Roger Clarke's Web-Site

© Xamax Consultancy Pty Ltd,  1995-2024
Photo of Roger Clarke

Roger Clarke's 'Roger Clarke's NSW Privacy Guidelines'

N.S.W Guidelines for the Operation of Personal Data Systems

Roger Clarke **

Version of 7 February 2004, rev. 6 August 2012, 15 April 2013

© The Crown in the Right of the State of New South Wales, 1997

This document is at

A scan of the original document is available:
Front Cover (500KB), Body (2.2MB)


The N.S.W. Privacy Committee was established by Act of Parliament in 1975. It operated for 23 years, until it was succeeded by the N.S.W. Privacy Commissioner and his Office, as a result of the passage of the Privacy And Personal Information Protection Act 1998.

In April 1977, it published a set of 'Guidelines for the Operation of Personal Data Systems'. At that stage, there was a small number of bodies of Privacy Principles in existence, notably those of the legislation of Hesse (1970), Sweden (1973) and the U.S. (1974), and in the HEW report (1973). The OECD Expert Group that produced its Guidelines in 1980 had not yet been formed.

The NSWPC Principles were prepared by a team comprising Bill Orme (Executive Member), and Roger Clarke, Penny Goode and Graham Greenleaf (Research Officers). The various research domains (e.g. credit, media, health) were split among the Research Officers, and the primary responsibility for the personal data systems domain and for these Guidelines fell to me.

The document was 28 pages long, 18 pages of which explained the 7 Principles. This web-page contains the short-form of the Principles, reproduced from page 2. The document can be cited as:

NSWPC (1977) 'Guidelines for the Operation of Personal Data Systems', N.S.W. Privacy Committee, Sydney, document BP31, April 1977

Contents of the Guidelines Document

2. The Seven Basic Principles

These are intended to guide organisations in achieving their legitimate aims without undue intrusion into people's lives. In different situations different methods of implementation of these guidelines will be appropriate.

A. The Justification for the System

(1) Social Acceptability of the System's Purposes and Uses

A personal data system should exist only if it has a general purpose and specific uses which are socially acceptable.

(2) Relevance and Social Acceptability of Data for Specific Decisions

Personal data should only be used when it is relevant to the particular decision being made, and its use for this decision is socially acceptable.

B. The Operation of the System

(3) Data Collection

The minimum necessary data should be collected, using fair collection methods, and from appropriate sources.

(4) Data Integrity, Security and Retention

Standards should be established and maintained regarding data integrity, data security and the period for which identified personal data is retained.

(5) Data Access

Personal data should only be accessed consistently with the system's socially acceptable uses, and for additional uses by consent or by law.

C. Mechanisms of Public Access

(6) Public Access

The interested public should be able to know of the existence, purpose, uses and methods of operation of personal data systems; to object to any feature of a system; and where appropriate to have change enforced.

(7) Subject Access

Every person should be able to know of the existence and of the content of data which relates to himself; to complain about any feature of that data or its use; and where appropriate to have change enforced.

Author Affiliations

Roger Clarke is Principal of Xamax Consultancy Pty Ltd, Canberra. He is also a Visiting Professor in the Cyberspace Law & Policy Centre at the University of N.S.W., and a Visiting Professor in the Research School of Computer Science at the Australian National University.

xamaxsmall.gif missing
The content and infrastructure for these community service pages are provided by Roger Clarke through his consultancy company, Xamax.

From the site's beginnings in August 1994 until February 2009, the infrastructure was provided by the Australian National University. During that time, the site accumulated close to 30 million hits. It passed 65 million in early 2021.

Sponsored by the Gallery, Bunhybee Grasslands, the extended Clarke Family, Knights of the Spatchcock and their drummer
Xamax Consultancy Pty Ltd
ACN: 002 360 456
78 Sidaway St, Chapman ACT 2611 AUSTRALIA
Tel: +61 2 6288 6916

Created: 7 February 2004 - Last Amended: 15 April 2013 by Roger Clarke - Site Last Verified: 15 February 2009
This document is at
Mail to Webmaster   -    © Xamax Consultancy Pty Ltd, 1995-2022   -    Privacy Policy