This web-page contains the short-form of the Principles, reproduced from page 2. The document can be cited as:
NSWPC (1977) 'Guidelines for the Operation of Personal Data Systems', N.S.W. Privacy Committee, Sydney, document BP31, April 1977
These are intended to guide organisations in achieving their legitimate aims without undue intrusion into people's lives. In different situations different methods of implementation of these guidelines will be appropriate.
A personal data system should exist only if it has a general purpose and specific uses which are socially acceptable.
Personal data should only be used when it is relevant to the particular decision being made, and its use for this decision is socially acceptable.
The minimum necessary data should be collected, using fair collection methods, and from appropriate sources.
Standards should be established and maintained regarding data integrity, data security and the period for which identified personal data is retained.
Personal data should only be accessed consistently with the system's socially acceptable uses, and for additional uses by consent or by law.
The interested public should be able to know of the existence, purpose, uses and methods of operation of personal data systems; to object to any feature of a system; and where appropriate to have change enforced.
Every person should be able to know of the existence and of the content of data which relates to himself; to complain about any feature of that data or its use; and where appropriate to have change enforced.
Go to Roger's Home Page.
Go to the contents-page for this segment.
Created: 7 February 2004
Last Amended: 7 February 2004
| These community service pages are a joint offering of the Australian National University (which provides the infrastructure), and Roger Clarke (who provides the content). | |
| The Australian National University Visiting Fellow, Faculty of Engineering and Information Technology, Information Sciences Building Room 211 | Xamax Consultancy
Pty Ltd, ACN: 002 360 456 78 Sidaway St Chapman ACT 2611 AUSTRALIA Tel: +61 2 6288 1472, 6288 6916 |