In effect from: 1 July 2025
The IP Act and other laws
Section 7 of the IP Act provides that it operates subject to the provisions of other Queensland legislation that deals with personal information. This means that where a Queensland Act has its own rules for how an agency should deal with personal information, that Act takes precedence over the IP Act.
Queensland Privacy Principle 3 (QPP 3) and QPP 6 also allow the collection, use and disclosure of personal information where it is authorised or required by an Australian law or by order of a court or tribunal.
This page provides information about the interaction between:
- the IP Act and the Human Rights Act 2019 (Qld), which applies to all agencies; and
- the IP Act and the Planning Act 2016 (Qld), which is only relevant to local government.
The Human Rights Act 2019 (Qld)
The operational provisions of the Human Rights Act 2019 (Qld) (HR Act) commenced on 1 January 2020 and set out human rights in twenty-three sections. Subject to some exceptions, it will be unlawful for a public entity to make a decision or take an action that is not compatible with human rights, or to make a decision and fail to give proper consideration to relevant human rights.
These exceptions include that the public entity could not reasonably have acted differently or made a different decision because of another law. Human rights may also be limited where that limit is justified and reasonable.
While there is a human right that relates to privacy, agencies must continue to collect, manage, store, secure and deal with personal information in a way that does not breach the IP Act.
Human rights complaints
Human rights complaints, including complaints about breaches of the human right to privacy, can be made to the Queensland Human Rights Commission (QHRC). However, the QHRC may, with the consent of the complainant, refer any complaints that involve or include an alleged breach of the privacy principles to the OIC.
Related processes and actions
As noted above, the HR Act requires public entities to make decisions and take actions that are compatible with and consider human rights. While the introduction of the HR Act did not alter an agency’s obligation to comply with the IP Act, the obligation to consider human rights, including the human right to privacy, will generally apply when dealing with processes or actions related to the privacy principles, for example, when making a decision to rely on section 28 of the IP Act or dealing with a privacy complaint.
The Planning Act and disclosure of personal information – for local government
Local governments must comply with both the IP Act and the planning laws. The below explains how the requirement to make planning and development documents publicly available under the Planning Act 2016 (Qld) (Planning Act) and the Planning Regulation 2017 (Qld) (Planning Regulation) interacts with the obligations in the IP Act.
The Planning Act
The Planning Act establishes a system of land use planning, development assessment, and related matters which facilitates ecological sustainability. Part of the way it achieves this is through public access to planning and development documents (PA documents).
This page does not discuss all PA documents which local government can or must make available to the public.
Collection of personal information under the Planning Act
The Planning Act requires local governments to collect personal information, for example when receiving submissions to development applications, which are required to contain information which is personal information, including:
- signature
- name and residential/business address; and
- postal or electronic address.
QPP 5 requires local governments to take reasonable steps to make individuals aware of certain matters when collecting personal information from them: why it's being collected, any legislative authority for its collection, and anyone to whom the local government regularly discloses it.
When collecting personal information from individuals under the Planning Act, local governments must ensure they meet their QPP 5 obligations. This is particularly important where the personal information will be disclosed to the public. A failure to do so may breach the IP Act, but it also removes the individual's ability to make an informed choice about whether to proceed, for example, with making a submission on a development application, and increases the likelihood of complaints.
A fact sheet which explains the Planning Act's requirement to make PA documents publicly available can be a useful tool to inform individuals and reduce potential complaints.
Disclosure of personal information under the Planning Act
QPP 6 sets the rules for when personal information can be disclosed, i.e. given to someone who doesn't know it and where the local government will cease to control what happens to it. Under QPP 6.2, personal information can be disclosed where it is authorised or required by a law.
This means PA documents containing personal information can be disclosed, for example, in a decision, provided the decision is authorised to be disclosed by the Planning Act. In those circumstance the disclosure of the decision containing personal information would not breach the IP Act. Conversely, making personal information publicly available in a way not provided for in the Planning Act and Regulation may be a breach of the IP Act.
Disclosure of personal information - planning decisions
The Planning Act requires that a copy of the planning decision be given to a number of entities, including the applicant and each submitter. The information contained in each decision must include the name, residential or business address, and electronic address of each submitter.
Disclosure of personal information - public access
Section 264 of the Planning Act provides for public access to the PA documents prescribed in the Planning Regulation, and sets out in what forms they can be made available, how access is to be given, and whether a fee is payable.
