Publication date: 24 February 2014

Preliminary page

The Office of the Australian Information Commissioner (OAIC) was established on 1 November 2010 by the Australian Information Commissioner Act 2010.

All OAIC publications can be made available in a range of accessible formats for people with disabilities. If you require assistance, please contact the OAIC.

Date of initial publication: February 2014

Creative Commons

Creative Commons CC-BY

With the exception of the Commonwealth Coat of Arms, and to the extent that copyright subsists in a third party, this report, its logo and front page design are licensed under a Creative Commons Attribution 3.0 Australia licence.

To the extent that copyright subsists in third party quotes and diagrams it remains with the original owner and permission may be required to reuse the material.

Content from these guidelines should be attributed as: Office of the Australian Information Commissioner, Australian Privacy Principles guidelines.

Enquiries regarding the licence and use of the guidelines are welcome at:

Office of the Australian Information Commissioner
GPO Box 5218 Sydney NSW 2001
Telephone: 1300 363 992
Email: Web:


The Privacy Act 1988 (Privacy Act) s 28(1)(a) provides that the Australian Information Commissioner may make guidelines for the ‘avoidance of acts or practices that may or might be interferences with the privacy of individuals, or which may otherwise have any adverse effects on the privacy of individuals’. Additionally, s 28(1)(c)(i) provides that one of the functions of the Commissioner is to promote an understanding and acceptance of the Australian Privacy Principles (APPs) and the objects of those principles.

The Australian Privacy Principles guidelines (APP guidelines) outline:

  • the mandatory requirements in the APPs, which are set out in Schedule 1 of the Privacy Act
  • the Information Commissioner’s interpretation of the APPs, including the matters that the Office of the Australian Information Commissioner may take into account when exercising functions and powers relating to the APPs
  • examples that explain how the APPs may apply to particular circumstances
  • good privacy practice to supplement minimum compliance with the mandatory requirements in the APPs

The APP guidelines are not legally binding and do not constitute legal advice about how an entity should comply with the APPs in particular circumstances. An entity may wish to seek independent legal advice where appropriate.

The APP guidelines may be updated from time to time, including to take account of changes in the Privacy Act or other legislation, determinations made under s 52 of the Privacy Act and relevant tribunal and court decisions.

Prof. John McMillan
Australian Information Commissioner


General matters

Part 1 — Consideration of personal information privacy

Part 2 — Collection of personal information

Part 3 — Dealing with personal information

Part 4 — Integrity of personal information

Part 5 — Access to, and correction of, personal information

A comprehensive contents page appears at the beginning of each chapter of the APP guidelines.