Priority recommendations for Privacy Act reform

1. Collection threshold
   Create an explicit necessity and proportionality requirement for the collection of personal information.
2. PIA requirement
   Require departments to conduct privacy impact assessments in high-risk situations.
3. Orders
   Provide the Privacy Commissioner with the power to issue binding orders.
4. Safeguards
   Adopt an explicit legislative requirement to safeguard personal information.
5. Breach reporting
   Create a legislative requirement for breach reporting.
6. Discretion to report
   Provide more discretion to the Privacy Commissioner to publicly report.
7. Discretion to decline
   Provide the Privacy Commissioner with discretion to discontinue or decline complaints.