• Specific Year
    Any

PRIVACY AND DATA PROTECTION ACT 2014

Table of Provisions

PART 1--PRELIMINARY

  • 1 Purposes  
  • 2 Commencement  
  • 3 Definitions  
  • 4 Interpretation  
  • 5 Objects  
  • 6 Relationship of this Act to other laws  
  • 7 Rights and liabilities  
  • 8 Act binds the Crown  

PART 1A--FUNCTIONS, POWERS OF INFORMATION COMMISSIONER AND APPOINTMENT OF PRIVACY AND DATA PROTECTION DEPUTY COMMISSIONER

Division 1--Performance of functions

  • 8A Functions of Information Commissioner  
  • 8B Functions of Privacy and Data Protection Deputy Commissioner  
  • 8C Information privacy functions  
  • 8D Protective data security and law enforcement data security functions  
  • 8E Performance of concurrent functions  
  • 8F Information Commissioner may confer functions on Privacy and Data Protection Deputy Commissioner  
  • 8G General powers of Information Commissioner and Privacy and Data Protection Deputy Commissioner  

Division 2--Privacy and Data Protection Deputy Commissioner

  • 8H Appointment of Privacy and Data Protection Deputy Commissioner  
  • 8I Terms and conditions of appointment of Privacy and Data Protection Deputy Commissioner  
  • 8J Remuneration  
  • 8K Vacancy and resignation of Privacy and Data Protection Deputy Commissioner  
  • 8L Suspension and removal from office  
  • 8M Acting Privacy and Data Protection Deputy Commissioner  
  • 8N Validity of acts and decisions  

Division 3--General

  • 8O Delegation  
  • 8P Directions  

PART 2--APPLICATION OF THIS ACT

  • 9 Definition  
  • 10 Courts, tribunals etc.  
  • 10A Royal Commissions etc.  
  • 11 Parliamentary Committees  
  • 12 Publicly-available information  

PART 3--INFORMATION PRIVACY

Division 1--Application of this Part

Division 2--Information Privacy Principles

Division 3--Codes of practice

  • 21 Codes of practice  
  • 22 Process for approval of code of practice or code amendment  
  • 23 Organisations bound by code of practice  
  • 24 Effect of approved code  
  • 25 Codes of practice register  
  • 26 Revocation of approval  
  • 27 Effect of revocation of approval or amendment or expiry of approved code  

Division 4--Capacity to consent or make a request or exercise right of access

  • 28 Capacity to consent or make a request or exercise right of access  

Division 5--Public interest determinations and temporary public interest determinations

  • 29 Public interest determination  
  • 30 Application taken to be application for temporary public interest determination on request  
  • 31 Information Commissioner may make public interest determination  
  • 32 Effect of public interest determination  
  • 33 Duration of public interest determination  
  • 34 Amendment of public interest determination  
  • 35 Revocation of public interest determination  
  • 36 Reporting and review  
  • 37 Temporary public interest determination  
  • 38 Application for temporary public interest determination  
  • 39 Information Commissioner may make temporary public interest determination  
  • 40 Duration of temporary public interest determination  
  • 41 Revocation of temporary public interest determination  
  • 42 Disallowance of determinations  

Division 6--Information usage arrangements

Division 7--Certification

  • 55 Information Commissioner may certify consistency of act or practice  
  • 56 Review of decision to issue certificate  

Division 8--Information privacy complaints

  • 57 Complaints  
  • 58 Complaint referred to Information Commissioner  
  • 59 Complaints by minors  
  • 60 Complaints by people with a disability  
  • 61 Information Commissioner must notify respondent  
  • 62 Circumstances in which Information Commissioner may decline to entertain complaint  
  • 63 Information Commissioner may refer complaint  
  • 64 Information Commissioner may dismiss stale complaint  
  • 65 Minister may refer a complaint direct to VCAT  
  • 66 What happens if conciliation is inappropriate?  
  • 67 Conciliation process  
  • 68 Information Commissioner may issue notice to produce or attend  
  • 69 Conciliation agreements  
  • 70 Evidence of conciliation is inadmissible  
  • 71 What happens if conciliation fails?  
  • 72 VCAT may make interim orders before hearing  
  • 73 When may VCAT hear a complaint?  
  • 74 Who are the parties to a proceeding?  
  • 75 Time limits for complaints referred by the Minister  
  • 76 Inspection of exempt documents by VCAT  
  • 77 What may VCAT decide?  

Division 9--Enforcement of Information Privacy Principles and approved information usage arrangements

  • 78 Compliance notice  
  • 79 Power to compel production of documents or attendance of witness  
  • 82 Offence not to comply with compliance notice  
  • 83 Application for review  

Division 10--Notices to produce or attend

  • 83A Notice to produce or attend  
  • 83B Variation or revocation of a notice to produce or attend  
  • 83C Service of notice to produce documents or to attend  
  • 83D Office of the Information Commissioner to report to the Victorian Inspectorate on issue of notice to produce or attend  
  • 83E Power to take evidence on oath or affirmation  
  • 83F Legal advice and representation  
  • 83G Protection of legal practitioners and persons—notice to produce or attend  
  • 83GA Audio or video recording of examination  
  • 83H Failure to comply with notice to produce or attend  
  • 83I Reasonable excuse—self-incrimination  
  • 83J Reasonable excuse—cabinet documents and legal professional privilege  
  • 83K Statutory secrecy not a reasonable excuse  
  • 83L Act applies equally to attendance in person or by audio or audio visual link  

PART 4--PROTECTIVE DATA SECURITY

Division 1--Application of Part

  • 84 Application of Part  

Division 2--Protective data security framework

  • 85 Information Commissioner to develop Victorian protective data security framework  

Division 3--Protective data security standards

  • 86 Information Commissioner may issue protective data security standards  
  • 87 Amendment, revocation or reissue of standards  
  • 88 Compliance with protective data security standards  

Division 4--Protective data security plans

PART 5--LAW ENFORCEMENT DATA SECURITY

  • 91 Application of Part  
  • 92 Information Commissioner may issue law enforcement data security standards  
  • 93 Inconsistency with protective data security standards  
  • 94 Compliance with law enforcement data security standards  

PART 6--GENERAL POWERS OF INFORMATION COMMISSIONER

Division 1--General powers of Information Commissioner

  • 106 Information Commissioner may require access to data and data systems from public sector body Heads  
  • 107 Information Commissioner may require access to data and data systems from Chief Commissioner of Police  
  • 108 Information Commissioner may request access to crime statistics data  
  • 109 Information Commissioner may copy or take extracts from data  
  • 110 Public sector body Heads to provide assistance  
  • 111 Reports to the Minister and other reports  
  • 112 Disclosure during course of compliance audit—data security  
  • 113 Disclosure to the IBAC  

Division 2--Reporting

  • 116 Annual reports  

PART 7--GENERAL

  • 117 Protection from liability  
  • 118 Employees and agents  
  • 119 Fees for access  
  • 120 Secrecy  
  • 121 Information Commissioner to give notice before certain disclosures  
  • 122 Offence to obstruct, mislead or provide false information  
  • 123 Offences by organisations or bodies  
  • 124 Prosecutions  
  • 125 Regulations  

PART 8--REPEAL OF ACTS AND TRANSITIONAL AND SAVINGS PROVISIONS

  • 126 Repeal of Information Privacy Act 2000  
  • 127 Repeal of Commissioner for Law Enforcement Data Security Act 2005  
  • 128 Transitional and savings provisions  
  • 129 Transitional provisions—Freedom of Information Amendment (Office of the Victorian Information Commissioner) Act 2017  

Navigate