Section 70 of the Planning Regulation provides that schedule 22 lists the PA documents the local government must or may make publicly available and how they must or may be made publicly available. These include development applications and supporting material, and properly made submissions on development applications.
Section 264(6) of the Planning Act excludes information from the Planning Act and Regulation's public access obligations. Section 264(7) provides a discretion not to make some submitter information available.
Forms of public access
Schedule 22 of the Planning Regulation provides for different forms of public access to PA documents: inspection only, inspection and purchase, and website publication.
Where the PA documents contain personal information, it may be a breach of the IP Act to make them available in a different way. For example, if a schedule 22, section 2 document, which the Planning Regulation provides are only available for inspection, was published on a website it would likely be an IP Act breach.
Exclusion from public access - section 264(6) of the Planning Act
Under section 264(6) of the Planning Act, the requirement to make PA documents publicly available does not apply to the documents in schedule 22, section 14 of the Planning Regulation to the extent the local government reasonably considers they contain:
- information of a purely private nature about an individual (eg the individual's residential or email address or phone number); or
- sensitive security information (eg the location of a safe).
The documents listed in schedule 22, section 14 are:
- the supporting material for a development application or change application
- the documents listed in schedule 22, section 5(2)(a) of the Planning Regulation; and
- the documents listed in schedule 22, section 1(1)(zg)-(zl) of the Planning Regulation.
Purely private and sensitive security information should be removed from these PA documents before they are made publicly available. Purely private information falls within the definition of personal information, so a failure to remove it before making one of these documents publicly available may be an IP Act breach.
This is because section 264(6) of the PA Act removes the legal authority to disclose “information of a purely private nature about an individual" and “sensitive security information" in those PA documents.
Discretion not to disclose – submitter's information
Section 264(7) of the Planning Act provides a discretion to not disclose the name, contact details or signature of someone who makes a properly made submission to a development or change application.
Local governments are not required to remove this information before making the submission publicly available, and a failure to do so will not be a breach of the IP Act, but it is important to consider whether the discretion should be exercised. Relevant considerations could include:
- whether the submitter has requested that their details be removed and any reasons for making the request
- the impact on the submitter's privacy if their details are not removed
- the nature of the development application and its contentiousness
- the nature and content of the submission
- the extent to which the presence of the submitter's details contributes to the purpose of the Planning Act; and
- whether removing the submitter's details would have a negative impact on the purpose of the Planning Act.
A publicly available policy or procedure setting out when the discretion will be applied, and how submitters can request the removal of this information, will help ensure a consistent approach to section 264(7).
Discretionary website publication
The Planning Regulation requires some PA documents to be published on the local government's website; for others, website publication is optional but not required (see, for example, schedule 22, section 7(4)).
Some PA documents, once published, must remain on the website indefinitely; others are only required to stay on the website for a set time, but there is a discretion to leave them published for longer. For example, schedule 22, section 5(1) documents must be available on the website for the time stated in section 5(3), but section 7(2) allows them to remain on the website after the period expires.
Where the PA documents contain personal information, it is not a breach of the IP Act to exercise a discretion to publish them to the website or to leave them published once they can be removed, but it is important to consider whether the discretion to not publish or to unpublish should be exercised, either generally or in particular circumstances. A policy or procedure will assist in ensuring the discretion is consistently applied.
Development applications and local government meetings
In some circumstances, an impact assessable development application may be referred to a local government meeting to decide or consider.
Local government meetings are governed by the Local Government Regulation 2012 (Qld) (LG Regulation). Under section 254F of the LG Regulation, minutes of the local government meeting must be taken, they must include each relevant report for the meeting, and they must be made publicly available.
Meeting minutes are generally published on the local government's website and the meetings themselves may be streamed to the internet, with recordings made available online. This means documents and information related to the development application (eg the development assessment report, properly made submissions, supporting material) will become publicly available—even if they would not be publicly available under the Planning Act or Regulation.
While making them publicly available will not be a breach of the IP Act, because their disclosure is required by the LG Regulation, it could have a significant impact on individual privacy.
Local governments should consider whether personal information should be removed from the documents, eg names and contact details of submitters who objected to a development application, before tabling them at the meeting or whether submissions or other documents containing personal information can be summarised in the development report rather than being tabled.