COVIDSafe App
Run consultation | Check Fact Cross References | Check Fact Translations/* http://austlii.community/foswiki/DataLex/DTS4A2J/COVIDSafeAct */ DEFAULT ACT Privacy Act 1988 /*OBJECTS*/ PERSONTHING the potential offender STRING the name of the potential offender PROMPT what is the name of the person or organisation who may have committed an offence in relation to data relating to the COVIDSafe app and/or the COVIDSafe app TRANSLATE AS the name of the potential offender PERSONTHING the potential obligor STRING the name of the potential obligor PROMPT what is the name of the person or organisation who may have received data related to the COVIDSafe app in error TRANSLATE AS the name of the potential obligor /*LINKS*/ LINK COVID app data TO http://beta.datalex.org/app/consultation?rulebase=http%3A%2F%2Faustlii.community%2Ffoswiki%2FDataLex%2FDTS4A2J%2FHowToDetermineWhetherDataIsCOVIDAppData LINK State or Territory health authority TO http://www5.austlii.edu.au/au/legis/cth/consol_act/pa1988108/s6.html#solicits LINK contact tracing TO http://www5.austlii.edu.au/au/legis/cth/consol_act/pa1988108/s94d.html LINK contracted service provider TO http://www5.austlii.edu.au/au/legis/cth/consol_act/pa1988108/s6.html#consumer_credit_related_purpose LINK National COVIDSafe Data Store TO http://www5.austlii.edu.au/au/legis/cth/consol_act/pa1988108/s6.html#mortgage_insurance_purpose LINK COVIDSafe app TO http://www5.austlii.edu.au/au/legis/cth/consol_act/pa1988108/s6.html#court_proceedings_information LINK former-COVIDSafe user TO http://www5.austlii.edu.au/au/legis/cth/consol_act/pa1988108/s94n.html LINK COVIDSafe user TO http://www5.austlii.edu.au/au/legis/cth/consol_act/pa1988108/s6.html#court_proceedings_information LINK Commissioner TO http://www5.austlii.edu.au/au/legis/cth/consol_act/pa1988108/s6.html#collects LINK communication device TO http://www5.austlii.edu.au/au/legis/cth/consol_act/pa1988108/s6.html#commonwealth_officer LINK communication devices TO http://www5.austlii.edu.au/au/legis/cth/consol_act/pa1988108/s6.html#commonwealth_officer LINK encrypted data TO http://austlii.community/foswiki/DataLex/DTS4A2J/Definitions LINK de-identified TO http://www5.austlii.edu.au/au/legis/cth/consol_act/pa1988108/s6.html#default_information LINK data store administrator TO https://www.dta.gov.au/our-privacy-policy#dta-as-covidsafe-data-store-administrator LINK Part VIIIA TO http://www5.austlii.edu.au/au/legis/cth/consol_act/pa1988108/s94a.html LINK Health Minister TO https://www.health.gov.au/ministers LINK registration data TO http://www5.austlii.edu.au/au/legis/cth/consol_act/pa1988108/s6.html#record LINK penalty units TO http://www5.austlii.edu.au/au/legis/cth/consol_act/ca191482/s4aa.html LINK Section 15.1 of the Criminal Code Act 1995 TO http://www5.austlii.edu.au/cgi-bin/viewdoc/au/legis/cth/consol_act/cca1995115/sch1.html#Division_15_--_Extended_geographical_jurisdiction LINK file a complaint TO https://www.oaic.gov.au/privacy/privacy-complaints/lodge-a-privacy-complaint-with-us/ LINK click here TO http://beta.datalex.org/app/?rulebase=http://austlii.community/foswiki/DataLex/DTS4A2J/FilingAComplaintOAIC LINK Office of the Australian Information Commissioner TO https://www.oaic.gov.au/
LINK soon as practicable TO http://www.austlii.edu.au/cgi-bin/sinosrch.cgi?mask_path=;method=auto;query=soon%20as%20practicable%20COVIDSafe;excerpt=1;offset=0 /*GOAL RULES*/ GOAL RULE Is advice needed on laws regarding the mishandling of data relating to the COVIDSafe app (e.g. its collection, use, disclosure, upload or decryption)? PROVIDES an offence has been identified ONLY IF the potential offender has committed an offence under s 94E OR the potential offender has committed an offence under s 94F(1) OR the potential offender has committed an offence under s 94F(2) OR the potential offender has committed an offence under s 94D OR the potential offender has committed an offence under s 94G GOAL RULE Is advice needed on whether requiring the use of the COVIDSafe app is unlawful? PROVIDES an offence has been identified ONLY IF the potential offender has committed an offence under s 94H(1) OR the potential offender has committed an offence under s 94H(2) GOAL RULE Is advice needed on laws requiring the deletion of data received in error? PROVIDES an obligation exists ONLY IF the potential obligor is obligated to delete the data and notify the data store administrator that the data was received in error GOAL RULE Is advice needed on the data store administrator's obligations in regards to data relating to the COVIDSafe app? PROVIDES an obligation may have been breached ONLY IF the data store administrator is obligated to take all reasonable steps to ensure that COVID app data is not retained on a communication device AND the data store adminstrator would likely be in breach if they do not comply with their obligations OR the data store administrator is obligated to take all reasonable steps to delete any registration data of the person that has been uploaded from the device to the National COVIDSafe Data Store as soon as practicable, or