AIC Privacy Protections
Rules for ASIS, DSD and DIGO
The Australian Secret Intelligence Service (ASIS), Defence Signals Directorate (DSD) and Defence Imagery and Geospatial Organisation (DIGO), the foreign intelligence collection agencies, each have robust regimes governing the collection of intelligence on Australian persons.
In particular, ASIS, DSD and DIGO (as collectors of foreign intelligence) are required to gain ministerial authorisation to collect intelligence intentionally on any Australian person or entity. In providing an authorisation, the minister must be satisfied that the activity he or she is authorising is necessary for the proper performance of a function of the agency concerned and that there are arrangements in place to ensure that activity carried out under the auspices of these authorisations is reasonable and is limited to the function of the agency concerned.
To ensure the privacy of Australian persons or entities when intelligence has been collected on an Australian person or entity, the Ministers responsible for ASIS, DSD and DIGO have been required, under section 15 of the Intelligence Services Act 2001 (the ISA), to make written rules to regulate the communication and retention by the relevant agency of intelligence information concerning Australian persons.
In making these rules, the Minister is required to have regard to the need to ensure that the privacy of Australian persons is preserved as far as is consistent with the proper performance by the agency of its functions.
Before making the privacy rules, the Minister must consult with, and provide a copy of the rules the Minister is proposing to make, to the Inspector‑General of Intelligence and Security and to the Attorney‑General.
The ASIS Privacy Rules, the DSD Privacy Rules and the DIGO Privacy Rules prohibit these agencies from communicating intelligence information concerning Australian persons, except in accordance with those privacy rules.
Guidelines for DIO and ONA
The Inspector-General proposed in October 2003 that ONA and DIO (the assessment agencies) should develop arrangements to regulate their dissemination of intelligence information regarding Australian persons. This issue was included in the 2004 administrative review of the ISA. The review recommended that DIO and ONA develop privacy guidelines in consultation with the Attorney-General and the Inspector-General.
These recommendations were accepted by government.
The DIO and ONA guidelines are consistent with the rules made under section 15 of the ISA, that apply to ASIS, DSD and DIGO. The Guidelines for ONA came into effect on 2 December 2005 while those for DIO were effective from 20 December 2005.
Attorney-General’s Guidelines for ASIO
The Australian Security Intelligence Organisation (ASIO) operates under the authority of the Australian Security Intelligence Organisation Act 1979 (the ASIO Act), Under section 8A(1) and 8A(2) of the ASIO Act, the Attorney-General (the Minister responsible for ASIO) provides the Director-General of Security with the ‘Attorney-General's Guidelines’ in relation to the performance by the Australian Security Intelligence Organisation of its function of obtaining, correlating, evaluating and communicating intelligence relevant to security (including politically motivated violence).Section 13 of the Attorney-General’s Guidelines provides guidance on the treatment of personal information. In particular, that ASIO is required to only collect, use, handle or disclose personal information for purposes connected with its statutory functions.