Chapter 9: Privacy Safeguard 9 — Adoption or disclosure of government related identifiers by accredited data recipients

15 November 2022

Download the print version (version 4.0)

Update Information

We are currently in the process of publishing the current version of the Privacy Safeguard Guidelines on the OAIC’s website in HTML format. In the meantime, if you need assistance because the document you need is not available in a format you can access, please contact us at cdr@oaic.gov.au.

Key points

  • Privacy Safeguard 9 sets out a prohibition on accredited data recipients of CDR data from adopting, using or disclosing government related identifiers unless required or authorised:
    • under another Australian law other than the consumer data rules (CDR Rules) or a court/tribunal order, or
    • as prescribed by regulations made under the Privacy Act 1988 (Privacy Act).
  • A government related identifier is a number, letter or symbol, or a combination of any or all of those things, that has been assigned by certain government entities and is used to identify the individual or to verify the identity of the individual.
  • Privacy Safeguard 9 only concerns government related identifiers of a consumer who is an individual.
  • An individual cannot consent to the adoption, use or disclosure of their government related identifier.