if it is not practicable, the data store administrator must not use or disclose the data for any purpose OR the data store administrator is obligated to not collect COVID app data related to the user through a particular communication device OR the data store administrator is obligated not to collect any COVID app data or make the COVIDSafe app available to be downloaded AND the data store administrator is obligated to delete all COVID app data from the National COVIDSafe Data Store as soon as reasonably practicable AND the data store administrator is obligated to inform the Health Minister and the Commissioner that all COVID app data has been deleted from the National COVIDSafe Data Store as soon as reasonably practicable AND the data store administrator is obligated to take all reasonable steps to inform all COVIDSafe users (other than former-COVIDSafe users) that all COVID app data has been deleted from the National COVIDSafe Data Store, data can no longer be collected, and that they should delete the COVIDSafe app from their communication devices /*RULES*/ RULE Information Commissioner Complaint PROVIDES you may wish to file a complaint with the Office of the Australian Information Commissioner. If you would like assistance with the complaint, click here ONLY IF an offence has been identified OR an obligation exists OR an obligation may have been breached RULE Privacy Act 1988 s 94D applies PROVIDES the potential offender has committed an offence under s 94D ONLY IF the potential offender has collected, used or disclosed data relating to the COVIDSafe app AND the data (being considered here under s 94D) is COVID app data AND s 94D(1)(c) applies AND s 94D(3) does not apply IF the potential offender has committed an offence under s 94D THEN the penalty is imprisonment for 5 years of 300 penalty units or both RULE s 94D(2) PROVIDES s 94D(1)(c) does not apply ONLY IF the s 94D(2)(a) exception applies OR the s 94D(2)(b) exception applies OR the s 94D(2)(c) exception applies OR the s 94D(2)(d) exception applies OR the s 94D(2)(e) exception applies OR the s 94D(2)(f) exception applies OR the s 94D(2)(g) exception applies RULE s 94D(2)(a) PROVIDES the s 94D(2)(a) exception applies ONLY IF the potential offender is employed by, or in the service of, a State or Territory health authority AND the potential offender has collected, used or disclosed the COVID app data for the purpose of, and only to the extent required for the purpose of, undertaking contact tracing RULE s 94D(2)(b) PROVIDES the s 94D(2)(b) exception applies ONLY IF the potential offender is an officer or employee of the data store administrator OR the potential offender is a contracted service provider for a government contract with the data store administrator AND the potential offender has collected, used or disclosed the COVID app data for the purpose of, and only to the extent required for the purpose of enabling contact tracing by persons employed by, or in the service of, State or Territory health authorities OR the potential offender has collected, used or disclosed the COVID app data for the purpose of, and only to the extent required for the purpose of ensuring the proper functioning, integrity or security of the COVIDSafe app or of the National COVIDSafe Data Store RULE s 94D(2)(c) PROVIDES the s 94D(2)(c) exception applies ONLY IF the data was disclosed or collected for the purpose of transferring encrypted data between communication devices through the COVIDSafe app OR the data was disclosed or collected for the purpose of transferring encrypted data, through the COVIDSafe app, from a communication device to the National COVIDSafe Data Store RULE s 94D(2)(d) PROVIDES the s 94D(2)(d) exception applies ONLY IF the data was collected, used or disclosed for the purpose of, and only to the extent required for the purpose of, the Commissioner performing the functions or exercising the powers of the Commissioner under or in relation to Part VIIIA (this Part) RULE s 94D(2)(e) PROVIDES the s 94D(2)(e) exception applies ONLY IF the data was collected, used or disclosed for the purpose of, and only to the extent required for the purpose of investigating whether Part VIIIA (this Part) has been contravened or for a prosecution for an offence under this Part RULE s 94D(2)(f) PROVIDES the s 94D(2)(f) exception applies ONLY IF the data was used by the data store administrator AND the data was used for the purpose of, and only to the extent required for the purpose of, producing de-identified statistical information about the total number of registrations through the COVIDSafe app RULE s 94D(2)(g) PROVIDES the s 94D(2)(g) exception applies ONLY IF the data was used by the data store administrator AND the data was required by s 94L to be deleted AND the data was used for the purpose of, and only to the extent required for the purpose of, confirming that the correct data is being deleted RULE s 94D(3) PROVIDES s 94D(3) applies ONLY IF the collection of the COVID app data occurred as part of the collection, at the same time, of data that is not COVID app data (non-COVID app data) AND the collection of the COVID app data was incidental to the collection of the non-COVID app data AND the collection of the non-COVID app data is permitted under Australian law AND the COVID app data was deleted as soon as practicable after the potential offender became aware that it had been collected AND the COVID app data was not otherwise accessed, used or disclosed by the potential offender after it was collected RULE Privacy Act 1988 s 94E PROVIDES the potential offender has committed an offence under s 94E ONLY IF the potential offender has uploaded, or caused to be uploaded, data from a communication device to the National COVIDSafe Data Store AND the data (being considered here under s 94E) is COVID app data AND consent has not been given to the upload RULE Privacy Act 1988 s 94E(c) PROVIDES consent has not been given to the upload ONLY IF consent has not been given to the upload by the COVIDSafe user in relation to that device, or by a parent, guardian or carer of the user, if the user is unable to give consent or has requested a parent, guardian or carer to act on their behalf IF the potential offender has committed an offence under s 94E THEN the penalty is imprisonment for 5 years or 300 penalty units, or both RULE Privacy Act 1988 s 94F(1) PROVIDES the potential offender has committed an offence under s 94F(1) ONLY IF the potential offender has retained data on a database outside Australia AND the data (being considered here under s 94F(1)) is COVID app data AND the data has been uploaded from a communication device to the National COVIDSafe Data Store IF the potential offender has committed an offence under s 94F(1) THEN the penalty is imprisonment for 5 years or 300 penalty units, or both RULE Privacy Act 1988 s 94F(2) PROVIDES the potential offender has committed an offence under s 94F(2) ONLY IF the potential offender has disclosed data to another person outside Australia AND the data (being considered here under s 94F(2)) is COVID app data AND the data has been uploaded from a communication device to the National COVIDSafe Data Store AND the s 94F(2)(c) exception does not apply RULE Privacy Act 1988 s 94F(2)(c) PROVIDES the s 94F(2)(c) exception applies ONLY IF the potential offender is a person who is employed by, or in the service of, a State or Territory health authority AND the potential offender disclosed the data for the purpose of, and only to the extent required for the purpose of, undertaking contact tracing IF the potential offender has committed an offence under s 94F(2) THEN the penalty is imprisonment for 5 years or 300 penalty units, or both RULE Privacy Act 1988 s 94G PROVIDES the potential offender has committed an offence under s 94G ONLY IF the potential offender decrypted encrypted data AND the data (being considered here under s 94G) is COVID app data AND the data is stored on a communication device IF the potential offender has committed an offence under s 94G THEN the penalty is imprisonment for 5 years or 300 penalty units, or both RULE Privacy Act 1988 s 94H(1) PROVIDES the potential offender has committed an offence under s 94H(1) ONLY IF the potential offender has required another person to download the COVIDSafe app to a communication device OR the potential offender has required another person to have the COVIDSafe app in operation on a communication device OR the potential offender has required another person to consent to uploading data from a communication device to the National COVIDSafe Data Store AND the data (being considered here under s 94H(1)) is COVID app data IF the potential offender has committed an offence under s 94H(1) THEN the penalty is imprisonment for 5 years or 300 penalty units, or both RULE Privacy Act 1988 s 94H(2) PROVIDES the potential offender has committed an offence under s 94H(2) ONLY IF the potential offender has refused to enter into, or continue, a contract or arrangement with another person (including a contract of employment) AND/OR the potential offender has taken adverse action (within the meaning of the Fair Work Act 2009 ) against another person AND/OR the potential offender has refused to allow another person to enter premises that are otherwise accessible to the public AND/OR the potential offender has refused to allow another person to enter premises that the other person has a right to enter AND/OR the potential offender has refused to allow another person to participate in an activity AND/OR the potential offender has refused to receive goods or services from another person, or insists on providing less monetary consideration for the goods or services AND/OR the potential offender has refused to provide goods or services to another person, or insists on receiving more monetary consideration for the goods or services AND the potential offender did act on the grounds that the other person had not downloaded and/or had the COVIDSafe app in operation and/or consented to upload COVID app data from a communication device to the National COVIDSafe Data Store IF the potential offender has committed an offence under