What are the principles of security identifier?

A unique identifier is generally a number allocated to an individual to recognize the person for the reasons of an agency services. For example, a tax file number, drivers licence number, data set identifier.

This principle confine the sharing of unique identifiers among agencies. It provides a safeguard against the creation of an individual identifier that can be used to crossmatch data across agencies. This principle includes the following which are as follows −

• An agency should not assign unique identifiers to individuals, unless it is important to allow the agency to perform its functions efficiently.

• An agency should not adopt a unique identifier of an individual that has been assigned by another agency unless −

  • It is essential to allow the agency to implement its functions efficiently.

  • It has acquired the permission of the individual to do so.

  • It is an outsourcing agency accepting the unique identifier generated by a contract service provider in the concert of its responsibility to the outsourcing agency under a service contract.

• An agency should not utilize or disclose a unique identifier allocated to an individual by another agency unless the use or revelation is necessary for the agency to fulfil its obligations to that multiple agency and it has get the consent of the individual to the use or disclosure, or the agency reveals personal information about an individual for a reason (the secondary goals) other than the primary goals for collecting it.

  If an agency reasonably treated that the use or disclose is essential to lessen or avoid a serious and looming threat to the individual’s or another person life, health or safety or a severe hazard to public health or public safety.

  If an agency has cause to suspect that unlawful activity has been, is being or can be occupied in and uses or discloses the data as an essential part of its investigation of the matter or in documenting its issues to relevant persons or authorities.

• An agency reasonably treated that the use or disclosure is reasonably important for one or more of the following by or on behalf of a law enforcement agency −

  • It can be avoiding, identifying, investigating, prosecuting or punishing an offence or a breach of a prescribed law.

  • It can be enforcing a law associating to the confiscation of proceeds of crime.

  • It can be securing public revenue.

  • It can be avoiding, identifying, investigating or remedying seriously improper conduct or prescribed conduct.

  • It can be preparing for or implementing proceedings before a court or tribunal or implementing the series of a court or tribunal.

• An agency should not need an individual to support a unique identifier so as to acquire a service unless its provision is needed or authorized by law, or is in connection with the goals for which the unique identifier was assigned or for a directly connected goals.