The Key Privacy Concepts guidelines explain important words and phrases used in the Information Privacy Act 2009 (Qld) (IP Act). They are intended to assist in the interpretation and application of the privacy principles in the IP Act.
The following Information Privacy Principles (IPPs) and National Privacy Principles (NPPs) include the concept of ‘purpose’.
The purpose for which personal information is collected is determined by the intent behind the collection. Personal information may not be collected for the sake of collecting it, or against a possible future need. There must be a clearly defined purpose for which it is being collected, required for, or intended to further, a legitimate agency function.
The purpose for collection will need to be articulated where IPP 2 or NPP 2(3) apply. A purpose which is too broad, or which is not sufficiently defined, may not be a legitimate purpose under those privacy principles.
The purpose for which personal information is to be collected – for example, to be used as part of a project, scheme, or review – should be specifically defined before the agency begins to collect it.
The amount of information and the specific uses to which it will be put must be set out as part of the project plan, and only the information essential to that purpose should be collected.
Current as at: July 19, 2013