s 94H(2) THEN the penalty is imprisonment for 5 years or 300 penalty units, or both RULE Privacy Act 1988 s 94J PROVIDES Section 15.1 of the Criminal Code Act 1995 - (extended geographical jurisdiction--category A) applies ONLY IF the potential offender has committed an offence under s 94D OR the potential offender has committed an offence under s 94E OR the potential offender has committed an offence under s 94F(1) OR the potential offender has committed an offence under s 94F(2) OR the potential offender has committed an offence under s 94G OR the potential offender has committed an offence under s 94H(1) OR the potential offender has committed an offence under s 94H(2) RULE Data retention - Privacy Act 1988 s 94K PROVIDES the data store administrator is obligated to take all reasonable steps to ensure that COVID app data is not retained on a communication device ONLY IF data relating to the COVIDSafe app has been retained on a communication device for more than 21 days AND the data has been retained for longer than practicably necessary AND the data (being considered here under s 94K) is COVID app data RULE Data retention obligations PROVIDES the data store adminstrator would likely be in breach if they do not comply with their obligations ONLY IF the data store administrator is obligated to take all reasonable steps to ensure that COVID app data is not retained on a communication device RULE Data deletion on request - Privacy Act 1988 s 94L PROVIDES the data store administrator is obligated to take all reasonable steps to delete any registration data of the person that has been uploaded from the device to the National COVIDSafe Data Store as soon as practicable, or if it is not practicable, the data store administrator must not use or disclose the data for any purpose ONLY IF a request to delete their registration data has been made by a COVIDSafe user or a former-COVIDSafe user in relation to a communication device AND/OR the user is unable to make the request or have they requested their parent, guardian or carer to make a request on their behalf to delete the registration data AND the data is not de-identified data AND the data was not uploaded from another COVIDSafe user's communication device and collected through the interaction between the devices RULE Data deletion in case of error - Privacy Act 1988 s 94M PROVIDES the potential obligor is obligated to delete the data and notify the data store administrator that the data was received in error ONLY IF the potential obligor received data related to the COVIDSafe app in error AND the data (being considered here under s 94M) is COVID app data RULE Data collection bar - Privacy Act 1988 s 94N PROVIDES the data store administrator is obligated to not collect COVID app data related to the user through a particular communication device ONLY IF the person is a former-COVIDSafe user AND the data (being considered here under s 94N) is COVID app data RULE COVIDSafe data period - Privacy Act 1988 s 94P(1) PROVIDES the data store administrator is obligated not to collect any COVID app data or make the COVIDSafe app available to be downloaded ONLY IF the COVIDSafe data period has ended RULE COVIDSafe data period - Privacy Act 1988 s 94P(2) PROVIDES the data store administrator is obligated to delete all COVID app data from the National COVIDSafe Data Store as soon as reasonably practicable ONLY IF the COVIDSafe data period has ended RULE COVIDSafe data period - Privacy Act 1988 s 94P(3)(a) PROVIDES the data store administrator is obligated to inform the Health Minister and the Commissioner that all COVID app data has been deleted from the National COVIDSafe Data Store as soon as reasonably practicable ONLY IF the COVIDSafe data period has ended RULE COVIDSafe data period - Privacy Act 1988 s 94P(3)(b) PROVIDES the data store administrator is obligated to take all reasonable steps to inform all COVIDSafe users (other than former-COVIDSafe users) that all COVID app data has been deleted from the National COVIDSafe Data Store, data can no longer be collected, and that they should delete the COVIDSafe app from their communication devices ONLY IF the COVIDSafe data period has ended /* RULE COVIDSafe data period - Privacy Act 1988 s 94Y PROVIDES the COVIDSafe data period has ended ONLY IF the Health Minister has consulted, or considered recommendations from, the Commonwealth Chief Medical Officer or the Australian Health Protection Principal Committee AND the Health Minister is satisfied that the use of the COVIDSafe app is no longer required or likely to be effective in preventing or controlling the entry, emergence, establishment or spread of COVID-19 AND the Health Minister has determined by notifiable instrument the day that the COVIDSafe data period will end, and that day has passed. */ RULE COVIDSafe data period - Privacy Act 1988 s 94Y PROVIDES the COVIDSafe data period has ended ONLY IF the Health Minister has determined by notifiable instrument the day that the COVIDSafe data period will end AND that day has passed
This website is using cookies. More info.
That's Fine