Other Legislation

In addition to the New South Wales (NSW) laws covering your rights to privacy, there may be other laws which apply to certain situations.

NSW laws

Besides the Privacy and Personal Information Protection Act 1998 (PPIP Act), other NSW laws which may concern your rights to privacy are:

• Workplace Surveillance Act 2005 (NSW)
• Surveillance Devices Act 2007 (NSW)
• Adoption Act 2000 (NSW)
• Assisted Reproductive Technology Act 2007 (NSW)
• Crimes (Forensic Procedures) Act 2000 (NSW)
• Criminal Records Act 1991 (NSW)

The Australian Privacy Act 1988 (Cth)

The Privacy Act 1988 (Cth) which is managed by the office of the Australian Privacy Commissioner:

• sets out privacy standards for dealing with personal information
• applies to Australian Government and ACT government agencies
• applies to private sector organisations.

Other Australian laws which may apply include:

• Telecommunications Act 1997 
• Telecommunications (Interception and Access) Act 1979 (Cth)
• National Health Act 1953
• Data-Matching Program (Assistance and Tax) Act 1990
• Crimes Act 1914
• Anti-Money Laundering and Counter-Terrorism Financing Act 2006
• Healthcare Identifiers Act 2010
• Personally Controlled Electronic Health Records Act 2012
• Personal Property Securities Act 2009

Please visit the office of the Australian Privacy Commissioner's website to find out more information about the Australian Privacy Act and other Australian laws.

Which Act applies to my situation?

In some cases there will be other laws, policies and standards besides the PPIP Act which can be used to judge if your privacy has been breached. For example, a complaint against releasing information about a person’s criminal record will be assessed with the Criminal Records Act 1991. A complaint about a search of a bag at the supermarket may be assessed against industry best practice guidelines.

When giving advice or investigating complaints about the handling of personal information by organisations that do not need to comply with NSW laws, we judge the situation using the data protection principles. In other cases, we will rely on the following general tests to judge whether your privacy rights have been breached:

• Intruding on your private affairs 
• Public release of embarrassing facts about you 
• Publicity which places you in a false light
• Assuming your name or likeness, theft of your identity.

In any case, if the Privacy Commissioner investigates a privacy complaint and concludes there was a breach of your privacy, the Commissioner will try to resolve the matter by mediation. Different processes apply in this case.